By Nick Flaherty www.flaherty.co.uk
In a major move that is hailed as Microsoft's first IoT chip, the reality is a little different - and that also includes lots of use of the term 'real time'. But Microsoft is certainly trying to be responsible for the launch a new class of microcontroller.
In order to provide a secure, end-to-end environment for the Internet of Things, Microsoft has developed a secure Linux-based operating system called Sphere that runs on existing ARM hardware and security hardware with secure links back to the cloud, in this case Microsoft's Azure cloud service.
Azure Sphere certified microcontrollers culd be considered a cross-over
class of MCUs. While Microsoft says that uses real-time cores alongside application processors with
built-in security technology and connectivity, the controllers are ARM Cortex M4F-based (see below), which are suitable for many real time embedded applications but are not determinisitc cores such as the R7 family.
The Sphere IoT OS offers multiple layers of security. It combines
security innovations pioneered in Windows, a security monitor, a custom
Linux kernel to create a highly-secured software environment and a trustworthy
platform. This also does not make it a real time operating system.
Azure Sphere Security Service is a turnkey, cloud service
that guards every Azure Sphere device, brokering trust for device-to-device and
device-to-cloud communication through certificate-based authentication,
detecting emerging security threats across the Azure Sphere ecosystem
through online failure reporting, and renewing security through software
updates, all areas of vulnerability.
Microsoft says it has been working directly with leading MCU
makers to build a broad ecosystem of silicon partners who will be combining the
Pluton silicon security technologies in their Azure Sphere certified chips running
the Azure Sphere OS and connecting to the Azure Sphere Security Service for
simple and secure updates, failure reporting, and authentication.
The first Azure Sphere chip, the MediaTek MT3620, will come
to market in volume this year. Over time Microsoft expects to see other silicon
partners introducing their own Azure Sphere chips to the market and it is licensing
the silicon security technologies to them royalty-free. This enables any
silicon manufacturer to build Azure Sphere chips while keeping costs down and
prices affordable to device manufacturers.
The MT3620 uses an Arm Cortex-A7 application processor
operates up to 500MHz and includes large L1 and L2 caches and integrated SRAM for
highly efficient operation over a wider range of potential applications.
Two
general purpose Arm Cortex-M4F I/O subsystems support the requirements of the
many on-chip peripherals including 5x UART/I2C/SPI, 2x I2S, 8x ADC, up to 12
PWM counters and up to 72x GPIO, allowing an extensively diverse potential
number of applications. These two Cortex-M4F I/O subsystems are primarily
intended to support real-time I/O processing but can also be used for general
purpose computation and control. The Cortex-M4F cores may run any end-user-provided
operating system or run a ‘bare metal app’ with no operating system.
Pluton Security System
Outside of these three end-user accessible cores, MT3620
contains an isolated security subsystem with its own Arm Cortex-M4F core that
handles secure boot and secure system operation. In addition, a 1x1 dual-band
802.11a/b/g/n Wi-Fi radio subsystem is controlled by a dedicated Andes N9
32-bit RISC core. This subsystem contains radio, baseband and MAC that is
designed to allow high throughput applications with great power efficiency.
Operation of the MT3620 security features and Wi-Fi
networking are isolated from, and run independently of, end user applications.
Only hardware features supported by the Azure Sphere Secure IoT Platform are
available to MT3620 end-users. As such, security features and Wi-Fi are only
accessible via defined APIs and are robust to programming errors in end-user
applications regardless of whether these applications run on the Cortex-A7 or
the user-accessible Cortex-M4F cores.
Microsoft provides a development environment based
on the gcc compiler which includes a Visual Studio extension, allowing this
application to be developed in C.
Microsoft is working with selected device manufacturers to
build first wave of Azure Sphere devices by the end of 2018. Dev kits will be
universally available in mid-2018.
https://www.microsoft.com/en-us/azure-sphere/