IoT løsninger Cloud tjenester & Analyseværktøjer
Ole Kjeldsen CTO & CISO Microsoft Danmark & Island Denne pptx: https://aka.ms/msiot2018 AGENDA
Overblik … Trusler & mulige løsninger Sphere, Hub, Edge & cloud services
…. meget mere i appendix & via bl.a. online træning hvis man vil nørde ☺ What is ….
9 billion IoT devices deployed per year
© Microsoft Corporation Microcontrollers (MCUs)
Wave 1: Wave 2: The Microcontroller (MCU) Internet Connectivity
© Microsoft Corporation 1970’s 1980’s 1990’s 2000’s 2010’s 2020’s 2030’s 9 BILLION new MCU devices deployed every year
IN TOYS... IN APPLIANCES… IN EQUIPMENT…
FEWER THAN 1% ARE CONNECTED TODAY. North Carolina Highway Signs Compromised By a First/Largest known DDoS attack using insecure IoT Foreign Hacker* devices (2016) disrupted WW internet traffic **
*NSTAC Report to the President on the Internet of Things. www.dhs.gov/sites/default/files/publications/ ** https://www.wired.com/2016/12/botnet-broke-internet-isnt-going-away/ What is ….
5 billion USD Microsoft investment in IoT
© Microsoft Corporation The internet security battle. We’ve been fighting it for decades. We have experience to share.
© Microsoft Corporation Azure Sphere
Announced at RSA Azure Sphere is an end-to-end solution for securing MCU powered devices
A new Azure Sphere OS secured by Microsoft for the devices 10-year lifetime to create a trustworthy platform for new IoT experiences
A new Azure Sphere class of MCUs, from silicon partners, with built-in Microsoft security technology provide connectivity and a dependable hardware root of trust.
The Azure Sphere Security Service guards every Azure Sphere device; it brokers trust for device-to-device and device-to-cloud communication, detects emerging threats, and renews device security.
© Microsoft Corporation Highly-secured connected devices require 7 properties
Hardware Defense Small Trusted Root of Trust in Depth Computing Base
Is your device’s identity Does your device remain Is your device’s TCB and software integrity protected if a security protected from bugs in secured by hardware? mechanism is defeated? other code?
Dynamic Certificate-Based Failure Renewable Compartments Authentication Reporting Security Can your device’s Does your device use Does your device Does your security protections certificates instead report back about device’s software improve after of passwords for failures and update deployment? authentication? anomalies? automatically?
© Microsoft Corporation = Silicon support required = OS support required = Cloud Service support required Three components. An Azure Sphere certified MCU One low price. The Azure Sphere Security Service No subscription required. for 10 years The Azure Sphere OS with 10 years of on-device updates
© Microsoft Corporation Open to any MCU manufacturer We are licensing our Pluton security subsystem royalty free for use in any chip*
Open to any cloud Azure Sphere is open Azure Sphere devices are free to connect to Azure or any other cloud, proprietary or public for application data
Open to any innovation MCU manufacturers are free to innovate with our GPL’d OSS Linux kernel code base
* Azure Sphere branding requires an Azure Sphere chip with Azure Sphere © Microsoft Corporation OS and Azure Sphere Security Service Our Silicon Partners
© Microsoft Corporation WHEN?
The first devices with Azure Sphere MCUs on shelf September 2018 In preorder now!
© Microsoft Corporation https://www.seeedstudio.com/MT3620-Development-Board-for-Azure-Sphere-p-3052.html#
IoT Edge Solutions
Azure IoT Edge Azure Stream Analytics Azure Monitor Use | | Use
Windows 10 IoT Core Azure Machine Learning Azure Event Grid
Azure Sphere Azure Maps Azure Websites
Azure HD Insight Platform Azure Certified for IoT Spark, Storm, Kafka Microsoft Power BI
Azure IoT Device SDK Azure Event Hubs Microsoft Flow
Azure IoT Hub Device Azure Data Lake Azure Functions Provisioning Service
Azure Time Series Azure IoT Hub Insights Azure Logic Apps Fully hosted and managed by Microsoft
No cloud development expertise required
Device connectivity and management
Azure IoT Central Monitoring rules and triggered actions
User roles and permissions
Analytics, dashboards and visualization
Risk-free trial with simplified pricing End-to-end implementation
Completely customizable
Open-source microservices based architecture
Device connectivity and management
Azure IoT solution Dashboards, visualization, and insights accelerators Workflow automation and integration
Command and control
Preconfigured solutions
Remote Monitoring Connected Factory
Predictive Maintenance Device Simulation Establish bi-directional communication with billions of IoT devices
Enhance security with per device authentication
Provision devices at scale w/IoT Azure IoT Hub Hub Device Provisioning Service
Manage devices at scale with device management
Multi-language and open source SDKs Move cloud and custom workloads to the edge, securely
Seamless deployment of AI and advanced analytics
Configure, update and monitor from the cloud Azure IoT Edge
Compatible with popular operating systems
Code symmetry between cloud and edge for easy development and testing
Secure solution from chipset to cloud Connect millions of devices, integrate your business systems with new analysis tools to gain insights and transform your business.
