Project Sopris looks to create a set of secure layers that protect both hardware and their communications, and it can refresh a compromised device Credit: Thinkstock One of the main problems facing industrial internet of things deployments is that perennial issue: security. When you’re deploying and managing hundreds or thousands of devices around an organization, how can you ensure that your devices are running the right firmware, are running the right software, or even that they’re communicating with the right servers? You have only to browse Shodan, a search engine for unsecured IoT hardware endpoints, to see how insecure the devices used to build our future on have become. It’s no surprise then that Microsoft is talking about its latest updates to Azure’s IoT tools, focusing on securing and managing devices. More important, it’s testing a novel approach to IoT security that could change the game enough to remove the brakes from IoT deployments. As we’ve seen with a rise in attacks on IoT devices via easy-to-build botnets like Mirai, there are still very basic questions to be answered: How can you ensure the integrity of IoT devices, and how can you keep them up to date? IoT microcontroller vendors need to build identity and security into their silicon. If they do, devices can automatically be identified and added to a network via tools like Microsoft’s Azure IoT Hub Device Provisioning Service. Azure IoT’s support for hardware security modules and the emerging Device Identity Composition Engine standard should help reduce the risk of device compromise. Project Sopris tries a novel approach to IoT security Microsoft Research is also thinking about this problem, with its Project Sopris hardware. Project Sopris aims to deliver both secure hardware and a secure communication channel, with a focus on microcontrollers such as the maker-focused Arduino or the programmable logic controllers (PLCs) that control much industrial machinery. Project Sopris’ intended result is a mix of secure hardware and software that brings many of the trusted computing models used in Windows to IoT devices. Project Sopris has a sensibly secure IoT stack. It starts with a hardware root of trust, similar to the one developed by the Trusted Computing Group for its Trusted Platform Module. A separate, secured computing environment, this layer creates and manages the keys needed to cryptographically secure connections between devices and servers. It also stores and manages device firmware and software. Building software for Project Sopris devices is much like building code anywhere: What’s important is how the code is stored and managed. Compartmentalizing code so that a failure in one section doesn’t compromise the rest of your software helps prevent exploits from escalating, while building security tools in every layer can reduce the risk of attacks spreading throughout the device stack. Similarly, by mandating code and device signatures, you are operating devices that can be identified and managed without having to resort to hard-coded passwords that can easily be breached (that’s what Mirai took advantage of). Perhaps most interesting about Microsoft Research’s device philosophy is the concept of “renewable security.” If a device built using these principles has been breached, it can be refreshed automatically, revoking all the cryptographic keys employed by the device and its software. Once refreshed, a device can be automatically updated with the latest software, with new keys and a new trusted connection to your IoT network. Giving IoT a bug bounty Of course, Project Sopris is a new way of thinking about IoT, so it needs to be validated. To do that, Microsoft Research has challenged the security community to disprove the Project Sopris approach. It distributed custom hardware to 150 security professionals, assigning specific bug bounties to secrets hidden in the Project Sopris software. Penetrating the secure silicon at the heart of the device getting the highest reward. If Project Sopris proves to be as promising as the initial papers suggest, it would be an excellent fit for the Azure IoT device management model and its new SaaS-based IoT Central. Microsoft already has a cryptographically secured update channel in the shape of Windows Update, one that’s regularly stress-tested by Patch Tuesdays and managed by Microsoft’s own security teams. Using it to deliver updates to secured IoT devices via Azure’s tools could be key to simplifying device management at scale. After all, what’s an extra few thousand devices to a system that’s already working with hundreds of millions? Related content analysis How Azure Functions is evolving Microsoft has delivered major updates to its serverless compute service to align it more closely with development trends including Kubernetes and generative AI. By Simon Bisson Jul 11, 2024 7 mins Azure Functions Microsoft Azure Serverless Computing analysis Understanding DiskANN, a foundation of the Copilot Runtime Microsoft is adding a fast vector search index to Windows. It’s tailor-made for fast, local small language models like Phi Silica. By Simon Bisson Jul 04, 2024 7 mins Software Deployment Generative AI Artificial Intelligence analysis AI development on a Copilot+ PC? Not yet Microsoft’s new AI-infused hardware shows promise for developers, but the platform still needs work to address a fragmented toolchain. By Simon Bisson Jun 27, 2024 9 mins Visual Studio Code Software Deployment Generative AI analysis Inside today’s Azure AI cloud data centers At Build, Microsoft described how Azure is supporting large AI workloads today, with an inference accelerator, high-bandwidth connections, and tools for efficiency and reliability. By Simon Bisson Jun 20, 2024 7 mins Microsoft Azure Technology Industry Artificial Intelligence Resources Videos