What's new in Azure Sphere

Important

This is the Azure Sphere (Legacy) documentation. Azure Sphere (Legacy) is retiring on 27 September 2027, and users must migrate to Azure Sphere (Integrated) by this time. Use the Version selector located above the TOC to view the Azure Sphere (Integrated) documentation.

Azure Sphere is updated on an ongoing basis. Feature releases support new functionality and may include updates to the Azure Sphere OS, SDK and/or Services. Quality releases include bug fixes and security updates only, and may often only include the Azure Sphere OS. Release numbers are typically in year.month format, so 22.04 identifies the release in April, 2022.

Being notified of updates

When new releases occur, we will post notifications on Azure Updates and the IoT Tech Community blog.

Receiving updates

When the OS is updated, it is automatically downloaded from the cloud to Azure Sphere devices that are connected to the internet.

To verify the installed OS version on an attached device, use the following command:

azsphere device show-os-version

SDK updates and Visual Studio / Visual Studio Code extensions need to be manually installed - see these instructions for Windows or Linux. To check which version of the SDK is installed on your computer, use the following command:

azsphere show-version

Retail Evaluation OS releases

The Retail Evaluation program enables backward compatibility testing for applications two weeks before the OS is updated for all devices. We strongly recommend that all production users make use of this test facility. See Set up devices for OS evaluation to find out how to participate.

Reporting vulnerabilities

Azure Sphere encourages security researchers to search for any vulnerabilities and report them responsibly based on Microsoft's Coordinated Vulnerability Disclosure principle to the MSRC Portal. Reports of vulnerabilities may include rewards through the Microsoft Azure Bounty Program. See Azure Sphere CVEs for general information about Azure Sphere CVEs. You can find information about CVEs already published in the MSRC Security Update Guide and in the release-specific details in this article.

September 2024

27 September 2024

Announcement of retirement of Azure Sphere (Legacy) service interfaces in September 2027

The Azure Sphere (Legacy) interfaces, including the Azure Sphere (Legacy) API (also known as PAPI) and the Azure Sphere (Legacy) CLI (also known as azsphere), will be retired on 27 September 2027. From now through 27 September 2027, Azure Sphere (Legacy) will be fully supported, and you can continue to use the Azure Sphere (Legacy) API and CLI interfaces. However, by 27 September 2027, you must migrate to Azure Sphere (Integrated) and start managing your Azure Sphere devices in Azure portal and the Azure CLI, and you must update any custom automation and applications to use the Azure Sphere (Integrated) API.

Azure Sphere (Integrated) supports all Azure Sphere (Legacy) features, and enables you to use other powerful Azure services when managing your Azure Sphere devices, including Microsoft Entra ID, Azure role-based access control, and Azure Monitor.

For more information about the retirement and how to migrate to Azure Sphere (Integrated), see this blog post.

August 2024

19 August 2024

Services (Legacy): invite-user API deprecated

For security reasons, we have removed the "invite-user" API from the Azure Sphere (Legacy) Public API. This API was utilized by the CLI command azsphere register-user, which will now result in an error message. Alternative methods should be used to register Azure Sphere (Legacy) users.

Services (Integrated): New feature for locating a device

You can now search for a device ID across all catalogs to which you have access. If you have Reader or greater Azure RBAC permissions for the device, the search result displays a link to the device, as well as to the device's parent device group, product, and catalog. If you do not have Reader or greater access privileges, the search will return a device not found error.

A new Azure Sphere Gallery Project is available, demonstrating how to connect an Azure Sphere device to an Azure Event Grid namespace over MQTT with the MQTT-C client library. This project makes use of Azure Sphere's wolfSSL TLS library and Device Authentication and Attestation (DAA) certificate mechanism to form connections in a secure, authenticated and attested manner.

July 2024

July 31, 2024

Azure Sphere Security Service starts using new image signing certificate for signing all images production-signed applications and capabilities. Because production devices received that new certificate in the trusted keystore on July 10 (see below), there is no impact on production devices. In certain manufacturing or development scenarios, there is a minor impact.

10 July 2024

This release includes an update to the trusted keystore of Azure Sphere devices which will result in all devices (regardless of whether they are on the Retail or Retail Eval feed) installing this update and rebooting. For more information, see the blog post, Azure Sphere – Image signing certificate update.

What's new in the 24.06 release

25 June 2024

The Azure Sphere 24.06 release includes a bug fix in the Azure Sphere OS only; it does not include an updated SDK. If your devices are connected to the internet, they will receive the updated OS from the cloud.

Fixed bugs and common vulnerabilities in the 24.06 release

The 24.06 release includes updates to mitigate against the Common Vulnerabilities and Exposures (CVEs):

  • CVE-2023-52160

What's new in 24.03 release

26 March 2024

Azure Sphere 24.03 release is now available and includes the following components:

  • General availability of Azure Sphere (Integrated)
  • Updated Azure Sphere OS
  • Updated Azure Sphere SDK for Windows and for Linux
  • Updated Azure Sphere extensions for Visual Studio and for Visual Studio Code
  • Updated samples

Highlights in this release include general availability of Azure Sphere (Integrated), support for custom certificates to connect to Azure IoT, an updated version of cURL for the Azure Sphere OS, security fixes, SDK support for Ubuntu 24.04 pre-release, and simplifications to the CMake toolchain.

General availability of Azure Sphere (Integrated)

We are excited to announce that Azure Sphere (Integrated), a new management interface for Azure Sphere devices, is generally available for production use starting today. Azure Sphere (Integrated) is now the recommended interface for Azure Sphere services, and is no longer labeled Preview in Azure portal.

With Azure Sphere (Integrated), you can manage your Azure Sphere devices directly in the Azure portal and the Azure Sphere extension for Azure CLI. Azure Sphere (Integrated) is based on the new Azure Sphere (Integrated) REST API, built on the Azure Resource Manager platform, and it includes built in support for other powerful Azure services, including Azure RBAC and Azure Monitor.

Updates to Azure Sphere (Integrated) since Public Preview:

  • A new Azure RBAC pre-built role is available: Azure Sphere Owner. The Azure Sphere Owner role provides full privileges for Azure Sphere resources, but unlike the Azure Sphere Contributor role which also provides full privileges, the Azure Sphere Owner role also includes the ability to configure Azure RBAC access for Azure Sphere resources.

  • For easier navigation when viewing an individual product, device group, or device, you now access resource-specific overview information, access control, tasks, and property settings in the updated left menu.

  • You can use Azure Monitor to get alerted when you need to take action due to the two-yearly certificate roll of your catalog CA certificate. For details, see Monitoring Azure Sphere fleet and device health..

If you have not already started using Azure Sphere (Integrated), we recommend you do so now.

A one-time integration step enables you to manage your existing Azure Sphere (Legacy) tenants in Azure Sphere (Integrated). After a tenant is integrated, you can perform management tasks using either Azure Sphere (Integrated) or Azure Sphere (Legacy). You can stage adoption of Azure Sphere (Integrated) by starting with test and development activities in Azure Sphere (Integrated) while continuing to use Azure Sphere (Legacy) for production management workflows until you are ready to fully migrate. While Azure Sphere (Legacy) interface continues to be fully supported, we recommend migration to take full advantage of Azure Sphere (Integrated) features and future enhancements.

