User Profile

glovebox

Microsoft

Joined 7 years ago

28 Posts60 Likes2 Solutions

View All Badges

User Widgets

Recent Discussions

Re: Raspberry Pi 4 - sensors
Hey mskuratowski, check out this article that I wrote which covers the process of building .NET Core apps for Raspberry Pi. The article includes links to the .NET IoT Core open source libraries as well as drivers. See "Build Raspberry Pi .NET Core IoT Applications running on Raspberry Pi OS or Ubuntu 20.04" at https://dev.to/azure/build-raspberry-pi-net-core-c-iot-applications-on-raspberry-pi-os-or-ubuntu-20-04-14bk, or head straight to my GitHub at https://github.com/gloveboxes/Create-RaspberryPi-dotNET-Core-C-Sharp-IoT-Applications. Cheers Dave
Nov 09, 2020 Place Azure IoT
1.3KViews
0likes
1Comment
Ask The IoT Expert: Azure Sphere, Embedded Hardware, and IoT Security
Are you running into questions while working on projects built around Azure Sphere and embedded hardware like the Raspberry Pi? Do you have ideas that you want to share around IoT security in general or the projects you are working on? Today we are kicking off an Ask The Expert series where a variety of Microsoft Azure IoT experts will be starting a conversation to answer any questions you may have. This week I’m leading the #JulyOT conversation where we are showcasing content on building projects using Azure Internet of Things services, specifically having to do with microcontrollers and embedded hardware. I’m Dave Glover, a Cloud Developer Advocate, based in Sydney, Australia, with a focus on the Internet of Things. I’m fascinated by the possibilities of embedded, communications, AI, and cloud technologies. I am known to dream in C/C++, C# and Python, and I post on GitHub at https://github.com/gloveboxes, everything is Open Source with an MIT licence. What has captured my attention is embedded development with Azure Sphere as it addresses IoT security. IoT security is without a doubt the biggest challenge facing the IoT industry and often the most overlooked. IoT solutions built on Azure Sphere are secure by default enabling you to focus on your business opportunity with confidence knowing that security is baked in. I wrote the Azure Sphere Developer Learning Path which is now published on MS Learn: “Develop secure IoT Solutions for Azure Sphere with IoT Central” and “Develop secure IoT Solutions for Azure Sphere with IoT Hub”. I learned a lot of lessons and you will find my learnings and best practices embedded in the MS Learn modules. I’ve also just published two “embedded” articles as part of #JulyOT. Both expand on the Azure Sphere Developer Learning path. The topics might be a bit cheesy, but the objective is to illustrate how you can build secure IoT solutions with Azure Sphere and Azure IoT. How to build a healthier working environment by monitoring CO2, temperature, and humidity levels with an Azure Sphere, an SDC30 sensor, and Azure IoT Central Build a Rover combining the best of Azure Sphere security with FreeRTOS I’m looking forward to hearing your ideas and questions – please post them as comments and I’ll do my best to help you answer them! Cheers Dave
Solved
Aug 25, 2020 Place Learn IoT
8.6KViews
7likes
3Comments
Re: Ask The IoT Expert: Azure Sphere, Embedded Hardware, and IoT Security
Hey pjmlp Paul, thank you for your question I would like to frame my response within two constraints, the first technical, the second business. I am sure you appreciate the realities of embedded systems, resources are scarce, particularly memory, there is limited space for the OS and applications. There is not the luxury of being able to load memory managed, type-safe systems such as the Android JVM, or .NET. All of the Azure Sphere system components are highly optimized to ensure they can run within the memory constraints of the MCU. The other reality is that customers have years of investments in C drivers and applications and they are not willing to rewrite, debug, and test these. If they were forced to choose between rewriting or an alternate C based platform then they will likely choose the path of least resistance and forego security. Customers are balancing investments in code, skills, the cost of silicon, and the cost of security. The focus of Azure Sphere is to protect the system, this includes protecting buggy code to ensure the system cannot be compromised and abused. The system is secure by default, all resources are locked down unless explicitly “allowed”. Here for completeness. Azure Sphere compromises of three major components. Hardware which is inherently more difficult to hack. A certified Azure Sphere MCU includes hardware root of trust ensuring an unforgeable device identity. An MMU to ensure hardware protected memory spaces for the OS and applications, a “sticky” silicon firewall ensuring only “allowed” peripherals can be accessed and cores are isolated. The silicon firewall cannot be altered after boot. There is a true random number generator, critical for cryptography, and protection against various attack vectors. The Operating system, a custom hardened Linux kernel with measured boot. The Pluton security subsystem runs on an isolated core, an isolated security monitor, “no execute memory” support, preventing memory an application writes being executed, address space layout randomization (ASLR), heap and stack protections. Add network endpoint protection, ensuring only access to “allowed” endpoint, mitigating against DOS attacks, as well as OS and App update and error reporting services. The cloud-based Azure Sphere Security Service, provides an aggregate view of the ecosystem, helping to spot, patch, and update against emerging security threats, application error reporting, and OTA OS and app update services. There is an appreciation of the benefits of RUST, and I see that you have raised RUST on Azure Sphere user voice, thank you. For now, and within the constraints of the MCU, and customers’ existing investment in C, the focus is building a secure by default platform, with ongoing security updates and protection. Do check out the following links for more on Azure Sphere security. Azure Sphere Security Research Challenge Azure Sphere 20.07 Security Enhancements How Azure Sphere prevents rollback attacks A couple of projects that you might be interested in. CheckedC (https://github.com/microsoft/checkedc). CheckedC adds static and dynamic checking to C to detect or prevent common programming errors such as buffer overruns and out-of-bounds memory accesses. There are a couple of community-based RUST initiatives that we are excited to see. https://github.com/vhnatyk/rust-hello-azure-sphere https://github.com/bjoernQ/rust_azure_sphere_advanced Azure Sphere Micropython. The IoT Technical Community blog is the place to be to track Azure Sphere. There is a constant stream of new articles related to security, or more developer-oriented posts like mine. Cheers Dave
Aug 01, 2020 Place Learn IoT
6.3KViews
2likes
1Comment

Recent Blog Articles