Modular Hardware Design

Hardware that cannot be repaired is hardware that creates dependency. OnionHat favors systems built to be replaced, repaired, and recomposed rather than upgraded through vendor channels.

Design Principles

Repairability

Components should be replaceable without specialized tools or vendor authorization. Failure of one component should not necessitate replacement of the whole.

Availability

Hardware should be obtainable through multiple suppliers. Single-source dependencies are avoided.

Auditability

Where possible, hardware with open specifications is preferred. Closed firmware is treated as a liability.

Simplicity

Fewer components mean fewer failure modes. Complexity is accepted only where it provides clear security benefits.

Hardware Classes

Compute Nodes

General-purpose compute using commodity hardware. Preference for x86-64 and ARM architectures with broad software support.

Network Equipment

Switches, routers, and access points running open firmware where available. Proprietary network equipment is isolated and treated as untrusted.

Storage

Commodity drives with software-defined redundancy. Hardware RAID controllers are avoided in favor of transparent software solutions.

Supply Chain Considerations

• Multiple vendor sourcing for critical components
• Inspection and verification procedures for received hardware
• Preference for hardware with documented firmware update mechanisms
• Awareness of jurisdictional exposure in manufacturing and shipping