For more information, see the blog post Azure Sphere (Integrated) is generally available

New and changed features in the 24.03 OS

The 24.03 release of the Azure Sphere OS includes the following changes:

Fixed bugs and common vulnerabilities in the 24.03 OS release

The cURL version included in the Azure Sphere OS was updated from version 7.69.1 to 7.87.0. The 24.03 OS release includes updates to mitigate against these Common Vulnerabilities and Exposures (CVEs):

Common Vulnerabilities and Exposures (CVEs)
CVE-2022-27774 CVE-2022-27776
CVE-2022-32205 CVE-2022-32207
CVE-2022-32208 CVE-2022-32221
CVE-2022-35252 CVE-2022-35260
CVE-2022-43551 CVE-2022-43552
CVE-2023-23914 CVE-2023-23916
CVE-2023-27533 CVE-2023-27534
CVE-2023-27535 CVE-2023-27536
CVE-2023-27538 CVE-2023-27538
CVE-2023-28319CVE-2023-28320
CVE-2023-28321 CVE-2023-28322

Support for using custom certificates to connect to Azure IoT Services

Azure Sphere devices can now utilize custom certificate chains to connect to Azure IoT Services. Utilizing non-Azure Sphere certificate chains is helpful with applications that have additional organizational requirements around certificate usage. Guidance on connecting with Azure IoT has been updated to describe this use case further. Any customers using the Beta API version of this capability released with the 23.05 OS should migrate to the new APIs by downloading the latest SDK and recompiling their application, noting that function signatures have changed to promote production application of this capability.

New and changed features in the 24.03 SDK and Visual Studio/Visual Studio Code extensions

The 24.03 release of the Azure Sphere SDK and Visual Studio/Visual Studio Code extensions includes the following changes:

End-of-support for Ubuntu 18.04 LTS

Ubuntu 18.04 is now outside Canonical's long-term standard support arrangement. As such the 23.05 SDK was the last Azure Sphere SDK to support this OS version. 24.03 and future SDKs will not support Ubuntu 18.04.

Added SDK support for Ubuntu 24.04 pre-release

The 24.03 SDK adds support for pre-release version of Ubuntu 24.04, adding to the existing Ubuntu 20.04 and 22.04 support. This is for development and test purposes of Ubuntu 24.04 before it is released to the public.

CMake Toolchain changes

In SDK version 23.05 and earlier, the target API set (sysroot) used by Azure Sphere applications had to be specified in both the CMakePresets.json and CMakeLists.txt files, which was duplicative and sometimes required manual update after each SDK release.

To simplify this process, and to streamline future updates, the azsphere_configure_tools and azsphere_configure_api CMakeLists.txt entries have been made unnecessary and deprecated. The build process now only uses the AZURE_SPHERE_TARGET_API_SET value in CMakePresets.json as the source of truth for the targeted API version.

By default, the value of the AZURE_SPHERE_TARGET_API_SET parameter is set to "latest-lts" in CMakePresets.json which means that when the SDK is updated, the project automatically targets the latest API version. If you want to pin the API version to a specific version (e.g., when building apps for manufacturing products with a specific OS version), you should set the AZURE_SPHERE_TARGET_API_SET parameter to that version.

Existing projects will continue to compile with the new SDK, although a warning message will inform the user that they can remove the deprecated CMakeLists.json entries. New projects created based on the GitHub samples will require the 24.03 or later SDK and VS/VS Code extensions.

Updated samples for 24.03

The 24.03 release includes the following changes to the samples:

Updates to Azure Sphere HTTPS cURL Multi sample

The previous Azure Sphere HTTPS cURL Multi sample no longer followed currently recommended cURL best practices, which can be seen in more detail here. While we have preserved compatibility with the old approach, we have updated our sample and would recommend incorporating the latest approach in any software updates or new development work that you may be undertaking.

Updates to samples to use the azure-sphere extension for Azure CLI

We recommend using the now generally available Azure Sphere (Integrated) interface for future development work. The instructions in the sample README files have been updated to use commands in the azure-sphere extension for the Azure CLI.

Azure Sphere (Integrated) Public Preview release

August 8, 2023

We are excited to announce the Public Preview of Azure Sphere (Integrated), a new management interface for Azure Sphere services that is natively integrated with Azure via the Azure Resource Manager.

This Azure Sphere (Integrated) Public Preview comprises:

  • A new REST API for the Azure Sphere Security Services, integrated with Azure Resource Manager
  • Azure Portal and Azure CLI integration
  • Azure Monitor integration
  • Azure RBAC integration

Read this article to find out more about the security, observability, usability, streamlined access to support, and other benefits of these integrations.

During Public Preview, it is recommended to use Azure Sphere (Integrated) for development and test purposes. As best practise, production use cases (e.g. during manufacturing or operations workflows) should not use a Preview product. Therefore for production use cases we recommend you continue to use the existing Azure Sphere Security Service interface, now known as Azure Sphere (Legacy), which continues to be fully supported and generally available.

To find out more about Azure Sphere (Integrated) and Azure Sphere (Legacy), including how to get started, refer to this document.

There is no OS or SDK update as part of this release. Azure Sphere (Integrated) command-line tooling is provided by a new Azure CLI extension that requires the 23.05 Azure Sphere SDK to be installed when using commands that interact with a connected device.

What's new in the 23.05 release

October 26, 2023

The Azure Sphere 23.05 Update 1 release includes the following updates to the Azure Sphere extensions for Visual Studio and for Visual Studio Code:

  • A new shortcut to Azure Sphere (Integrated) catalog management
  • Bug fixes

It does not include an updated OS or SDK.

June 20, 2023

The Azure Sphere 23.05 feature release includes the following components:

  • Updated Azure Sphere OS
  • Updated Azure Sphere SDK for Windows and for Linux
  • Updates to the Azure Sphere extensions for Visual Studio and for Visual Studio Code

If your devices are connected to the internet, they will receive the updated OS from the cloud. You'll be prompted to install the updated SDK on next use, or you can install it now. To install the latest SDK, see the installation Quickstart for Windows or Linux.

Highlights in this release include new cryptographic libraries, default NTP fallback, new beta APIs on Windows for Azure IoT connections using your own certificate, faster and enhanced factory testing, multi-device support for Linux, a new tools repository, and graduation of the Parse Device Logs self-help Gallery project to fully supported status.

New and changed features in the 23.05 OS

The 23.05 release of the Azure Sphere OS includes the following changes:

Microsoft-managed onboard cryptographic libraries

As part of the 23.05 release, Azure Sphere has cryptographic libraries built-in to the OS. Through our partnership with wolfSSL, you can now call select wolfCrypt APIs in your application that allow you to perform ECC or xChaCha encryption and decryption, certificate generation and management, and more without incurring a RAM or flash impact for building these into your application. Instead, you will be serviced by the Azure Sphere OS's built-in libraries, which can be patched and kept up to date by Microsoft. This new functionality is part of our ABI compatibility promise for the life of the product, and you can view wolfSSL’s long term ABI promises on their website, where they also provide examples for how to use these wolfCrypt APIs, such as ECC.

Expanded NTP robustness

In the event that Microsoft NTP timeservers are experiencing an outage, Azure Sphere devices will now attempt to fallback to a NIST NTP server after trying multiple regional Microsoft endpoints, unless a custom NTP is being used with custom fallback configurations. This expands the connectivity robustness of Azure Sphere devices by giving them more options to synchronize for communication to the cloud and other servers. Administrators of Azure Sphere devices behind firewalls can refer to the updated endpoint details here.

