In the recent Ignite keynote, Satya Nadella noted that there would likely be an explosion of data in the next decade, much of which may come from sensors and other connected devices. That's both exciting and worrisome to many of us that work in the field. Lots of challenges and data to work with, but this is also scary because of the poor level of security many vendors have implemented in their connected devices.
Microsoft Research put together a team under Project Sopris, who shared many of the same fears. They wanted to try and find a way to build small, connected devices, but keep them secure. That's the type of research we need. It's all good to look for a new cool product to sell, but we also need people that provide a framework and ideas on how to do that securely.
This started out internally called CodeName 4x4, with the idea that small devices owuld have 4MB of RAM and 4MB of flash. That's what I used to call a desktop, but now it's a tiny embedded board. They produced a whitepaper on The Seven Properties of Highly Secure Devices, which led to a prototype that was sent out for field testing and examination by security researchers.
This has become Azure Sphere, a mix of secure microcontrollers, a secure OS, and a cloud security service. Together, this may be one way that we do allow more Internet of Things (IoT) devices, but in a secure way that will not compromise our networks and systems.
There are still challenges here, especially with small devices that may have data quality issues as they are designed to be cheap and easy to replace, but that's another area of research. This is a step forward for security, something that we desperately need as more vendors want to build and sell sensors and services.
The one thing that I wish they had done differently was choose another acronym for microcontrollers. They wrote MCU, which has grown to have a different meaning for me across the last decade.