The Hardware Security Behind Azure Sphere

Traditional MCUs are price sensitive devices ill-prepared for the security challenges of internet connectivity. Azure Sphere MCUs are a new cross-over class of MCU with built-in Microsoft security technology, connectivity, and headroom to support dynamic new experiences. The MediaTek MT3620 combines ARM Cortex-A processor performance with real-time guarantees of an ARM Cortex-M class processor. It incorporates the Microsoft Pluton Security Subsystem to create a hardware root of trust, store private keys, and execute complex cryptographic operations. The MCU has built-in network connectivity to provide secure access to the cloud and the Azure Sphere Security Service. Azure Sphere OS is a secured OS that creates a trustworthy platform. It incorporates a custom Linux kernel, secured application containers, and security monitoring. The combination of the Pluton security hardware, Azure Sphere OS, and Azure Sphere Security Service provide certificate-based communications authentication, device and software authentication, device and application operation visibility, and secure updates.