Get started quickly with preconfigured solutions for common IoT scenarios, using accellerators. Azure IoT Leverage a worldwide ecosystem of experienced IoT partners to tailor IoT solutions to your needs.
Sphere delivers highly secured, Internet connected MCU devices with a purpose built OS & turn-key cloud service guarding every device. https://www.youtube.com/watch?v=iiDF26HNh-Y © Microsoft Corporation Klar til at BYGGE IoT Applikationer? Klar til at BRUGE en IoT Solution? Find alt du har brug for at udvikle selv Brug kontrollerede at industri-specifikke avancerede IoT apps med kendte værktøjer løsninger for at komme igang hurtigt og og udviklingssprog. Byg IoT apps nemt. Prøv IoT løsninger
Azure IoT solutions Azure IoT Build page Azure IoT Hub IoT School acceleratorer
Sphere: https://azure.microsoft.com/da-dk/services/azure-sphere/ Azure IoT: https://azure.microsoft.com/da-dk/overview/iot/ Edge IoT: https://azure.microsoft.com/da-dk/services/iot-edge/ Microsoft Research Paper:
https://aka.ms/7pohsd
“7 Properties of Highly Secure Devices”
© Microsoft Corporation TAK!
Hent præsentationen med mange flere detaljer på Ole Kjeldsen https://aka.ms/olek https://aka.ms/msiot2018 Use common, templates to accelerate your IoT projects and jump ahead of the competition. Hardware Root of Trust Unforgeable cryptographic keys generated and protected by hardware Is your device’s identity and software integrity secured by hardware?
o Hardware to protect Device Identity Some properties o Hardware to Secure Boot depend only on hardware support o Hardware to attest System Integrity
© Microsoft Corporation Dynamic Compartments Internal barriers limit the reach of any single failure Can your device’s security protections improve after deployment?
Some properties o Hardware to Create Barriers
depend on hardware o Software to Create Compartments and software
© Microsoft Corporation Renewable Security Device security renewed to overcome evolving threats and security breaches. Does your device’s software update automatically?
o Cloud to Provide Updates Some properties o Software to Apply Updates depend on hardware, software and cloud o Cloud to Prevent Rollbacks
© Microsoft Corporation Azure Sphere empowers manufacturers to create highly-secured, connected MCU devices
SECURITY PRODUCTIVITY OPPORTUNITY Every device built with The Azure Sphere Azure Sphere empowers Azure Sphere is secured developer experience OEMs to create new by Microsoft. shortens OEM time to customer experiences and market. business models. For its 10 year lifetime.
© Microsoft Corporation Azure Sphere MCUs create a secured root of trust for connected, intelligence edge devices
Microsoft C O N N E C T E D with built-in networking Network Pluton FLASH Connection Security ≥ 4MB Wi-Fi in first chips SECURED with built-in Microsoft silicon Subsystem CONNECTED with built-in networking security technology including the Pluton Firewall Firewall Firewall Security Subsystem SECURED with built-in Microsoft silicon security ARM ARM Cortex-A SRAM Cortex-M technologyCROSSOVER including theCortex Pluton-A Securityprocessing Subsystem power Optimized for ≥ 4MB For real-time brought to MCUs for the first time low power processing
CROSSOVER Cortex-A processing power Firewall Firewall Firewall brought to MCUs for the first time Multiplexed I/O
GPIO PWM TDM I2S UART I2C SPI ADC
© Microsoft Corporation The Azure Sphere OS is optimized for IoT, Security and MCU agility
Azure Sphere OS Architecture
App Containers for App Containers for Secure Application Containers OS Layer 4 POSIX (on Cortex-A) I/O (on Cortex-Ms) Compartmentalize code for agility, robustness & security
On-chip Cloud Services OS Layer 3 On-chip Cloud Services Provide update, authentication, and connectivity
Custom Linux kernel OS Layer 2 HLOS Kernel Empowers agile silicon evolution and reuse of code
Security Monitor OS Layer 1 Security Monitor Guards integrity and access to critical resources
Hardware Azure Sphere MCUs
© Microsoft Corporation The Azure Sphere Security Service connects and protects every Azure Sphere device
Protects your devices and your customers with certificate-based authentication of all communication
Detects emerging security threats through automated processing of on-device failures
Responds to threats with fully automated on-device updates of OS
Allows for easy deployment of software updates to Azure Sphere powered devices
© Microsoft Corporation Modernize MCU development with Azure Sphere and Visual Studio
Simplify development Focus your device development effort on the value you want to create
Streamline debugging Experience interactive, context-aware debugging across device and cloud
Simplify Azure connect Connect your Azure Sphere devices quickly and easily to Azure IoT
© Microsoft Corporation SECURITY PRODUCTIVITY OPPORTUNITY Peace of mind Faster time to market The future is now Protect your products and customers Lower overhead and increase team Transform engagement your products and with our turnkey, 7 property security efficiency with tools that deliver customer strategies, and enable new solution that protects, detects and productivity and dramatically optimize revenue streams with connected crossover responds to threats dynamically so development and maintenance of your chips powerful enough to create next you’re always prepared. device and experiences. generation experiences.
