Microsoft built its own custom Linux kernel for its new IoT service | TechCrunch

Microsoft announced the launch of a secure end-to-end IoT product that focuses on microcontroller-based devices. At the core of Azure Sphere is a new class of certified MCUs. MediaTek is producing the first set of these new MCUs (single-core ARM-A7 systems that run at 500MHz).

Interesring twist is that for the first time ever, Microsoft is launching and promoting a custom Linux kernel and distribution: the Azure Sphere OS. (Earlier they have had their own Linux version in internal use at Azure).
The Microsoft-secured Linux kernel used in the Azure Sphere IoT OS is shared under an OSS license so that silicon partners can rapidly enable new silicon innovations. The devices can be used also with services that run on any other cloud.


  1. Tomi Engdahl says:

    For the first time ever, Microsoft will distribute its own version of Linux

    Microsoft on Monday announced Azure Sphere, a new technology to protect the processors that power smart appliances, connected toys, and other gadgets.
    Azure Sphere is powered in large part by Linux, a free operating system that Microsoft once viewed as a major threat.
    It’s the first time ever that Microsoft has made Linux part of a product offering.

  2. Tomi Engdahl says:

    When Microsoft CEO Satya Nadella took the job in 2014, one of the first things he did was announce that “Microsoft Loves Linux.” Since then, Microsoft has added robust support for Linux in its Azure cloud platform, while letting developers integrate Linux with their copies of Windows 10.


  3. Tomi Engdahl says:

    Mary Jo Foley / ZDNet:
    Microsoft announces the Azure Sphere stack for securing IoT devices, includes a Linux-based OS, custom silicon for microcontrollers, and matching cloud service — Microsoft is introducing new custom silicon, a Linux-based embedded OS and cloud service aimed at securing microcontroller-based devices.

    Microsoft introduces Azure Sphere for securing IoT devices

    Microsoft is introducing new custom silicon, a Linux-based embedded OS and cloud service aimed at securing microcontroller-based devices.

    Called Azure Sphere, the new stack includes certified microcontrollers, an “Azure Sphere” operating system for those microcontrollers and an associated “Azure Sphere Security Service”service for these devices.

    Microsoft is announcing Azure Sphere at RSA 2018. The new Azure Sphere-certified microcontrollers that the company is announcing combine real-time and application processors with built-in custom silicon security tech from Microsoft and connectivity, according to an April 16 blog announcing the initiative. Microsoft officials said this silicon security includes “learnings” from Xbox regarding how to secure these microcontrollers and devices they power.

    The first Azure Sphere chip will be the MediaTek MT3620. Microsoft is including a new security subsystem in these secured multicontrollers that it calls “Pluton.” The controllers themselves include the power of a Cortex-A processor with the real-time guarantees of a Cortex-M class processor, according to Microsoft’s Azure Sphere web site.

    The Azure Sphere OS includes a custom Linux kernel, plus secured application containers that compartmentalize code. As Microsoft cares more about selling Azure services than on trying to get Windows embedded everywhere these days, the reliance on Linux for a custom kernel here isn’t that surprising, to be honest. But the company is still crowing about this being the first day that it’s distributing a custom Linux kernel. (Microsoft did build a custom Linux-based switch operating systems for datacenter switches a couple years ago, but it wasn’t really “distributing” that OS.)

  4. Tomi Engdahl says:

    Microsoft built its own custom Linux OS to secure IoT devices
    Tuesday, April 17, 2018 Swati Khandelwal

    Microsoft has built its own custom Linux kernel to power “Azure Sphere,” a newly launched technology that aims to better secure billions of “Internet of things” devices by combining the custom Linux kernel with new chip design, and its cloud security service.

  5. Tomi Engdahl says:

    Microsoft has designed an Arm Linux IoT cloud chip. Repeat, an Arm Linux IoT cloud chip
    And it talks to Azure. Cortana probably spotted lurking nearby

    Microsoft has designed a family of Arm-based system-on-chips for Internet-of-Things devices that runs its own flavor of Linux – and securely connects to an Azure-hosted backend.

    Dubbed Azure Sphere, the platform is Microsoft’s foray into the trendy edge-computing space, while craftily locking gadget makers into cloud subscriptions.

    The way it works is like this: Microsoft makes its system-on-chip (SoC) blueprints available to chip designers, which fabricate the chipset and flog it to IoT device makers. These manufacturers slap the silicon in their products, and run Microsoft’s Linux-based Sphere OS along with their own software on the chip, which connects to Microsoft’s Azure Sphere running on Redmond’s cloud.

    Sphere does things like make sure gizmos only run official firmware, and automatically pushes out and installs bug fixes on remote devices, and so on. In the process, the chipmaker moves more silicon, the device vendor gets a turnkey security service to show to customers, and Microsoft gets a cloud customer for the lifespan of the device.

  6. Tomi Engdahl says:

    Microsoft Takes Security to the Edge

    Microsoft Unveils New Services and Features to Secure Internet of Things (IoT) Devices

    At RSA Conference this week in San Francisco, Microsoft announced new tools and technologies aimed at protecting connected devices from security threats.

    First on the list is Azure Sphere, what Microsoft describes as a holistic solution built for securing microcontroller unit (MCU)-based devices from the silicon to the cloud. With an estimated 9 billion cloud-connected devices shipping each year with tiny MCU chips inside, there’s clearly a large segment to keep secure, Microsoft says.

    Azure Sphere, the software giant claims, is based on a new class of Microsoft-developed MCUs boasting five times the power of legacy MCUs. The company aims at licensing the IP for the MCUs royalty free to silicon manufacturers, and says that MediaTek is already producing Azure Sphere-certified silicon.

