What is Sovereign Computing

Sovereign computing is infrastructure you control - running on hardware you own or trust, built entirely from open source components, sovereign by design rather than by policy.

It is not a cloud service with a data residency guarantee. It is not a vendor's managed platform with a sovereignty label. It is foundation infrastructure - the layer beneath your applications - that operates on your terms, in your jurisdiction, under your control.

The definition

Sovereign computing infrastructure, as defined by this initiative, is a coherent, integrated set of open source components that together deliver the foundation services any organisation needs to run digital workloads independently.

Core capabilities

Compute, Storage, and Network as a Service

Elastic, programmable infrastructure equivalent to what a hyperscaler provides, running on commodity hardware under your control.

High Availability and Business Continuity

Redundancy and disaster recovery built in, not bolted on. Backup is a means to an end.

Identity and Access Management

Single sign-on and machine-to-machine authentication. Whoever controls identity controls the stack - so identity must be yours.

Zero Trust Security

Encryption in motion and at rest as a baseline. Secrets management. Perimeter and segmentation controls.

Centralised Logging

For diagnostics, performance, security audit, and compliance - in one place, from day one.

Automated Operations

Programmatic install, upgrade, and update. Operable without deep specialist expertise.

Portable Workloads

No lock-in to proprietary formats or interfaces. Data and workloads move freely.

What it is not

Sovereign computing infrastructure explicitly excludes hardware, end-user applications (productivity, collaboration, office tools), traditional platform services such as database-as-a-service, and any single vendor's proprietary solution. These sit above or below the category, not within it.

Sovereign by design

The word sovereign carries specific meaning here. Infrastructure is sovereign when:

• it runs on hardware you own or that is dedicated to you
• your environment is not shared with others at the hardware level
• zero trust is a design principle, not a configuration option
• data is encrypted at rest and in transit as a baseline
• data can be freely exported and imported in standardised formats

Sovereignty is an architectural property, not a contractual one.

The conformance framework

A coherent category requires agreed conformance criteria - a shared definition of what qualifies and what does not. The Sovereign Computing Initiative is developing that framework collaboratively, drawing on existing standards including the Sovereign Cloud Stack, OpenSSF best practices, NIS2, and the Cyber Resilience Act.

The conformance framework will be open, community-governed, and usable directly in procurement.

Optional capability extensions

Beyond the core, the category accommodates optional capability stacks for organisations with specific needs: an AI Stack for inference and model serving, a DevOps Stack for CI/CD and development tooling, a Software Platform for Kubernetes and runtime services, and a Productivity Stack for office and collaboration tools.

These extensions are additive. The core remains minimal, coherent, and independently operable.