Microsoft’s Sopris Project: A New Approach to Secure IoT Hardware and Communication

The Sopris project aims to create a security layer that can protect hardware and communications, and can refresh affected devices.

One of the main challenges facing industrial Internet of Things deployments is a perennial issue: security. When you deploy and manage hundreds or thousands of devices around an organization, how do you ensure the devices are running the correct firmware, the correct software, and even communicating with the correct servers? You can simply browse the insecure IoT hardware endpoints on the Shodan search engine to see the insecure state devices are in for the future.

There is no doubt that Microsoft is talking about the latest updates to Azure's IoT tools, focusing on protecting and managing devices. More importantly, it is testing a new type of IoT security approach that could change the game enough to eliminate the braking forces from IoT deployments.

[Read InfoWorld's commentary: Amazon simplifies developers for IoT. | Azure moves IoT to .Net developers. | In InfoWorld's downloadable PDF and ePub, get the spoon on the internet at the most basic level and find out where it is.]

As we have seen, through easy‑to‑create botnets like future, attacks on IoT devices have increased, and many fundamental questions remain: how to ensure the integrity of IoT devices and how to keep them secure to date?

IoT microcontroller manufacturers need to build identity and security into their chips. If they do, devices can be automatically identified and added to the network using tools such as Microsoft’s Azure IoT Hub device provisioning service. Azure IoT’s support for hardware security modules and emerging device identity composition engine standards should help reduce the risk of device compromise.

Sopris project tries a new type of IoT security method.

Microsoft Research is also considering this issue with its Sopris hardware project. The Sopris project aims to provide secure hardware and secure communication channels, focusing on manufacturer‑centric microcontrollers such as Arduino or programmable logic controllers (PLC) that can control many industrial machines. The expected outcome of Project Sopris is a secure blend of hardware and software, bringing many trusted computing models used in Windows into IoT devices.

Microsoft's new IoT small business development platform.

The cloud is the logical counterpart to IoT sensors and devices. It provides a place to manage distributed hardware and process the information they provide. You need large‑data tools that can handle time‑series data and massive machine‑learning systems so you can actually use all the data. Microsoft has made Azure the focus of its IoT platform, leading to interesting partnerships, including support for devices that do not run Windows.

Microsoft’s Azure IoT Suite uses Azure’s PaaS capabilities and tools to build and deliver your own IoT applications as well as device code and cloud tools. This approach works with its built‑in service templates and custom solutions.

While Microsoft is adding a new “IoT Hub” template, its IoT development tools are essentially small‑business development tools. Therefore, Microsoft announced this week the launch of IoT Central, a SaaS approach to IoT. Microsoft only provided a basic description of IoT Central – no important details – but it is characterized as a “fully managed IoT service where you can configure and connect devices; its management and scalability.

Project Sopris has a smart secure IoT stack. It starts with a trusted hardware root, similar to the hardware root developed by the Trusted Computing Group for its Trusted Platform Module. A separate, secure computing environment, this layer creates and manages the cryptographic keys needed to secure connections between devices and servers. It also stores and manages device firmware and software.

The software built for Project Sopris devices is like building code anywhere: the important thing is how you store and manage code. Separating code so that a failure in one part does not jeopardize your other software helps prevent vulnerability escalation, while building security tools at each layer can reduce the spread of attacks across the device stack. Similarly, by enforcing code and device signing, you can operate devices that can be identified and managed without using hard‑coded passwords that are easy to compromise.

Perhaps the most interesting is Microsoft Research’s concept of “renewable security”. If a device built with these principles is compromised, it can be automatically refreshed, revoking all cryptographic keys used by the device and its software. After refresh, the device can be automatically updated with the latest software, using new keys and a new trusted connection for your IoT network.

Give IoT a bug bounty.

Of course, the Sopris project is a new way of thinking about IoT, so it needs validation. To do that, Microsoft Research’s security team challenged the approach. It distributed custom hardware to 150 security professionals, assigning specific bug bounties for hidden secrets in the Project Sopris software. The silicon that penetrated the device’s heart received the highest reward.

If the Sopris project proves as promising as the initial article suggested, it would fit very well with Azure IoT device management model and its new SaaS‑based IoT Central.

Microsoft already has an encrypted secure update channel, in the form of Windows Update, stress‑tested on Patch Tuesday, managed by Microsoft’s own security team. Using Azure tools to deliver updates to secure IoT devices could be key to simplifying device management at scale. After all, there are thousands of devices among billions of systems.