3rd Party Certificate Support for Azure IoT (Beta) on Windows

Azure Sphere’s OS includes the Azure IoT C SDK. New for this OS, on Windows, we are previewing APIs as part of our Beta program to utilize certificates provided by the application to connect to Azure IoT, these certificates do not need to be rooted in the Azure Sphere device. This allows easy connection to Azure IoT resources with certificates that root to existing systems. These Beta APIs are optimized for testing currently, but will be updated to support production operations at scale. If you have feedback on these APIs, including production environment requirements, please contact us at AZSPPGSUP@microsoft.com. The new APIs are AzureIoT_OverrideAzureSphereAuthCert and AzureIoT_OverrideAzureSphereAuthPrivateKey.

Update RF Tools OS support and improve tools performance

RF Tools have been updated to include:

  • Support for both Windows and Linux x86 platforms, including multi-device.
  • Performance improvements for reading and writing bufferbin and eFuse data, through new batching OS calls.
  • A Python library, assisting Python users with development of their own scripts and applications.

New and changed features in the 23.05 SDK

The 23.05 release of the Azure Sphere SDK includes the following changes:

Linux multi-device support

The 23.05 SDK adds support for multiple concurrently connected Azure Sphere devices in Linux, bringing this feature in line with existing support on Windows. This has particular relevance to Linux-based manufacturing scenarios.

Additionally, there is no longer a need call the azsphere_connect.sh script when connecting a new device - connection now takes place automatically in parity with existing Windows support. See the updated documentation on Linux SDK installation.

Add SDK support for Ubuntu 22.04 LTS

The 23.05 SDK adds support for Ubuntu 22.04, adding to the existing Ubuntu 18.04 and 20.04 support. The Linux SDK installer can determine the LTS version of Ubuntu you are running and download or install the appropriate SDK.

End-of-support notice for Ubuntu 18.04 LTS

Ubuntu 18.04 is now outside Canonical's long-term standard support arrangement. As such the 23.05 SDK will be the last Azure Sphere SDK to support this OS version. Future SDKs will not support Ubuntu 18.04.

New and changed features in 23.05 for Visual Studio or Visual Studio Code extensions for Azure Sphere

The 23.05 release of the Azure Sphere Visual Studio and Visual Studio Code extensions includes the following changes:

  • Improved debugging experience when debugging real-time capable applications and when debugging multiple applications.
  • Updated New Project templates.

New Tools GitHub repository

A new GitHub repository, Azure Sphere Tools, has been introduced. This repository will contain additional officially supported tools relating to manufacturing, support, and diagnostics. The manufacturing folder has been relocated from the Samples repository, placing manufacturing tools in a single, easy-to-find location, while also reducing the footprint of the samples repository.

The 23.05 release of the Azure Sphere samples, code snippets, and Gallery projects includes the following changes:

The 23.05 release of the Azure Sphere include the Parse Device Logs project that has graduated from the Gallery and is now an officially supported project located in the new Azure Sphere Tools repository.

What's new in the 23.02 release

21 February 2023

The Azure Sphere 23.02 release includes bug fixes in the Azure Sphere OS only; it does not include an updated SDK. If your devices are connected to the internet, they will receive the updated OS from the cloud.

Fixed bugs and common vulnerabilities in the 23.02 release

The 23.02 release includes updates to mitigate against the following Common Vulnerabilities and Exposures (CVEs):

  • CVE-2022-37434 zlib
  • CVE-2018-25032 zlib

The 23.02 release of the Azure Sphere samples, code snippets, and Gallery projects includes the following changes:

The Unicast DNS service discovery Gallery project demonstrates how to perform DNS service discovery by sending DNS-SD queries to a configured DNS server. Unlike multicast service discovery, this mechanism can be used to dynamically open access to not only local, but also remote endpoints in the device firewall at runtime.

What's new in the 22.11 release

1 December 2022

The Azure Sphere 22.11 feature release includes the following components:

  • Update to the image signing keys used by the Azure Sphere Security Service
  • Updated Azure Sphere OS
  • Updated Azure Sphere SDK for Windows and for Linux
  • Updated Azure Sphere extensions for Visual Studio and for Visual Studio Code

If your devices are connected to the internet, they will receive the updated OS from the cloud. You'll be prompted to install the updated SDK on next use, or you can install it now. To install the latest SDK, see the installation Quickstart for Windows or Linux:

Highlights in this release include a new Malloc version, an upgraded Azure IoT C SDK, a DHCP timeout reduction, and the Public Preview of Azure Sphere support for the European Data Boundary.

New image signing keys being used by the Azure Sphere Security Service

The Azure Sphere Security Service now uses new image signing keys. These keys are used by our service to sign any newly uploaded application images and new capability files (for example, when enabling development mode on devices). The 22.11 OS was signed using the old keys, but future OSs will be signed using the new keys. All existing keys continue to be trusted by Azure Sphere devices.

For Azure Sphere devices to accept signatures using the new keys, a trusted keystore (TKS) update was rolled out on November 14, 2022. No user action is required for production devices. For certain manufacturing, development, or field servicing scenarios where the Azure Sphere OS is not up to date, you may need to take extra steps to ensure that newly signed images are trusted by the device – see this blog post for full details.

New and changed features in the 22.11 OS

The 22.11 release of the Azure Sphere OS includes the following changes:

New Malloc version

The Azure Sphere OS continues to support the existing malloc model without any changes required to an application and is binary backward-compatible for all previously built applications. However, a new application manifest option allows developers to opt into MallocVersion=2, which introduces the MUSL v1.2.1+ malloc model, mallocng. This malloc version is more efficient and more secure and significantly improves memory freeing. Samples and tutorials have been updated to use this version by default and we recommend adding it to any new application being developed. For some application scenarios, peak memory usage would be expected to be lower when using this new malloc version.

Upgraded Azure IoT C SDK

We’ve updated the Azure IoT C SDK to the latest version. This SDK includes bug fixes and stability enhancements and is binary compatible with previous versions. All existing apps will benefit from behind-the-scenes improvements administered by the Azure Sphere OS.

DHCP timeout reduction

The DHCP retry timeout has been reduced from 10s down to 1s. This reduction improves battery consumption when a device is waiting for a DHCP lease, which is expected to occur with some network configurations and traffic scenarios.

New and changed features in the 22.11 SDK

The 22.11 release of the Azure Sphere SDK includes the following changes:

Support for other CLI command output formats

As part of the ongoing effort to introduce JSON output to CLI commands, making it easier to script and automate against, azsphere image add and azsphere device show-os-version have been updated to support JSON output. See Supported commands for the list of commands that currently support multiple output formats.

The 22.11 release of the Azure Sphere samples, code snippets, and Gallery projects includes the following changes:

Logging to Azure Sample project

The Logging to Azure Sample project demonstrates how to use IoT Hub in tandem with Azure Data Explorer to capture application-level logs in a way that is both scalable and queryable.

The PWM Audio Gallery project demonstrates how to use the MT3620’s hardware PWM peripherals to generate tonal sounds for use with a buzzer or other audio-generating device, a common product use case.