    With Azure Sphere, these chips run “a new customized operating system built for IoT security,” Microsoft says. Featuring a custom Linux kernel and optimized for IoT, the operating system includes security innovations from Windows, aiming to deliver a highly secured software environment.

    Additionally, a cloud security service will guard every Azure Sphere device, allowing for updates and upgrades for a 10-year lifetime of the device. Microsoft also claims that Azure Sphere will work alongside both private and proprietary cloud services, allowing customers to continue using their existing data infrastructure.

    “This combined approach to Azure Sphere brings together the best of hardware, software and services innovation. It is open to any MCU chip manufacturer, open to additional software innovation by the open source community and open to work with any cloud. In short, it represents a critical new step for Microsoft by integrating innovation across every aspect of technology and by working with every part of the technology ecosystem, including our competitors,” Microsoft President Brad Smith notes.

  7. Tomi Engdahl says:

    Microsoft, MediaTek Team on IoT SoC

    MediaTek is working with Microsoft to deliver this year the first Azure Sphere chip, the MT3620 that the partners expect to drive IoT innovation with built-in security and connectivity.

    Azure Sphere is designed for highly secured, connected MCU-powered devices at a price that the companies expect will make enterprise-class security affordable for an array of cloud-connected gadgets.

    MediaTek and Microsoft have worked together to develop a specialized chipset with a Wi-Fi connected controller built around a processor designed to run Azure Sphere’s IoT operating system that includes support for Microsoft’s latest security protocols. The chipsets will be sold as part of the Azure Sphere solution, enabling customers to connect their MCU-powered products and devices with protection and security provided by Microsoft.

    Microsoft Azure Sphere Secure IoT Platform with vast I/O peripheral subsystem for diverse IoT applications

  8. Tomi Engdahl says:

    Microsoft keeps cozying up to former rival Linux, and will now use it to secure web-connected gadgets

    Microsoft’s latest use of Linux comes weeks after a leader of the Windows division lost a seat on the company’s senior leadership team.
    Microsoft has previously looked to Linux to boost its public cloud and operate equipment in its data centers.

  9. Tomi Engdahl says:

    Arm debuted a SoC framework aimed at development of secure IoT nodes, gateways, and embedded applications. The SDK-700 System Design Kit has a flexible compute architecture combining Cortex-A and Cortex-M processors and includes pre-built security IP such as firewalls, secure enclave, and TrustZone. The framework is designed as a foundation for Azure Sphere, Microsoft’s IoT MCU security program.


    New Flexible SoC Solution from Arm to Enable Rapid Development of Secure IoT Devices

    News highlights

    A new SoC solution for rich IoT nodes and gateways, built on PSA principles
    Arm’s first heterogeneous SoC solution, combining the efficiency and real-time response of Cortex-M with performance of Cortex-A to enable complex processing and machine learning at the edge
    Provides the secure SoC foundation for Microsoft Azure Sphere solution

    Arm is the architecture of choice for the IoT, providing the computing power behind 125 billion chips to date. We have an ambitious vision of a trillion securely connected devices by 2035, but achieving this scale requires the industry to embrace the idea that security can no longer be an afterthought, across all parts of the connected device value chain. To ensure these increasingly diverse connected devices that communicate with each other are designed with a common secure foundation, Arm provided the industry with the Platform Security Architecture (PSA).

  10. Tomi Engdahl says:

    Microsoft Secures IoT from the Microcontroller Up

    Frustrated by the glut of unsecured IoT devices? So are Microsoft. And they’re using custom Linux and hardware to do something about it.

    Microsoft have announced a new ecosystem for secure IoT devices called “Azure Sphere.” This system is threefold: Hardware, Software, and Cloud. The hardware component is a Microsoft-certified microcontroller which contains Microsoft Pluton, a hardware security subsystem. The first Microsoft-certified Azure Sphere chip will be the MediaTek MT3620, launching this year. The software layer is a custom Linux-based Operating System (OS) that is more capable than the average Real-Time OS (RTOS) common to low-powered IoT devices. Yes, that’s right.

  11. Tomi Engdahl says:

    Richard Stallman talks about Microsoft Azure Sphere OS

  12. Tomi Engdahl says:

    Microsoft unveils its first Linux OS, Azure Sphere

    Microsoft releases a custom Linux based operating system using a modified kernel. Watch Microsoft President Brad Smith making the announcement of Azure Sphere OS based on Linux for IoT devices.

  13. Tomi Engdahl says:

    Surprise: There’s yet another Microsoft Linux distro, CBL-Delridge

    Microsoft has been public about its CBL-Mariner Linux release, which just hit the 2.0 milestone. But did you know there’s also a Microsoft CBL-Delridge?

    Microsoft’s Linux Group has been fairly public about its work on a Microsoft-created Linux distribution that is for the company’s internal use only. That variant, known as CBL (Common Base Linux) Mariner, is used across a variety of Microsoft products, from the Windows Subsystem for Linux GUI to AKS HCI, Azure Percept, and more. But it turns out there’s another Microsoft-developed Linux distribution that’s also for internal use that’s known as CBL-Delridge or CBL-D.

    I discovered the existence of CBL-D for the first time this week in a rather round-about way. I stumbled onto a February 2 blog post from Hayden Barnes. a Senior Engineering Manager at SuSE who led the Windows on Rancher engineering team, which traced his steps in

  14. Tomi Engdahl says:

    Microsoft has another Linux distribution and it is based on Debian
    Microsoft has been using a Debian-based Linux distro for Azure Cloud. We’re getting to know about it now!


Leave a Comment

Your email address will not be published. Required fields are marked *