"How do you develop secure code?" I've been asked this a lot recently and it is time for a blog post as the public and various parts of Microsoft have gotten a glimpse of how much Azure Sphere goes t...
Updated Oct 20, 2020
Version 3.0
Blog Post
A very interesting answer to the questions regarding secure code on the Azure Sphere, thanks for putting out the effort to clarify the current situation.
However, with the recent iPhone exploit doing the rounds of Hacker News and Reddit, https://googleprojectzero.blogspot.com/2020/12/an-ios-zero-click-radio-proximity.html, which they even refer to the https://github.com/microsoft/MSRC-Security-Research/blob/master/papers/2020/Security%20analysis%20of%20memory%20tagging.pdf paper from Microsoft Security Response Center, it is clear that whatever mitigations are trying to attempt to secure C (the only existing option for the Azure Sphere SDK), or C++ (like it happened to iPhone 11 Pro despite iOS and iPhone security measures), it is quite clear that the end to end security story is not there.
You state that security requires dedication and the willingness to not compromise, yet Azure Sphere has indeed compromised to the whims of C and C++ developers.
Not compromising means pushing languages like Ada (currently being adopted by NVidia for secure firmware), Rust (being adopted by Amazon and Google for secure code), even .NET (being pushed by WildernessLabs for type safe IoT), Go (being used by F-Secure on USB Armory for safe firmware).
Selling the same C, C++ toolchains, with static analysers and fuzzing tools, like the embedded industry has already been doing for years is compromising and thus making invalid whatever is put on top.
Castles walls are meaningless when the foundation is built on top of quicksand.