Public Preview: Azure Sphere support for European Data Boundary

In keeping with Microsoft’s mission to process and store EU data exclusively within the EU (see EU Data Boundary for the Microsoft Cloud), the Azure Sphere Security Service now enables EU customers to process and store image files and device crash dump files within the EU as desired. The new Regional Data Boundary setting is an optional parameter that can be used with the azsphere image and azsphere device-group commands.

For more information, see:

We invite EU-based customers to try this new feature and provide any feedback via email to AZSPPGSUP@microsoft.com.

New and revised documentation in the 22.11 release

Article Changes
Supported output formats for Azure Sphere CLI Updated list of commands that support multiple output formats.

About the 22.10 quality release

25 October 2022

The 22.10 release includes only bug fixes in the Azure Sphere OS; it does not include an updated SDK. If your devices are connected to the internet, they will receive the updated OS from the cloud.

Fixed bugs and common vulnerabilities in the 22.10 release

This release includes general improvements that could result in an expected double-restart for some devices.

The 22.10 release does not include updates to mitigate against any Common Vulnerabilities and Exposures (CVEs).

What's new in the 22.09 release

26 September 2022

The Azure Sphere 22.09 feature release includes the following components:

If your devices are connected to the internet, they will receive the updated OS from the cloud. You'll be prompted to install the updated SDK on next use, or you can install it now. To install the latest SDK, see the installation Quickstart for Windows or Linux:

Highlights in this release include a decrease in the cold boot time to connect-to-cloud for the OS, resulting in lower energy use; best practice guidance for remote troubleshooting, and optimized manufacturing scripts.

New and changed features in the 22.09 OS

The 22.09 release of the Azure Sphere OS includes the following changes:

Expanded Ethernet NIC support

Azure Sphere now supports the WIZnet W5500 10/100 Ethernet network interface adapter for internet-facing connections. This hardware part can increase performance and market availability for wired ethernet applications.

Security protections for rollback attacks

As part of our defense-in-depth against rollback attacks, recovery and rollback to earlier versions of the Azure Sphere OS prior to 22.07 will be unavailable on devices that have already updated to the 22.09 release.

After a device updates to the 22.09 release, it will no longer be able to run a release of the Azure Sphere OS earlier than 22.07. This means that you will be unable to recover a device to an earlier release after it has received the 22.09 update. The 22.07 release will become the earliest release that can be installed on the device.

New and changed features in the 22.09 SDK

The 22.09 release of the Azure Sphere SDK includes the following changes:

Support for other CLI command output formats

Additional CLI commands now support JSON output. This output format makes it easier to script and automate against CLI output. See Supported commands for the list of commands that currently support multiple output formats.

New and changed features in 22.09 for Visual Studio or Visual Studio Code extensions for Azure Sphere

The 22.09 release of the Azure Sphere Visual Studio and Visual Studio Code extensions includes the following changes:

Streamlined setup for real-time capable applications

The 22.09 Azure Sphere release provides a simpler setup process using vcpkg artifacts to bootstrap your development environment to build real-time capable applications. For more information, see Tutorial: Build a real-time capable application.

The 22.09 release of Azure Sphere includes the following changes to the samples, code snippets, and Gallery projects:

Self-help troubleshooting during app development

get-support-data log parsing enables self-help for troubleshooting during app development. When locally connected to a device, use azsphere get-support-data to download a package of logs, errors, and status from an Azure Sphere device. Use the log parsing gallery project to convert binary log data into human-readable format to view system-logged events from the Azure Sphere OS.

Manufacturing tools v1.0.0 release

We have published updated manufacturing tools. These tools enable customers to integrate device REST API commands, normally accessed via CLI, directly into their manufacturing applications in the form of Python PyPy and C# NuGet packages. A YAML OpenAPI definition is also provided, enabling customers to generate their own client libraries in a language of their choosing via tools such as AutoRest.

As these tools communicate directly with the REST API of attached Azure Sphere devices, many commands can see speed-ups of up to 5x compared to scripting against azsphere CLI.

The Azure Sphere Squirrel Gallery project demonstrates running a higher-level scripting language atop the MT3620 chip.

New and revised documentation in the 22.09 release

Article Changes
Supported Ethernet adapters and development boards Topic updated to document support for WIZnet W5500-based Ethernet controllers.
Tutorial: Build a real-time capable application Updated to document an option for vcpkg artifacts to automatically install and configure the GNU Arm Embedded Toolchain.
Best practices for remote troubleshooting New topic that includes a list of questions and flowcharts to help you triage device issues.
Supported output formats for Azure Sphere CLI Updated list of commands that support multiple output formats.

Known issues in the 22.09 release

When using the W5500 to connect to a wired network, if the network cable is unplugged, the interface might still be reported as being “up” by the CLI and through internal APIs. This will be fixed in a future OS release.

Fixed bugs and common vulnerabilities in the 22.09 release

The 22.09 release includes the following updates to mitigate against the following Common Vulnerabilities and Exposures (CVEs):

  • wolfSSL CVE-2022-34293

What's new in the 22.07 release

26 July 2022

The Azure Sphere 22.07 release includes the following components:

If your devices are connected to the internet, they will receive the updated OS from the cloud. To install the latest SDK, see the installation Quickstart for Windows or Linux:

Highlights in this release include a decrease in the time to connect-to-cloud for the OS resulting in lower energy use, publication of best practices guidance for production-ready applications, and publication of optimized manufacturing scripts.

New and changed features in the 22.07 OS

The 22.07 release of the Azure Sphere OS includes:

  • The OS now supports caching of the DAA (customer) certificate in persistent storage. This results in decreased energy consumption at cold boot and decreased time to connect to the cloud after cold boot or power down.
  • The OS has a new API function, Applications_GetOSVersion(), in Applibs applications.h that returns a printable string containing the current OS version.

New and changed features in the 22.07 SDK

The 22.07 release of the Azure Sphere SDK includes the following changes.

Support for monochrome CLI output

Azure Sphere CLI now supports monochrome output for accessibility reasons. Using this command you can manage color setting for messages in Azure Sphere CLI. If you enable the no-color parameter, coloured messages are removed and the originally colored messages are prefixed with DEBUG, INFO, WARNING, or ERROR.

Azure Sphere classic CLI authentication migrated from ADAL to MSAL

The Azure Sphere classic CLI now uses the Microsoft Authentication Library (MSAL) rather than the Active Directory Authentication Library (ADAL), which is being retired. There is no change in the usage of the Azure Sphere classic CLI as a result of the migration to MSAL, and no customer action is required.

Support for other output formats

The following Azure Sphere CLI commands now support the --output or -o parameter to specify the format of the CLI output. See Supported Commands for the list of commands that currently support multiple output formats.

New and changed features in the 22.07 Visual Studio and Visual Studio Code extensions

CMakePresets are now supported by both Visual Studio and Visual Studio Code. The CMakePresets.json file allows you to specify common configure, build, and test options, then share them with developers using other development environments.

The 22.07 release includes the following changes to the samples, code snippets, and Gallery items.

Updates to samples to use non-blocking APIs for Azure IoT

The Azure IoT and ExternalMcuLowPower samples have been updated to avoid using blocking APIs for Azure IoT, and instead use non-blocking APIs. If your application code uses IoTHubDeviceClient_LL_CreateWithAzureSphereDeviceAuthProvisioning we recommend you look at the updated samples and consider whether a non-blocking API pattern would better meet your needs.

