Combining Azure Sphere IoT security with Azure RTOS real-time capabilities
Published Dec 16 2020 03:22 AM 6,442 Views
Microsoft

Learn how you can combine the best of Azure Sphere IoT security with the power of Azure RTOS to deliver new IoT solution categories. Covered in this article is a brief introduction to Azure RTOS, Azure Sphere, and the MediaTek MT3620 MCU architecture. You will also learn why you might want to run real-time applications on an Azure Sphere, how applications communicate across cores and how to get started.

 

Azure RTOS

Azure RTOS is a Real-Time Operating System available from Microsoft that runs on most microcontrollers. Azure RTOS  includes a small powerful Real Time operating system called ThreadX, a GUI designer plus GUI library, and more.  Azure RTOS ThreadX makes it easier to build reliable embedded solutions with a rich set of services including real-time, multithreading, inter-thread communication, synchronization, timers, and memory management.

 

Azure RTOS is free to use on an Azure Sphere MT3620 MCU and is covered by the “Distribution and Production Use” license.

 

Azure Sphere

The traditional approach to IoT microcontroller development is that you are responsible for integrating and maintaining all the bits of a solution. This includes the communications stack, security, authentication, certificates, identity, encryption libraries, update processes, your solution and more. Not only are you a solution domain expert, but you are now responsible for tracking new and emerging security threats, mitigating, and updating to protect IoT devices.

 

Azure Sphere is a unique highly secure IoT platform. You focus on your solution, Azure Sphere deals with security, identity, certificates, reporting, tracking emerging attack vectors, mitigating, updating the platform, and application distribution to protect your solutions, customers, and reputations.

 

Azure Sphere consists of the following components:

 

  • Azure Sphere–certified chips from hardware partners include built-in Microsoft security technology to provide connectivity and a dependable hardware root of trust.
  • Azure Sphere OS adds layers of protection and ongoing security updates to create a trustworthy platform for new IoT experiences.
  • Azure Sphere Security Service brokers trust for device-to-cloud communication, detects threats, and renews device security.

Together these components implement The Seven Properties of Highly Secure Devices .

 

glovebox_0-1608114131025.png

 

 

Azure Sphere MediaTek MT3620 MCU architecture

The first Azure Sphere certified MCU is the MediaTek MT3620 microcontroller unit (MCU). This MCU which has three developer-accessible cores, a Cortex-A7 that runs a hardened Linux kernel, and two Cortex-M4 cores.

 

  • The Cortex-A7 core runs less timing-sensitive tasks such as setting up network connections, negotiating security, refreshing certificates, updating the device OS and applications. You can run a custom application on this core and send and receive messages to predefined network endpoints including cloud gateways such as Azure IoT Hub.
  • On the Cortex M4 cores you can run bare-metal code, or applications running on a real-time operating system such as Azure RTOS or FreeRTOS.

glovebox_1-1608114150541.png

 

 

What is an RTOS (Real-Time Operating System)

A system is said to be real-time if the total correctness of an operation depends not only upon its logical correctness, but also upon the time in which it is performed Link to Wikipedia Article.

 

A Real-Time Operating System is system software that provides services and manages processor resources for applications. These resources include processor cycles, memory, peripherals, and interrupts. The main purpose of a real-time Operating System is to allocate processing time among various duties the embedded software must perform.

 

Why run real-time Azure RTOS applications on Azure Sphere

The main reasons to run real-time applications on an Azure Sphere include:

 

  1. Your application requires precise or deterministic timing that cannot be guaranteed on the Cortex-A7 Linux kernel core where it would have to compete for resources with other services.
  2. You are migrating existing Cortex M4 code to an Azure Sphere.
  3. Running your application across multiple cores to take advantage of all the memory and processing resources on the Azure Sphere.
  4. Dedicating a core to running compute intensive applications like machine learning models

 

Intercore communications

For security reasons, applications running on the Cortex M4 cores cannot directly access network endpoints. Applications can communicate with applications running on other cores through a secure mailbox mechanism. As an added layer of security, applications can only communicate across cores with applications they have been partnered with at development time.

 

Solution architecture example

This environment monitoring solution shows how you can integrate a real-time Azure RTOS application with Azure Sphere and IoT Central.

 

The solution architecture is as follows:

 

  1. The Azure RTOS real-time environment sensor thread runs every 2 seconds. The thread stores in memory the latest environment temperature, humidity, and pressure data.
  2. The high-level Azure Sphere applications requests environment data from the real-time Azure RTOS application.
  3. The Azure RTOS real-time ‘environment service thread’ responds with the latest environment data.
  4. The high-level application serializes the environment data as JSON and sends the telemetry message to IoT Central.
  5. The IoT Central user can also set the desired temperature for the room by setting a property in IoT Central.
  6. The Azure Sphere then sets the HVAC operating mode to meet the desired temperature.

 

glovebox_0-1608166415304.png

 

 

Developer Experience

You can develop Azure Sphere and Azure RTOS applications on Linux and Windows. On Windows, you can develop high-level and real-time applications with Visual Studio (free Community Edition or better), Visual Studio Code, or integrate with your existing toolchains. On Linux you can develop high-level and real-time applications with Visual Studio Code or integrate with your existing toolchains.

 

Next Steps

There are two Microsoft Learn modules which include hands-on labs you can download to start your Azure Sphere and Azure RTOS journey.

 

  1. Develop secure IoT solutions for Azure Sphere, Azure RTOS and Azure IoT Central
  2. Develop secure IoT Solutions for Azure Sphere, Azure RTOS and IoT Hub

Skip to unit 16 to learn more about real-time Azure RTOS running on an Azure Sphere.

 

 

 

 

 

Version history
Last update:
‎Dec 16 2020 05:25 PM
Updated by: