Security is a top concern for the Internet of Things, in particular when large numbers of IoT devices are deployed in an organization. There’s been a rise in attacks on such devices, via botnets, and a search engine, Shodan, is dedicated to finding unsecured IoT hardware endpoints. In that context, Microsoft, which is updating its Azure IoT toolset, is also testing a new approach to securing and managing such devices. Dubbed Project Sopris, Microsoft Research hopes to mix secure hardware and a secure communications channel.
InfoWorld states that Project Sopris also has a focus on “microcontrollers such as the maker-focused Arduino or the programmable logic controllers (PLCs) that control much industrial machinery.”
The foundation is “a hardware root of trust, similar to the one developed by the Trusted Computing Group for its Trusted Platform Module.” This hardware layer exists in a separate and secured environment and both creates and manages the keys “to cryptographically secure connections between devices and servers” as well as storing and managing device firmware and software.
To keep “exploits from escalating,” Project Sopris compartmentalizes the code “so that a failure in one section doesn’t compromise the rest of your software.” Security tools in each layer minimize “the risk of attacks spreading throughout the device stack.” The system also mandates code and device signatures, meaning that devices “can be identified and managed without having to resort to hard-coded passwords that can easily be breached.”
At the heart of Project Sopris is Microsoft Research’s “device philosophy” of “renewable security,” which means that when a device is hacked, “it can be refreshed automatically, revoking all the cryptographic keys employed by the device and its software,” and the automatically updated with new software, keys and a trusted connection.
To prove Project Sopris’ mettle, Microsoft Research has challenged the security community to disprove its approach, providing custom hardware to 150 security professionals and “assigning specific bug bounties to secrets hidden in the … software.” The biggest reward goes to anyone who is able to penetrate the secure silicon at the heart of the device.
The idea is, that if Project Sopris performs as hoped, it “would be an excellent fit for the Azure IoT device management model and its new SaaS-based IoT Central,” combined with a cryptographically secured Windows Update channel connected to IoT devices. The result could be a dramatic simplification of device management on a large scale.