Azure Sphere コミュニティ勉強会

Azure Sphere コミュニティ勉強会 2018/8/24 Takashi Matsuoka

Takashi Matsuoka (matsujirushi) 2017～ MVP for Windows Development Wio LTE 基礎からじっくり学ぶ ラズパイ電子工作 2017年6月号～ 2018年6月号 Wio 3G Wio LTE M1/NB1(BG96) Starter Kit for Azure IoT Edge https://github.com/matsujirushi/iot-edge-microbit MT3620 DevBoard

• https://github.com/matsujirushi/iot-edge-microbit

de:code 2018 – AD32 Microsoft Azure Sphere登場

de:code 2018 – AD32 Microsoft Azure Sphere登場

de:code 2018 – AD32 Microsoft Azure Sphere登場

The Seven Properties of Highly Secure Devices March 31, 2017 Galen Hunt, George Letey, and Edmund B. Nightingale Microsoft Research NExT Operating Systems Technologies Group

• https://www.microsoft.com/en-us/research/publication/seven-properties-highly-secure-devices/

de:code 2018 – AD32 Microsoft Azure Sphere登場

Sopris prototype microcontroller The Seven Properties of Highly Secure Devices

• https://www.microsoft.com/en-us/research/publication/seven-properties-highly-secure-devices/

Introducing Microsoft Azure Sphere: Secure and power the intelligent edge April, 16, 2018 Azure Sphere certified microcontrollers (MCUs): A new cross-over class of MCUs that combines both real-time and application processors with built-in Microsoft security technology and connectivity. Each chip includes custom silicon security technology from Microsoft, inspired by 15 years of experience and learnings from Xbox, to secure this new class of MCUs and the devices they power. Galen Hunt Partner Managing Director, Microsoft Azure Sphere

• https://azure.microsoft.com/ja-jp/blog/introducing-microsoft-azure-sphere-secure-and-power-the-intelligent-edge/

Azure Sphere

Azure Sphere シリコンからクラウドへ MCU 搭載デバイスを安全に接続 Azure Sphere は、極めてセキュリティの高いインターネット接続マイクロコ ントローラー (MCU) デバイスを開発するための新しいソリューションです。 このソリューションで提供されるセキュリティと接続の基盤を利用すれば、 大規模なモノのインターネット (IoT) 実装が可能な価格で、顧客に愛される インテリジェントな製品とエクスペリエンスを開発できます。そして、そ れらの製品をすばやく市場に投入できます。

de:code 2018 – AD32 Microsoft Azure Sphere登場

de:code 2018 – AD32 Microsoft Azure Sphere登場

de:code 2018 – AD32 Microsoft Azure Sphere登場

de:code 2018 – AD32 Microsoft Azure Sphere登場

de:code 2018 – AD32 Microsoft Azure Sphere登場

Azure Sphere (Additional Information)

Flash MediaTek MT3620 Wi-Fi Security & Power Management Application 12 x 12 mm Realtime

• https://d86o2zu8ugzlg.cloudfront.net/mediatek-craft/documents/mt3620/MediaTek-MT3620-Product-Brief-May2018.pdf

Cortex-A software architecture Only one A7 application runs on the device at a time. A7 applications are expected to run continuously and are automatically restarted if they stop or fail. The product manufacturer’s application runs in an application container on the A7 core; it has access only to libraries and runtime services that Microsoft provides. … A7 applications cannot perform generic file I/O or interprocess communication (IPC). All software that runs on the device, including the application, is signed by the Microsoft certificate authority (CA). Application updates are delivered through the trusted Microsoft pipeline, and the compatibility of each update with the Azure Sphere device hardware is verified before installation. To prevent the installation of rogue software, applications can be loaded in only two ways: - Sideloading - Over-the-air update

• https://docs.microsoft.com/en-us/azure-sphere/product-overview/architecture#cortex-a-software-architecture

Cloud The Azure Sphere tenant represents a group of Azure Sphere devices in the Azure Sphere Security Service. Every device must be "claimed" by an Azure Sphere tenant. Claiming is a one-time operation that you cannot undo even if the device is sold or transferred to another person or organization. (link) Azure AD User Device ID The Azure Sphere device checks for software updates each time it boots, when it initially connects to Wi-Fi, and at 24-hour intervals thereafter. If an Azure Sphere OS update is available, download and installation could take as much as 15 minutes and should not be interrupted. (link)

• https://docs.microsoft.com/en-us/azure-sphere/quickstart/qs-configure-wifi#set-up-wi-fi-on-your-azure-sphere-device
• https://docs.microsoft.com/en-us/azure-sphere/quickstart/qs-install#claim-your-device

Application Development • • • • Windows 10 Anniversary Update or later Visual Studio Enterprise, Professional, or Community 2017 version 15.7 or later Visual Studio Tools Preview for Azure Sphere An Azure Sphere development board that is connected to your PC by USB • Currently, the Azure Sphere SDK supports application development only in C. • A standard C library ✓ The SDK includes a standard C library that is customized to provide extra security. It does not support file I/O, interprocess communication (IPC), or shell access. • Custom application libraries ✓ GPIO ✓ UART ✓ WiFiConfig ✓ networking ✓ log • A curl library ✓ applications can transfer data over HTTP.

• https://docs.microsoft.com/en-us/azure-sphere/app-development/overview

Microsoft IoT Vision and Roadmap

Microsoft IoT Vision and Roadmap Azure Azure Azure IoT Edge • • Deploy and manage cloud services Managed by Azure or Azure Stack Windows IoT, Linux • Azure IoT Edge runs on Windows and Linux Azure IoT Device SDK • • Multi-device, multi-language, multi-OS iOS, Android, Windows, Linux • • Peerless security for MCU devices Connect directly to Azure or via Azure IoT Edge • Linux Kernel that modernizes MCU devices IoT IoT Edge Azure Stack IoT Azure Stack Azure IoT Central Azure IoT solution accelerators Azure Sphere Azure Sphere OS Build 2018 – BRK2154-Microsoft IoT Overview, Vision and Roadmap

• https://mybuild.microsoft.com/page/DownloadDocument?documentid=c4c6db43-31e0-4c6e-8d40-3e7fea61eca2