Manufacturing samples

We have published updated manufacturing samples. Previously, manufacturing samples were distributed privately, but as of this release the samples will be maintained on GitHub. As part of this, we have published the Device REST APIs (enabling bypassing the CLI to communicate directly with the device's REST API) with both C# and Python support, example applications, and tests. The manufacturing scripts are ported to using these REST APIs. This direct use of device REST APIs enables increased manufacturing speed. For more information, see Manufacturing guide for connected devices.

Updates to FTDI interface guidance and hardware designs

We have made some minor changes to our MT3620 hardware guidance related to how the FTDI programming and debugging interface handles wakeup from low-power modes. This improves compatibility with the Avnet MT3620 V2 module. Some resistor values have been updated in the MT3620 programming and debugging interface. The low-power MCU to cloud sample has been updated to reflect this guidance, and we have issued new hardware samples for low-power MCU to cloud hardware v2.0 and FTDI interface board v2.0 that reflect this updated guidance. The FTDI interface board v2.0 updates also adds dual footprints for Service/Debug, Recovery and SWD connectors.

New snippet for the Applications_GetOSVersion API

The new Get Azure Sphere Device OS Version shows how to get the Azure Sphere Device OS Version in a High-Level application.

New and revised documentation in the 22.07 release

Article Changes
Configure builds using CMake Updated topic to include information about configuring CMakePresets.json with Visual Studio and Visual Studio Code.
Build a real-time capable application Updated topic to describe new CMake configurations and build commands.
Recommendations for developing production-ready applications New topics to provide best practices to verify that your high-level or real-time Azure Sphere applications are ready for pilot or production deployment.
azsphere setting New topic that provides details about the azure setting command.
Supported output formats for Azure Sphere CLI Updated list of commands that support multiple output formats.
Applications_GetOsVersion function Added topic for new API function.
Manufacturing guide Updated to reflect new manufacturing samples published on GitHub.

Known issues in the 22.07 release

If the Wi-Fi network interface is disabled and then the device is rebooted, then an arbitrary value for the interface's hardware address (MAC address) is presented when you run the azsphere device network list-interfaces CLI command or when using the Networking_GetHardwareAddress API. To resolve this, re-enable the Wi-Fi interface and rerun the CLI command or API in order to receive the correct hardware address.

Fixed bugs and common vulnerabilities in the 22.07 release

  • The azsphere tenant create command now works when a locally attached Azure Sphere device is available. In the 21.10 and later releases an error was reported even if the device is connected. The fix now automatically identifies the attached device when creating a tenant.

  • The 22.07 release includes the following updates to mitigate against the following Common Vulnerabilities and Exposures (CVEs):

    • cURL CVE-2022-22576
    • cURL CVE-2022-27775
    • cURL CVE-2022-27778
    • cURL CVE-2022-27779
    • cURL CVE-2022-27780
    • cURL CVE-2022-27782
    • cURL CVE-2022-30115
    • CVE-2022-35821

About the 22.04 quality release

11 April 2022

The 22.04 release includes an upgrade to the Linux kernel (5.10.103) and bug fixes in the Azure Sphere OS; it does not include an updated SDK. If your devices are connected to the internet, they will receive the updated OS from the cloud.

Fixed bugs and common vulnerabilities in the 22.04 release

The 22.04 release includes updates to mitigate against the following Common Vulnerabilities and Exposures (CVEs):

  • wolfSSL CVE-2022-25638
  • wolfSSL CVE-2022-25640
  • C-Ares CVE-2021-3672
  • Linux CVE-2022-0847 ("dirty pipe")

The new Gallery project AzureFunctionApp_AzureSpherePublicAPI demonstrates how to use the Azure Sphere Public API in a Python Azure Function App.

New and revised documentation in the 22.04 release

Article Changes
Stop the Azure Sphere Device Communication Service Added a troubleshooting section related to the installer hanging during installation.
Connect Azure Sphere through a proxy server Added application manifest requirements and information on using MQTT to connect to Azure IoT Hub.
Set up an Azure IoT Hub for Azure Sphere Updated to make the user experience clear and correct.
Set up an Azure IoT Hub for Azure Sphere with the Device Provisioning Service Updated to make the user experience clear and correct.
Set up Azure IoT Edge for Azure Sphere Updated to clarify text and match the Azure UI.
Set up Azure IoT Central to work with Azure Sphere Updated to make the user experience clear and correct.
Azure Sphere OS feeds
- Set up devices for OS evaluation
Updated to clarify how the Azure Sphere OS is deployed in the Retail Evaluation feed.
Manufacturing guide Updated to clarify what is involved in a device manufacturing process.
Manufacturing process preparation New topic that provides details about tasks that should be done prior to performing factory-floor tasks and cloud-configuration tasks.
Factory-floor tasks Updated for clarity. Moved preparation tasks to the new Manufacturing preparation topic.
Cloud-configuration tasks Updated for clarity. Moved preparation tasks to the new Manufacturing preparation topic.
RF tools Added a new section, After completion of RF Tools usage, to describe tasks to be done after you are finished using RF tools.

About the 22.02 Update 1 release

17 March 2022

The Azure Sphere 22.02 Update 1 release includes the following components:

  • Updated Azure Sphere SDK for Windows and for Linux
  • Updated Azure Sphere extension for Visual Studio Code

It does not include an updated OS or an updated Visual Studio extension.

Updates in the 22.02 Update 1 SDK

The updated SDK resolves an issue announced on the Tech Community IoT blog related to the sys/socket.h header musl 64-bit time support that affects API set 12. If you installed the original 22.02 release of the SDK, please install the updated version.

Tip

You can use the Azure Sphere CLI command azsphere show-version to determine which version of the SDK you have. The original 22.02 SDK has the full version number 22.02.3.34006; the 22.02 Update 1 SDK has the full version number 22.02.3.41775. Note that the Azure Sphere Classic CLI only shows the version in the format 22.02.

To install the latest SDK, see the installation Quickstart for Windows or Linux:

Updates in the 22.02 Update 1 Visual Studio Code extension

On Linux, the tenant explorer in the Visual Studio Code extension for Azure Sphere previously displayed an error. The updated extension displays the results correctly.

Updates in the 22.02 Update 1 build environment container

The Azure Sphere build environment container has been updated to the 22.02 Update 1 SDK.

What's new in the 22.02 feature release

The Azure Sphere 22.02 feature release includes the following components:

  • Updated Azure Sphere OS
  • Updated Azure Sphere SDK for Windows and for Linux
  • Updated Azure Sphere extensions for Visual Studio and for Visual Studio Code

If your devices are connected to the internet, they will receive the updated OS from the cloud. To install the latest SDK, see the installation Quickstart for Windows or Linux:

There are also updated samples, code snippets, Gallery projects, and documentation updates.

Important

08 March 2022

The 22.02 SDK has an issue related to the sys/socket.h header and musl 64-bit time support that are included in API set 12. The issue will be resolved in an upcoming update to the SDK. No OS change is required to address this issue. However, for now, if you are using the setsockopt() function defined in sys/socket.h, you should not build your production applications with API set 12. We recommend using API set 11 with the 22.02 release.

This affects only newly-compiled applications built with the 22.02 release. It does not affect:

  • Existing compiled binaries or deployed applications.
  • Applications built with SDKs other than the recent 22.02 release.
  • Applications built with 22.02 SDK but using API sets other than version 12.

