IoT Skills: Learn How to Rapidly Secure Your

IoT Design with Azure Sphere

Kevin Keryk – Avnet Software Engineering Manager

Why is Security Important:
October 21, 2016 Botnet Attack Observations
Device Security is a socioeconomic concern
DAY 1 the attack is Technology headline in NY Times
DAY 2 the attack is Politics headline

Future attacks could be much larger

This attack was small; just 100K devices
Imagine a 100M-device attack

Future attacks become huge liability exposure

Hackers could “brick” an entire product line in a day
Actuating devices could cause property damage or loss of life

The industry response to date is inadequate

For example, network vendors offer to turn off network ports

The attack exploited well-known weaknesses

Weak common passwords, no early detection, no remote update, etc

2
Highly-secured connected devices require 7 properties

Hardware Defense Small Trusted

Root of Trust in Depth Computing Base
Is your device’s identity Does your device Is your device’s TCB
and software integrity remain protected if a protected from bugs in
secured by hardware? security mechanism is other code?
defeated?

Dynamic Certificate-Based Failure Renewable

Compartments Authentication Reporting Security
Can your device’s Does your device Does your device Does your
security protections use certificates report back about device’s
improve after instead failures and software update
deployment? of passwords for anomalies? automatically?
authentication?

= Silicon support required = OS support required = Cloud Service support required http://aka.ms/7properties
3
 An end-to-end solution for creating
highly-secured, connected MCU devices
Secured MCUs
A new class of crossover Azure
Sphere MCUs, from silicon partners,
with built-in Microsoft security
technology provide connectivity, high
performance, and a secured
hardware root of trust
4
Secured Operating System
The highly-secured Azure Sphere IoT
OS combines the best of Microsoft and
OSS technologies to create a
trustworthy platform for new IoT
experiences
Secured Cloud Service
The Azure Sphere Security Service
guards every Azure Sphere device; it
protects your devices and customers,
detects emerging threats, and
proactively responds
 Azure Sphere is Not Just an MCU Chip
Azure Sphere is a security solution / technology built with a combination of a special
microcontroller, special operating system, and corresponding cloud services

The Azure Sphere solution today contains:

Azure Sphere Chip MT3620

Azure Sphere Security Services for 13 years

Azure Sphere IoT OS with 13 years of

on-device updates
Azure Sphere is a high-
value, cost effective solution,
secured
5 by Microsoft.
Azure Spheres MCU’s - Create a secured foundation for
intelligent edge devices
Secured
• With built-in Microsoft security technology
i.e. I/O bus firewalls
• Includes the Pluton Security Subsystem
Performance
• With built-in Cortex-A processors
• Delivers significantly greater performance
vs. similar traditional MCU
Connected
• With built-in networking
OS
• Open Linux Kernel
Development Tools
• Established Visual Studio Tool Suite
6
 Sphere Products
Sphere Chip Avnet Modules Avnet Starter Kit
(Off-the-Shelf or Custom)

Availability: January 2019 April 2019 April 2019

Price: Contact Avnet FAE $20s $75
Volumes: Greater than 50K/year Less than 100K/year Developers
7
 From consult to design & manufacturing to insights
IoT / Azure Sphere Connected technology that is safe, smart & efficient

What Avnet offers for Sphere: Azure Sphere document package:

• Technical documentation
• Design assistance http://Avnet.com/AzureSphere
• Pricing and availability
• Proof of concept development
Register here to
• Manufacturing and Integration services
receive document
• Sphere Development Kits links by email
• Sphere Modules
• Cloud & digital services
• Supply chain services and Logistics
• Technical communities – Element14 and Hackster.io
• Technical boot camps and training available globally
8
Why Design with Avnet Sphere Module?
Exclusive Microsoft Azure Sphere Partner

Sphere
& Azure
Azure Sphere MT3620 Chip Avnet Azure Sphere Modules
(Off-the-Shelf or Custom)

10
Avnet MT3620 Module Compact Module Size
• Main features of MT3620 pinned-out while
maintaining production-friendly footprint

• Dual-band Wi-Fi 802.11abgn operation

• Two Off-the-Shelf versions:

- Low cost (onboard chip antenna) and 33mm x 22mm
- High performance (TX and RX diversity)

11
 Chip Antenna Module:
Avnet Off-the-Shelf Modules AES-MS-MT3620-M-G

 Production-ready Azure Sphere modules

• Fully certified to speed time-to-market
• Small 33 mm x 22 mm form-factor

 On-board and external antenna versions

• Footprint and pin compatible
• On-board chip antenna – low cost
U.FL Antenna Module:
• External U.FL connectors – better wireless
AES-MS-MT3620-UFL-M-G
performance

