Hallsten Innovations

Custom Technology Development Company Focused on Making Good Ideas into Deliverable Solutions that are Built-to-spec, On-time, and On-budget

  • Services
    • Design Capabilities
    • Free Napkin Reviews
    • IoT Design
    • Raspberry Pi Platform Development
    • BeagleBone Platform Development
  • About
    • About Us
    • Our Team
    • Clients
    • Partners
    • Hallsten Tweets
    • Careers
  • Blog
  • Engage

Designing with Azure Sphere and the 7 Pillars of IoT Security

October 24, 2018 By Jon Hallsten

  • 1share
  • 1LinkedIn
  • 0Facebook
  • 0Twitter
  • 0Reddit
  • 0Email

Before the advent of our very connected world, not a thought was given to locking up a light switch, putting a string password on an HVAC temperature controller, or creating individual hardware security credentials for a fleet of thermostats.

There was never a reason to suspect sinister situations.  And if something was up (with an HVAC system), you could feel it!

But today, compromised devices are often not trying to hack the primary function of a device, but instead endeavoring to capture it’s internet connectivity and use it as a rogue agent, or bot, for nefarious schemes.

This ‘not the primary function’ concept has made it difficult for those outside of the business to comprehend the security challenges of the 21st century.  Maybe we shouldn’t call something HACKED, but rather, involved in a ‘hostile takeover’.

The Mirai botnet attacks of 2016 (CCTV cameras bringing down East Coast USA Internet) and the Target break a couple years earlier (HVAC systems allowing access to data systems, and subsequently credit card data) highlight our problem with 20th century thinking against 21st century reality.  This doesn’t even cover the designed for exploitation devices coming from China.

The Genius of Pulling from History

There’s one company in the world that has had the unique experience of being the target of countless hack, virus, trojan and malware attacks against their platform…

and that’s Microsoft.

For good or for bad, our friends in the Pacific Northwest have slogged through a punishing plethora of bad guys that play more like a series of Rocky movies than a business history.  With experience in the ubiquitous Windows OS, and the slightly more closed Xbox gaming platform, Microsoft has rolled with the punches.

This experience has been excessive, exasperating, and, now, here as of late – a gold mine of knowledge.

Understanding the 7 Pillars of IoT Security that Underline Microsoft’s new Azure Sphere

That gold mine of Microsoft experience… results in 7 clear directives on how to build a secure ecosystem.  Their Xbox devices, for example, have gone from instantly hackable to now, rock solid.  These pillars trend from hardware root of trust, to failure monitoring and all the way up to cloud infrastructure.

Now, they’ve packaged holistic IoT security for the rest of us – Azure Sphere is Microsoft’s recently deployed IoT security oriented ecosystem that includes vetted microcontrollers, the secured OS that runs on those microcontrollers (based on the Linux kernel – an incredible admission if you know Microsoft’s history), and a full cloud suite based on Azure.

The seven pillars of IoT security delivered in the Azure Sphere system as a complete package is as follows:

  • Hardware Root of Trust – The identifying cryptographic keys are embedded and protected by secure element physical hardware with a hardware firewall around it.  Microsoft calls this security sub-system Pluton.
  • Certificate-Based Authentication – Well beyond passwords, certificates are unforgeable and prove device authenticity.
  • Small Trusted Computing Base – Only a small portion of the device firmware has access to the private cryptography keys.
  • Defense in Depth – Multiple layers of security that mitigate attacks.
  • Compartmentalization –  On-Chip Software Systems are highly comparmentalized, leaving little access from compartment to compartment.
  • Failure Reporting – Ecosystem monitoring to watch for threats, and threat methodologies.
  • Renewable Security – Let Microsoft update security systems – Just like a Windows System update.  Nice.

I am most impressed with what Microsoft borrows from our shared experience with Windows OS Personal Computers.  Because the stack of tools flows from hardware all the way to cloud, Microsoft inserts itself (just like on your Windows machine) to push “critical” security updates to your edge device (microcontroller) directly – without user or system admin action.

Having a live up-to-date and on-the-job security partner is advantageous – both for Hallsten Innovations (IoT design team) as well as our current and future clients.  A partner that prioritizes security for devices on the platform is a push towards sustainability and reliability.

Azure Sphere is one of Many Tools in the Hallsten Innovations Toolkit

Hallsten Innovations is consistently exploring the latest technologies from hardware and software vendors, as well as cloud based and open source initiatives.

Microsoft’s Azure Sphere is a new compelling offering in our best of class capabilities and platform experience that we will continue to leverage on the appropriate solutions going forward.

Do you have a need for an edge to cloud secure solution?  Please reach out – we look forward to earning your “trust”.

 

Hallsten IoT News

Join our list

Subscribe to our mailing list and get interesting stuff and updates to your email inbox.

Thank you for subscribing.

Something went wrong.

We respect your privacy and take protecting it seriously

About Hallsten Innovations Ltd.

Hallsten Innovations is a custom technology development company focused on making good ideas into deliverable solutions that are built-to-spec, on-time, and on-budget ... custom electronics, solid software, and connectedness (spelled "IoT") are our passions. With offices in Ohio, Chicago, and the UK, our team of talented engineers and developers bring diverse skills to your project... electronic, industrial, mechanical design; embedded systems software; wireless communications; mobile app design and development; cloud services; and full life-cycle support (napkin -> prototype -> production -> deployment -> scale -> maintenance).

We're not afraid of the complex, multi-faceted challenges and we listen before we act.

Got an idea on a napkin? Need to up your game with your existing technology products? Looking to deploy in the harshest industrial/outdoor environments? Want to add advanced diagnostics? If yes... please bring us your napkins... and we look forward to earning your solution partner trust.

Bring Us Your Napkins!™  
 

Reach out to us at
info@hallsteninnovations.com or 1 (877) 210-6162

Copyright © 2023 Hallsten Innovations Ltd. · 877.210.6162 · Email · Privacy Statement