New and changed features in the 22.02 OS

The 22.02 release of the Azure Sphere OS includes an upgrade to the Linux kernel (5.10.70), and support for DHCP release and renew.

DHCP release and renew

The Azure Sphere OS now supports DHCP release and renew through new APIs so that high-level apps can control their device IP leases.

The new DHCP sample demonstrates how to use these new APIs.

New and changed features in the 22.02 SDK

The 22.02 release of the Azure Sphere SDK includes support for Windows 11, updates to 64-bit time support, a change to the default logging behavior of the CLI, and an authentication library update to the CLI.

Support for Windows 11

Windows 11 is now supported for Azure Sphere development. If you're using Windows 11, install the 22.02 (or later) SDK.

64-bit Time Support

The 22.02 SDK release updates support for 64-bit time for high level apps. This fixes unexpected behaviors introduced with support for 64-bit time in the 20.10 release.

Application code that makes no assumptions about the size of a time_t value are not affected. However, application code that explicitly or implicitly expects time_t to be 32-bit need to be rewritten to use time32_t instead.

Tip

To ensure your applications continue to work as expected after rebuild, check stack and heap usage, and binary size in your applications. They might grow, as time_t is now 8 bytes instead of 4.

See the C type time_t section of the Base APIs topic for more detailed information.

Configure Azure Sphere CLI logging

The Azure Sphere CLI no longer writes log files to the local disk by default. See Manage log files for details about how to enable and configure logging.

Azure Sphere CLI authentication migrated from ADAL to MSAL

The Azure Sphere CLI now uses the Microsoft Authentication Library (MSAL) rather than the Active Directory Authentication Library (ADAL), which is being retired. There is no change in the usage of the Azure Sphere CLI as a result of the migration to MSAL, and no customer action is required.

The Azure Sphere Classic CLI still uses ADAL, but will be updated before the ADAL retirement date of June 30, 2022. We continue to recommend that you migrate to the new Azure Sphere CLI.

New and changed features in 22.02 for Visual Studio or Visual Studio Code extensions for Azure Sphere

An Azure Sphere extension for Visual Studio 2022 is now available in addition to the existing extension for Visual Studio 2019. The minimum supported version of Visual Studio 2019 is now 16.11.

The Visual Studio and Visual Studio Code extensions for Azure Sphere now provide these capabilities:

  • Configure Wi-Fi in Azure Sphere Explorer.
  • View deployment history in Azure Sphere Explorer.
  • Open disassembly view in Visual Studio Code while debugging.

Configure Wi-Fi in Azure Sphere Explorer

You can now add Wi-Fi networks, connect to them, enable or disable them, and forget them from the graphical interface of Azure Sphere Explorer.

View deployment history

You can now view all the deployments for a given device group using Azure Sphere Explorer, including the date and component ID of each deployment.

Open disassembly view while debugging

The disassembly view provides a low-level view of your native code and augments the usual step-through debugger. This change in the Visual Studio Code extension now provides the same disassembly experience as in Visual Studio.

New and revised documentation in the 22.02 release

Article Changes
Quickstart: Configure networking and update the device OS Includes instructions for configuring Wi-Fi with Azure Sphere Explorer.
View device and tenant information in Azure Sphere Explorer Updated to include new capabilities.
Use GitHub Codespaces to build and debug New topic on using Visual Studio Code to develop applications with GitHub Codespaces.
Memory use in high-level applications Updated to include instructions for creating and running batch script for memory monitoring at a command prompt.
Debug a high-level application Updated to include instructions for opening the disassembly view.
Debug a real-time capable application Updated to include instructions for opening the disassembly view.
Debug partner application Updated to include instructions for opening the disassembly view.
Configure builds using CMake Updated to describe new CMakeWorkspaceSettings.json file needed for projects with multiple roots.
Device identity and security New topic on security considerations and suggested best practices for using device IDs.
View deployment history Updated to include instructions for viewing deployment history in Azure Sphere Explorer.
Manage log files New topic on configuring logging using the CLI.

Fixed bugs in the 22.02 release

The 22.02 release includes the following bug fixes:

  • WifiConfig_GetNetworkDiagnostics returned an unexpected value after attempting a WiFi connection with invalid credentials. The fix returns the correct error message.
  • NTP timesync could be slow and erratic if a custom NTP server is specified. The fix normalizes the timesync process for custom servers.
  • Devices using Ethernet occasionally failed to re-establish network connectivity when a driver error occurred. A fix to the Ethernet network interface driver more consistently re-establishes network connectivity in these cases.

Known issue in the 22.02 release

An error message No section: 'sphere' is displayed in the Azure Sphere CLI if the user is not authenticated. To resolve this, authenticate to the Azure Sphere CLI using the azsphere login command.

About the 22.01 quality release

Azure Sphere did not release an updated OS or SDK for 22.01. See the blog post about the 22.01 release cancellation for more details.

Updates for 22.01 include two new projects in the Gallery, and documentation updates.

Note

In the previous release we informed you that the Azure Sphere Classic CLI would be removed from the SDK starting in April 2022. The timeline for its retirement has been extended. We intend to retire the Classic CLI at a future date, though not before the end of 2022. We continue to recommend that you migrate your processes and scripts to CLIv2.

OpenSourceProjectsSupportingExternalPeripherals is a list of open-source projects that use external hardware with Azure Sphere and the MT3620 chip.

ToggleClassicCLI provides scripts for Windows and Linux that allow you to test the removal of the Azure Sphere Classic CLI (and then restore it). The Azure Sphere Classic CLI has been superseded by CLIv2 and will be removed from the Azure Sphere SDK at a future date. These scripts will help identify dependencies you might have on the Classic CLI.

New and revised documentation in the 22.01 release

Article Changes
Troubleshoot Azure Sphere problems Added troubleshooting steps for error message "Azure Sphere Device Communication Service could not be stopped".
Use service tags to restrict access to Azure Sphere Security Service New topic about how to use the AzureSphere service tag to allow or deny traffic to the Azure Sphere Security Service.
Device capabilities and servicing sessions Added clarification about how devices acquire capabilites, and what you can do with the fieldServicing capability.
Azure Sphere CVEs Added clarification about our participation with the CVE Program and the customer impact of Azure Sphere CVEs.
Guardian modules Updated links, clarified information throughout the topic, and re-organized sections.

About the 21.11 quality release

Azure Sphere did not release an updated OS or SDK for 21.11.

Updates for 21.11 include the following documentation changes and other minor edits:

Article Changes
Device capabilities and servicing sessions Clarifications and corrections on when capabilities are needed and what actions they permit.
Set up Azure IoT Edge for Azure Sphere Updated to include instructions for working with both IoT Edge 1.2 and IoT Edge 1.1.
Azure Sphere CVEs Added information about the contents and timing of published Azure Sphere common vulnerabilities and exposures (CVEs).
Factory-floor tasks Added information on manufacturing states and device capabilities.
device Clarifications and corrections about device capabilities.
Overview of Azure Sphere CLI Clarifications and corrections about device capabilities.

What's new in the 21.10 feature release

The Azure Sphere 21.10 feature release includes the following components:

  • Updated Azure Sphere OS
  • Updated Azure Sphere SDK for Windows and for Linux
  • Updated Azure Sphere extensions for Visual Studio and for Visual Studio Code

If your devices are connected to the internet, they will receive the updated OS from the cloud. To install the latest SDK and extensions for Visual Studio and Visual Studio Code, see the installation Quickstart for Windows or Linux:

Important

The Azure Sphere Classic CLI will not be included in SDK releases starting in April 2022. The Classic CLI was marked as retired in February 2021. If you still have a dependency on the Classic CLI, you must migrate your processes and scripts before April 2022 to avoid disruption.

