Now Reading
Microsoft new OS for IoT devices: Azure Sphere OS

Microsoft new OS for IoT devices: Azure Sphere OS

A few days ago Microsoft introduced its new operating system designed for IoT devices: Azure Sphere OS. The new operating system aims at providing a secure-by-default platform to build IoT services and thus avoiding the pitfalls that made such devices so prone even to unsophisticated attacks that rogue organizations use them to build botnets or to compromise users’ privacy.

The new OS

Azure Sphere is just a part of a broader solution to provide a secure platform for IoT that also includes custom microcontrollers that implement Microsoft 7 rules for IoT security and a security service that runs on Azure to verify the status of each device and report any error or possible compromission. That service will also provide updates to the OS and possibly remediation services for misbehaving devices.


While many users on the Internet focused on the fact that Azure Sphere OS is based on a modified Linux kernel, Microsoft solution is quite more complicated than that. Many have been surprised by the fact that Microsoft is essentially providing a Linux distribution, though it isn’t the first time that Microsoft is shipping Unix if one remembers Xenix old days, but there are more interesting things about this solution other than the kernel that OS is running.

For sure it is interesting that Microsoft decided that Windows is too heavy to run onto microcontrollers and it resorted to a Linux-based solution. While many speculate about the inability of Microsoft to create a lightweight version of Windows, I think that they choose Linux for a simple reason: to gain some traction into the IoT space they obviously need to open-source the OS and I don’t think that they would be ready to provide an open-source version of Windows, albeit highly customized. At the same time, it would be difficult to push IoT partners into its camp with a closed-source software, given that most of them rely on free and lightweight specialized Linux distributions.

Moreover, since when Azure started, Microsoft became more a services provider rather than a software maker so its main goal is to create software that could be plugged into Azure whatever it is based upon. So no surprises that they decided not to reinvent the wheel by using an highly customized Linux-based environment and extend it with “Windows-inspired security features”. Microsoft also ran custom chips for years in their Xbox consoles.

It would be difficult to push IoT partners into its camp with a closed-source software, given that most of them rely on free and lightweight specialized Linux distributions

What is more interesting is the fact that Microsoft used containers to secure that environment. While for sure Azure Sphere OS has a specialized version of containerization, containers are emerging as a key mechanism to save resources while providing a high degree of security. Microsoft already implemented containers into its Windows Server 2016 and refined the concept to be able to run Linux as a part of Windows and it also provides Linux containers on a Windows machine, thus dramatically improving productivity and flexibility.

At VaiSulWeb we are designing our next-generation services upon containerization and, above all, upon the dramatic productivity that emerges from being able to run Windows and Linux-based containers on Windows Servers so it’s very interesting to notice that our plan to use containers as a security boundary could be proven good, though we’re not sure that is true on plain Linux too.

Azure Sphere microcontrollers will use a certificate-based authentication mechanism that will identify every single device, something very close to what IMEI code is for smartphones. Such certificates will be brokered by Azure Sphere Service on Azure itself so Microsoft will act as the root authority for the eco-system and it will also provide updates for both the base OS and its applications. We have no doubts that the experience Redmond has in providing updates to hundreds of millions (if not billions) of PC and Xboxes will definitely help in providing updates to tens of billions of IoT devices.

Ambitious plan
Microsoft plan is for sure ambitious as they aim to lay down a platform for billions or more devices. They can edge the costs to provide a free OS with the fees that they can collect with their cloud services so their business model can easily work without licensing fees for the base OS. Moreover, Azure Sphere eco-system solves many common problem that companies face when designing their own devices: from security to authentication, from updates to telemetry and remediation and let companies focus on writing the “applications” they need for their own purposes, leaving the other issues to the Sphere eco-system.

Things could be even more interesting if .NET could be used to develop such applications, as I’m pretty sure that .NET Core (or a trimmed-down version of the framework) is part of the equation. We will know more about this when SDKs will be released, later this year.

What's your reaction?
Love It
Hate it
Wow !
About The Author
The Server-Side Technology Staff
The Server-Side Technology Staff
You must unlearn what you have learned.

Leave a Response