Delivering secure, end-to-end IoT connectivity is no easy task, and properly integrating this support with an operating system is critical to delivering a secure product. Most developers would prefer to concentrate on their part of the solution while leaving the IoT management and security to others. The challenge is that many players are involved, so doing this from scratch is possible but painful, time-consuming, and expensive.
A host of vendors provide end-to-end IoT solutions, from giants like Google to Amazon to open-source platforms. Of course, Microsoft is up there, too, and ties its IoT offerings to its Azure cloud solution. Microsoft does make some hardware, but it usually wants to sell software and services to companies that develop hardware to work with their solutions. The advantage for Microsoft is that IoT devices garner income for the life of the device, since IoT devices these days are locked into one cloud platform.
Currently, IoT is a matter of partnerships and even Microsoft does this with a vengeance. Of course, the company has been doing this for decades. In our case, it has partnered with MediaTek and Avnet to deliver the Avnet Azure Sphere MT3620 development kit (Fig. 1). The module in the kit is based on MediaTek’s MT3620 SoC.
1. Avnet’s starter kit board includes the compact MT3620 module. It also has sensors and a pair of mikroBus Click board sockets.
This IoT development kit is similar to many others on the market, but it comes with a few major twists including base security built into the chip and a customized version of Linux that takes advantage of that security. That’s right, Microsoft Linux is the base. They don’t actually call it Microsoft Linux—it’s their Linux that includes the company’s own security framework, which is designed to work with its security hardware called Pluton. Microsoft calls its Linux instance Azure Sphere OS.
Pluton is a security subsystem built around an ARM Cortex-M4F (Fig. 2). This core is isolated and controls the rest of the system. It provides secure boot support as well as handles encryption chores. The MT3620 also has a Cortex-A7 with Arm TrustZone support for heavy lifting and running the Azure Sphere OS. Another Cortex-M4F handles most of the peripherals. There’s also wireless support, including dual-band Wi-Fi. That has its own dedicated processor.
2. The MT3620 block diagram highlights the Corex-M4F-based Pluton security subsystem. The Cortex-A7 runs Microsoft’s Linux-based Azure Sphere OS.
NXP Semiconductors announced an i.MX 8 platform with Pluton support that’s similar to MediaTek’s chip. NXP’s chip will also run the Azure Sphere OS.
I like the design of the development board. The MT3620 chip is actually on a module (Fig. 3) that incorporates the wireless support, which has FCC approval. This makes using the module a snap for developers, since additional FCC approval of a product may not be necessary. An on-module antenna and a connector are included for a separate antenna. The pinouts are nicely portioned, making design of a carrier board a snap.
3. The MediaTek MT3620 is available on Avnet’s module used in the development kit. The pinouts are easy to work with when designing a custom PCB.
The mikroBus Click board sockets are a handy way to add extra sensors to augment the ones already on the board (Fig. 4). These include an ambient light sensor, three-axis accelerometer, three-axis gyro, temperature sensor, and barometric pressure sensor. There’s also an unpopulated Pmod socket solder pad, but it shares space with one of the Click board sockets. A couple of I2C sockets for displays and Grove interfaces are in the mix, too. Power sockets can be soldered on, but power can also be supplied by the USB interface used for initial configuration as well as debugging.
4. A range of Click boards are available from a number of sources; it’s easy to design custom boards given the limited number of interface pins.
Getting Started
Now that we’re done with the long explanation about the hardware and operating system, we can move onto what it took to get started. The kit comes in a small box with the board and a short USB cable. The page of directions, typical these days, directs you to the web for more details.
The board comes preprogrammed, but there’s nothing to do with it until you download a bunch of Microsoft software on to your PC, including Microsoft Visual Studio and the Azure SDK. You also need a free account on Azure to connect your newly acquired dev board to the cloud.
I won’t bore you with the details because there are quite a few. Likewise, a number of blogs, PDF files and videos about this platform are available. Unfortunately, though, there’s not one place to find all of them. They’re also all over the place from Avnet’s website, to MediaTek to Microsoft and also Element 14. This is where I found a three-part blog entitled Avnet's Azure Sphere Starter-Kit (Out of Box Demo). It duplicates information found in other sources, but it’s the best for getting started.
The blog and other sources are needed because this kit is designed to be used for development, not just evaluation of an IoT end-to-end solution. In that sense, it’s an ideal platform for developers, since it’s designed to work with the tools that include Azure Sphere and Visual Studio.
The first blog post addresses initial setup and configuration of the board. The second gets into connecting to the cloud and setting up a logical, cloud-based IoT hub that’s used manage the device; in this case, the dev board. The result of this second blog is support for Azure’s Time Series Insights (Fig. 5). This is just one aspect of Azure Sphere. The third blog gets into using IoT Central. I still need to finish this one, but I don’t get a lot of large blocks of free time.
5. Azure Sphere’s web-based cloud interface provides access to the data delivered from the MT3620.
Though it will take a day or three to get to this point, the results are well worth the effort. Once completed, you have the Visual Studio and SDK all set up and have a couple projects in the bag albeit canned demos from the walkthrough.
I still need to explore the development side of things, especially the Azure Sphere OS’s security aspects and how they differ from support like SELinux or Ubuntu’s AppArmor, which I’m more familiar with. I won’t even mention the Azure side of things, as cloud development is a whole other area of development.
In closing, I will mention that the kit differs from many others in that it comes locked down. It’s not an open system on a network when you plug it in, and it takes time and effort to get to the point of doing the programming. This is actually a good thing, because it works from the opposite approach of being very open and unsecured. It would be nice if other development platforms followed this rule.
On the flip side, the system locks you into hardware, a toolset, an operating system, and cloud provider. But this tends to be par for the course when it comes to most IoT solutions. The big hook to all the “free software” is monthly charges for cloud support. Again, this is the norm for an IoT solution where you’re not providing your own cloud.
Though it’s taken me a while to get the kit to do what I expected, I’m happy with the results. I don’t claim to be an expert at developing IoT apps for the MT3620, but I have a good starting point.