© Microsoft Corporation © Microsoft Corporation MICROSOFT WILL INVEST $5 BILLION IN IoT
Our goal is to give every customer the ability to transform their businesses, and the world at large, with connected solutions.
https://blogs.microsoft.com/iot/2018/04/04/microsoft-will-invest-5-billion-in-iot-heres-why The Internet of Things opportunity
80 billion connected “things” by 2025 - IDC
70% 180 zettabytes digital data by 2025 - IDC value enabled by IoT from B2B scenarios - McKinsey and Company $457 billion global IoT market by 2020 - Gartner Innovation at work – real IoT use cases
Auto
Public Safety Azure IoT Hero Portfolio
Microsoft’s vision is to democratize IoT by allowing everyone to access the benefits of IoT and provide the foundation for digital transformation
Fully managed SaaS Azure Azure IoT IoT Central Best used when you need to get started quickly Edge with minimal IoT experience
+ On-premises processing
Azure IoT Customizable PaaS Adds capacity to solution do local Best used when you need a lot of control over processing accelerators your IoT solution End-to-end implementation
Completely customizable
Open-source microservices based architecture
Device connectivity and management
Azure IoT solution Dashboards, visualization and insights accelerators Workflow automation and integration Command and control
Preconfigured solutions
Remote Monitoring Connected Factory
Predictive Maintenance Device Simulation Accelerate time to value
Start quickly for Finish with your IoT common IoT scenarios application
• Get started in minutes • Fine-tuned to specific assets and processes • Modify existing rules and alerts • Highly visual for your real-time operational data • Add your devices and begin tailor to your needs • Integrate with back-end systems Components of a preconfigured solution
Devices
Web App Active Directory
Back end Cosmos DB systems and Microservices processes MicroservicesMicroservices C# simulator Microservices IoT Hub Logic Apps
VM VMVM Orchestrator VM Azure ML Fully hosted and managed by Microsoft
No cloud development expertise required
Device connectivity and management
Azure IoT Central Monitoring rules and triggered actions
User roles and permissions
Analytics, dashboards and visualization
Risk-free trial with simplified pricing Builder Operator
Product Modeler Device management
Device settings Analytics & dashboards
Template Management Time-series Insights
Rules Workflows Alerts and actions
User and identity management Establish bi-directional communication with billions of IoT devices
Enhance security with per device authentication
Provision devices at scale w/ IoT Hub Device Azure IoT Hub Provisioning Service Manage devices at scale with device management
Multi-language and open source SDKs Azure IoT Hub
Bi-directional communication Enterprise scale and integration End-to-end security IoT Device Management Lifecycle
Replace or decommission Group devices and control devices after failure, upgrade access according to your cycle or service lifetime organization's needs Retire Plan
Monitor device inventory, health Securely authenticate devices, and security while providing Monitor Provision on-board for management proactive remediation of issues and provision for service
Configure
Provide updates, configuration and applications to assign the purpose of each device Azure IoT Hub Device Provisioning Service
Azure IoT Hub Device Provisioning Service Register and provision devices with zero-touch in a secure and scalable way
• Simple "plug and play” provisioning • Minimize manual connection requirements • Enhanced security through HSM • Global availability IoT scale time-series data store
Schema-less store, just send data
Easy IoT Hub connection Azure Time Series Insights
Store, query, and visualize billions of events
Get near real-time insights in seconds
Build apps using Time Series Insights APIs
Render maps and satellite imagery across many geographies
Integrate rich mapping visualizations into applications
Calculate routes from N to N points for optimal Azure Maps calculations
Convert places and addresses to coordinates; or, convert coordinates to addresses or cross streets
Show real time traffic information
Obtain time zone and current time information Location is at the heart of everything Accurate, real time geospatial data is fundamental to the digital transformation of a wide range of industries and use cases, among them…
Mobility Solutions Field Service Automotive
Internet of Logistics Web & Mobile Apps Things (IoT) Why use Azure Maps? Key reasons for customers to opt for Azure Maps for their geospatial needs
In-vehicle use Unrivalled traffic data 30+ languages licensing rights and commercial routing supported
Integrated into Custom data Enterprise Azure IoT visualizations scale Open platform that seamlessly connects things, endpoints, and the cloud
Commercial OS for IoT devices and a modern user experience
Supports the languages and frameworks you already know Windows 10 IoT Trusted platform for security and servicing of for cloud-connected devices
Bring power and capability to the edge
Enable a more nature user interface
• Azure Services & Management on-prem Azure Stack Azure Stack • Managed by Azure or Locally Core Subsystems
Visualize data and learnings
Provision and send data from Stream processing and device to cloud rules evaluation over data
Device Management
Store data Integrate with business processes
Things Insights Actions