 Available since Q2 2019

• Contact Avnet sales for additional information

 Will be regulatory certified (FCC, IC, CE, etc)

12
Avnet MT3620 Module Certification

Regulatory Body Status

FCC 2AF62-AVT3620C (Completed)
2AF62-AVT3620U (Pending)
IC 21571-AVT3620C (Completed)
21571-AVT3620U (Pending)
CE CE EN 60950-1, EN 300 328, EN 301 489 (Pending)
MIC Documentation Submitted
13
RoHS Compliant
ASIST Engineering services
Taking a product to market can be taxing on even the largest organizations, leveraging
Avnet engineering services and expertise helps eliminate that strain with turn-key solutions.

Advanced Solutions and

Integration Services Test
(ASIST)
Standard and fully custom test
Tailored engineering services solutions implemented to your
that allow your resources to requirements
focus on your value add
• Standard & Custom
• Global Regulatory Services Manufacturing Test
• EMC
• Product Safety • Advanced Automation
• Environmental Design • Custom Test SW for use in
Validation Testing Product Integrity testing
• Highly Accelerated Life
• Temperature, Humidity,
Vibration, and Acoustics • Custom Control & Reporting
• Packaging Testing
• FPY

14
 Customer Success Story

Lead Boot Camp PoC Pilot Manufacturing/

Production

Notes: • Lead • IoT Enabled • Avnet developed • Pilot • Module manufactured by

provided by Machine Identified Guardian Module • Designed by Avnet-Embest
Microsoft Avnet Design • Scale across 30,000 stores
Services • Each store has several
pieces of equipment
15
Azure Sphere Technology Key for Starbucks

16 http://avnet.me/sphere-starbucks-press
Avnet Sphere Starter Kit
Avnet Sphere Starter Kit
Avnet Sphere Module
• Onboard dual-band chip antenna
• Includes 32kHz XTAL for RTC and LP
operation
FTDI USB-to-serial bridge
• Service UART
• Debug UART
• Recovery UART
• SWD JTAG interface
Onboard LEDs and Switches
• Reset Switch
• User Switches (A and B) • App. Status LED - Yellow
AES-MS-MT3620-SK-G
• 3V3 Power LED - Green • Wi-Fi Status LED - Yellow 75 USD
• USB activity LED - Yellow • User LED - RGB avnet.me/mt3620-kit
18
Expansion Options
Click Board Expansion
• Two Click board sockets
• Over 620+ different Click boards available!
(3 new Click boards being added per week!)
Other Connectors
• 2-pin battery connector
• Grove connector (I2C)
• OLED display connector

Functions such as:

• Additional User RGB LEDs
• SPI to Ethernet bridge
• Sensors, Relays, etc
can be added using Click boards!
19
 Inexpensive (sub
Starter Kit Expansion Example 7USD) OLED
Display available
Mock-up shows expansion from multiple
possibilities with: sources
• Air Quality 3 Click board
• Dual Relay Click board
• 0.96” OLED 128 x 64 display
• I2C Grove connector (I2C)

OLED

20
Avnet MT3620 Starter Kit Advantage
• FT4232HQ USB-Serial bridge (3x UARTs, SWD, etc)
• 5V to 3.3V Buck Regulator (not LDO)
• RGB User LED plus 4 status LEDs
• Reset button switch, A and B User button switches
• Onboard sensors
• Two Click expansion sockets
(620+ different Click boards currently available)
• Grove sensor connector (I2C only)
• Battery connector

AES-MS-MT3620-SK-G
75 USD
avnet.me/mt3620-kit

21
Live Demo
Next Steps
Resources for More Information
Evaluate Azure Sphere for securing your next design with Avnet Starter Kit:
AES-MS-MT3620-SK-G
• Buy Azure Sphere Starter kit from Avnet
75 USD
• Setup Microsoft Visual Studio 2017 avnet.me/mt3620-kit
docs.microsoft.com/en-us/azure-sphere/install/install

• Experiment with self-paced tutorials and example code

avnet.me/mt3620-kit-OOB-ref-design-blog

• Participate in Element14 Road Test, accepted entries get a Sphere Starter Kit
avnet.me/mt3620-kit-RT

• Contact your local Avnet FAE for Demos, Workshops, and Training
24
Thank You

25