Microsoft Research's Project Sorpis is exploring ways to secure low cost IoT devices

Reading time icon 2 min. read


Readers help support MSPoweruser. When you make a purchase using links on our site, we may earn an affiliate commission. Tooltip Icon

Read the affiliate disclosure page to find out how can you help MSPoweruser effortlessly and without spending any money. Read more

Due to the significant drops in the cost of connectivity, nowadays many electronic devices are getting connected to the Internet. In the coming years, there will be tens of billions of these devices are controlled by microcontrollers. The problem here is that current microcontrollers are not prepared for the security threats posed by the internet connectivity.

Microsoft Research’s Project Sopris team is now exploring ways to secure the vast number of low-cost internet connected devices coming online. They have also published a report titled “The Seven Properties of Highly Secure Devices” outlining their research. They have tested different approaches to device security from silicon to software and they think that optimal device security must be rooted in hardware but kept up-to-date through evolving software.

To test their Sopris security kit, Sopris team has announced a new challenge for the security community. They are going to select 150 security experts to test their Sopris security kit and they will offer bounties ranging from $2,500 to $15,000 USD for submissions of eligible security vulnerabilities that achieve the impact described below.

Privilege Escalation Information Disclosure Remote Code Execution
User Space N/A $2,500 $5,000
Kernel: Normal World $2,500 $5,000 $10,000
Kernel: Secure World $5,000 $10,000 $15,000
Secure Silicon $10,000 $15,000 $15,000

You can read their technical report here. Learn more about this challenge here.

More about the topics: IoT, microsoft research, Project Sopris, Secure IoT devices, Vunlerabilties