Microsoft Research's Project Sorpis is exploring ways to secure low cost IoT devices
2 min. read
Updated on
Share this article
Improve this guide
Read our disclosure page to find out how can you help MSPoweruser sustain the editorial team Read more
Due to the significant drops in the cost of connectivity, nowadays many electronic devices are getting connected to the Internet. In the coming years, there will be tens of billions of these devices are controlled by microcontrollers. The problem here is that current microcontrollers are not prepared for the security threats posed by the internet connectivity.
Microsoft Research’s Project Sopris team is now exploring ways to secure the vast number of low-cost internet connected devices coming online. They have also published a report titled “The Seven Properties of Highly Secure Devices” outlining their research. They have tested different approaches to device security from silicon to software and they think that optimal device security must be rooted in hardware but kept up-to-date through evolving software.
To test their Sopris security kit, Sopris team has announced a new challenge for the security community. They are going to select 150 security experts to test their Sopris security kit and they will offer bounties ranging from $2,500 to $15,000 USD for submissions of eligible security vulnerabilities that achieve the impact described below.
| Privilege Escalation | Information Disclosure | Remote Code Execution | |
|---|---|---|---|
| User Space | N/A | $2,500 | $5,000 |
| Kernel: Normal World | $2,500 | $5,000 | $10,000 |
| Kernel: Secure World | $5,000 | $10,000 | $15,000 |
| Secure Silicon | $10,000 | $15,000 | $15,000 |
You can read their technical report here. Learn more about this challenge here.