New and changed features in the 21.10 release

The 21.10 release includes:

Web Proxy Support

Azure Sphere devices can now connect to a network through a proxy server. You can configure a proxy with applibs commands or with the CLI. For more information, see Connect Azure Sphere through a proxy server.

For more information on the available CLI commands, see network proxy.

wolfSSL updated to Version 4.8.1

The Azure Sphere OS now includes wolfSSL 4.8.1. This update brings the latest security fixes and performance enhancements from wolfSSL. In addition, a new ABI is exposed through the OS to prevent man-in-the-middle attacks in some TLS configurations. When using wolfSSL in your application (as shown in the wolfSSL sample), we recommend using wolfSSL_CTX_set_verify to validate the host whenever applicable.

See more information about using wolfSSL_CTX_set_verify on the wolfSSL website.

Verify tenant CA certificate automatically on Azure IoT Hub

We have updated the guidance on how to configure Azure IoT Hub and DPS with Azure Sphere tenant certificates to include a simplified process that does not require a proof-of-possession verification step. For more information, see Set up an Azure IoT Hub for Azure Sphere and Set up an Azure IoT Hub for Azure Sphere with the Device Provisioning Service.

Support for tenant rename

The azsphere tenant update Azure Sphere CLI command enables you to rename an existing tenant. For more information, see the tenant command reference topic.

Specify output format for Wi-Fi commands

The azsphere device wifi commands now support the --output or -o parameter to specify the format of the CLI output. For more information, see Supported output formats.

Using the MT3620 in scenarios where Wi-Fi is not required

We have provided updated software and hardware guidance for scenarios where Wi-Fi is either temporarily or permanently not required, showing how to lower power consumption and simplify hardware designs in such scenarios. See Wi-Fi connections and MT3620 hardware notes for details.

The following Azure Sphere samples have been updated for 21.10:

  • An additional readme was added to the AzureIoT sample to show how to add web proxy support.
  • The HTTPS/cURL samples have been updated to show how to add proxy support.

The following projects in the Azure Sphere Gallery have been added or updated for 21.10:

New and revised documentation in the 21.10 release

Article Changes
Connect Azure Sphere through a proxy server New topic that describes how to configure an Azure Sphere device to connect to the Internet through a proxy server.
Set up an Azure IoT Hub for Azure Sphere Updated topic to include information about automatic and manual verification of a tenant CA certificate on Azure IoT Hub.
Set up an Azure IoT Hub for Azure Sphere with the Device Provisioning Service Updated topic to include information about automatic and manual verification of a tenant CA certificate on Device Provisioning Service.
Update an existing tenant Added information on renaming an existing tenant.
MT3620 hardware notes Updated to include information about disabling Wi-Fi in certain scenarios.
device - Added information for azsphere device network proxy command.
- Updated examples for the azsphere device wifi commands.
tenant update Added information for the azure sphere tenant update command.
Applibs networking reference Added proxy client support APIs.

Known issue in the 21.10 release

Any application built using the 21.10 SDK that uses heap memory allocation tracking will fail to build with the following error:

azsphere_target_add_image_package received an unexpected request to set DEBUG_LIB: libmalloc which is not available in the selected Target API Set. Please select version 10 or later in the CMakeLists.txt.

To fix the error you need to make a small change to one of the SDK CMake files. You need to be an Administrator to change this file.

  • On Windows: C:\Program Files (x86)\Microsoft Azure Sphere SDK\CMakeFiles\AzureSphereToolchainBase.cmake
  • On Linux: /opt/azurespheresdk/CMakeFiles/AzureSphereToolchainBase.cmake

Modify line 13 of AzureSphereToolchainBase.cmake to the following:

set(libmalloc_10_or_later "10" "11" )

This issue will be fixed in the next release of the Azure Sphere SDK.

  • An error is reported when you create a tenant using the azsphere tenant create command. This is because the attached Azure Sphere device is not automatically identified. To fix this, you can provide the device when running the command. For example, azsphere tenant create --device <device-ID> --name <tenant-name>. The fix will be provided in a future release.

Fixed bugs and common vulnerabilities in the 21.10 release

The 21.10 release includes updates to mitigate against the following CVEs:

  • cURL CVE-2021-22922
  • cURL CVE-2021-22923
  • cURL CVE-2021-22925
  • cURL CVE-2021-22926
  • cURL CVE-2021-22946
  • cURL CVE-2021-22947
  • CVE-2021-41374
  • CVE-2021-41375
  • CVE-2021-42300
  • CVE-2021-41376

About the 21.09 quality release

The 21.09 release includes updates to the Azure Sphere OS; it does not include an updated SDK. If your devices are connected to the internet, they will receive the updated OS from the cloud.

Updates to the Azure Sphere OS include:

  • Upgraded Linux Kernel to 5.10.60.
  • Improvements to crash handling to prevent hangs.
  • RS-485 real-time driver demonstrates how to use an M4F core on MT3620 to implement reliable RS-485 communication with inter-core communication to the high-level app on the A7 core.

New and revised documentation in the 21.09 release

Article Changes
Troubleshoot cloud and deployment issues Added troubleshooting information related to claiming a device.

About the 21.08 quality release

The 21.08 release includes the following enhancements and bug fixes in the Azure Sphere OS; it does not include an updated SDK.

  • Security updates
  • Improved stability for ethernet support
  • Improved stability for I2C devices

If your devices are connected to the internet, they will receive the updated OS from the cloud.

There are also new Azure Sphere Gallery samples and documentation updates.

Fixed bugs and common vulnerabilities in the 21.08 release

The 21.08 release includes updates to mitigate against the following Common Vulnerabilities and Exposures (CVEs):

  • CVE-2021-22924
  • CVE-2021-36956

The following new or updated samples were added to the Azure Sphere Gallery, a collection of unmaintained scripts, utilities, and functions:

New and revised documentation in the 21.08 release

Article Changes
azsphere device Reference topic updated for the retirement of --cert-id and --interface-name.
Important changes (retiring features) in Azure Sphere CLI New topic that describes features, commands, or parameters that have been or will be retired or removed from the Azure Sphere CLI.

What's new in the 21.07 feature release

The Azure Sphere 21.07 feature release includes the following components:

  • Updated Azure Sphere OS

  • Updated Azure Sphere SDK for Windows and for Linux

  • Updated Azure Sphere extensions for Visual Studio and for Visual Studio Code

There are also updated samples, tutorials, gallery items, and documentation updates.

If your devices are connected to the internet, they will receive the updated OS from the cloud. You'll be prompted to install the updated SDK on next use, or you can install it now. To install the latest SDK, see the installation Quickstart for Windows or Linux:

Important

30 September 2021

Update 2 for the 21.07 SDK for Windows is now available. This update fixes an installer bug which prevents uninstallation of the Azure Sphere SDK after upgrading to Windows 11.

28 July 2021

Update 1 for the 21.07 SDK is now available. If you had installed the previous release of the 21.07 SDK, you can re-install to get the updated version. The 21.07 SDK release incorrectly removed some retired parameters from the Azure Sphere CLI. The 21.07 Update 1 SDK reinstates these retired parameters to the CLI for backward compatibility purposes. For more information, see Important changes (retiring features) in Azure Sphere CLI.

New and changed features in the 21.07 release

The 21.07 release includes an improvement to how time sync is handled, the ability to track shared library heap memory usage during development, and new ways to authenticate using Azure Active Directory. This release also includes some debugging improvements in the Visual Studio and Visual Studio Code extensions, expanded support of the --output parameter in the CLI, and the ability to get additional device information from some commands in the CLI and Public API (PAPI).

Time sync changes

The time sync process has changed in the 21.07 release to provide a more robust process when the primary time server fails or cannot be reached. Previously, services that depend on completion of time sync could fail to start if time-sync retries prevented time sync from completing. The change adds a fallback mechanism for obtaining accurate time so that time-sync retries do not continue indefinitely.

Heap memory allocation tracking

The heap memory allocation tracking feature provides developers with a convenient way to see memory allocations from libraries included with the Azure Sphere SDK during development of an application. The feature adds a new application capability, HeapMemStats, and a new Azure Sphere SDK library, libmalloc. The feature also includes changes to the output of the Azure Sphere CLI command azsphere device app show-memory-stats and the Visual Studio extension. With these changes, developers can add the HeapMemStats capability to their high-level application, deploy the app to a development-enabled device, and use Visual Studio's Performance Profiler to view the memory used by the SDK libraries called by their app.

Authentication methods using Azure Active Directory

The Azure Sphere Public API (PAPI) supports multiple methods of user authentication and authorization in Azure Active Directory (AAD).

With Azure Active Directory, an application token can be used to authenticate and grant access to specific Azure resources from a user app, service, or automation tool by using the service principal or managed identity method for authentication.

The following authentication methods are now supported using Azure Active Directory:

Additional update status details from CLI and PAPI commands

The Azure Sphere Public API has been extended to include additional device details about the operating system and update status. You can now see the version of the system OS installed on the device, the latest available OS version, when the device was last updated, and when the device last checked for updates. The additional information can be helpful to manage updates to your devices.

The following Azure Sphere API reference pages explain the API response changes in more detail:

Command Description
Devices - Get Gets details for a device.
Devices - List Gets all devices that are claimed to the specified tenant.
Devices - List In Group Gets all devices that are assigned to the specified device group.
Devices - List In Product Gets all devices that belong to the specified product.

In addition, the Azure Sphere CLI has been updated to include these additional device details in the azsphere device list, azsphere device show, and azsphere device update commands using the --query parameter or the supported output formats. For example, azsphere device show --output json.

New and changed features in Visual Studio or Visual Studio Code extensions for Azure Sphere

The Visual Studio and Visual Studio Code extensions include more descriptive names for debug targets. The Visual Studio extension also includes support for heap memory allocation tracking.

More descriptive names for debug targets

The Visual Studio extension now uses the project name for the debug target name. The Visual Studio Code extension shows the project name as before, but simplifies the descriptive text.

Support for other output formats

Additional Azure Sphere CLI commands now support the --output or -o parameter to specify the format of the CLI output. For more information, see Supported commands.

New and updated commands and parameters

Updates to commands:

Command Description
azsphere device network enable Enables a network interface on the attached device.
azsphere device network disable Disables a network interface on the attached device.

Updates to parameters:

Parameter Description
azsphere device network show-diagnostics The --id parameter is changed to --network.
azsphere device network update-interface The --interface-name parameter is changed to --interface.
azsphere device certificate delete The --cert-id parameter is changed to --certificate.
azsphere device certificate show The --cert-id parameter is changed to --certificate.
azsphere tenant create The --force parameter is changed to --force-additional.
azsphere tenant create The --disable-confirm-prompt parameter is new; it disables the user confirmation prompt.

Note

The 21.07 SDK release incorrectly removed the retired parameters mentioned here from the Azure Sphere CLI entirely. The 21.07 Update 1 SDK reinstates these retired parameters to the CLI for backward compatibility purposes. For more information, see Important changes (retiring features) in Azure Sphere CLI.

New and revised documentation in the 21.07 release

Article Changes
Memory use in high-level applications Updated topic to include discussion of heap memory allocation tracking.
Using Visual Studio Code with Secure Shell (SSH) on a remote host New topic describing how to build and debug Azure Sphere applications on a remote host via Secure Shell.
Authentication methods using Azure Active Directory New topic that provides an overview of the supported authentication methods.
Access Azure Sphere Public API with AAD managed identity New topic that provides an overview and steps to access Azure Sphere Public API with AAD managed identity.
Access Azure Sphere Public API with AAD application service principal New topic that provides an overview and steps to access Azure Sphere Public API with AAD service principal.
Access Azure Sphere Public API with your AAD user identity New topic that provides an overview and steps to access Azure Sphere Public API with AAD user identity.
Supported commands Updated the list of commands that support output formats.
device Updates to the commands and parameter descriptions and examples.
tenant Updates to the parameter descriptions and examples.
role Updated topic as the value for the --role parameter is not case-sensitive.

The 21.07 release includes an updated memory usage tutorial, updates to the Azure IoT sample, and three new or updated projects in the Azure Sphere Gallery.

Updated memory usage tutorial

The MemoryUsage tutorial has been updated to demonstrate heap memory allocation tracking.

Updated Azure IoT sample

We made some minor refinements to the Azure IoT sample, including changing the polling rate of IoTHubDeviceClient_LL_DoWork to every 100ms rather than every 1s, following this IoT Hub client best practice. We recommend that you adopt this change in your existing apps.

The following new or updated samples were added to the Azure Sphere Gallery, a collection of unmaintained scripts, utilities, and functions:

Known issues in the 21.07 release

The new update status fields are not displayed in the default CLI output format

The azsphere device list, azsphere device show, and azsphere device update CLI commands will expose the four new update-related fields only when using JSON or another supported output format; the new fields will not show when using the default table format. You can use the --query argument to specify those additional fields for output to a table, but the Device ID might be truncated if the table is too wide. We recommend that you reduce the number of columns in the table so that the Device ID does not get truncated. For example, azsphere device show --query '{DeviceId:deviceId, LastAvailableOSVersion:lastAvailableOSVersion, LastInstalledOSVersion:lastInstalledOSVersion, LastOSUpdateUTC:lastOSUpdateUTC, LastUpdateRequestUTC:lastUpdateRequestUTC}'.

Fixed bugs and common vulnerabilities in the 21.07 release

The 21.07 release includes updates to mitigate against the following Common Vulnerabilities and Exposures (CVEs):

  • CVE-2021-26428

  • CVE-2021-26429

  • CVE-2021-26430

About the 21.06 quality release

The 21.06 release includes bug fixes in the Azure Sphere OS; it does not include an updated SDK. If your devices are connected to the internet, they will receive the updated OS from the cloud.

New and revised documentation in the 21.06 release

Article Changes
Manage tenants Streamlined content about creating, managing, or finding Azure Sphere tenants
Troubleshoot cloud and deployment problems New notes in the Troubleshoot OS updates section and the Troubleshoot deployment updates section
Log in with Azure Sphere CLI New topic that describes the default login with the CLI, and how to log in using a browser.

Three new samples were added to the Azure Sphere Gallery, a collection of unmaintained scripts, utilities, and functions: