Zymbit provides a hardware-enforced, software-defined security and resilience stack for unattended Linux edge devices operating in zero-trust environments. The platform combines hardware security modules (HSMs), secure boot, file system encryption, and A/B image partitioning to protect and recover edge devices autonomously — without manual intervention. Core components include: - Bootware: Manages OS image updates with redundant A/B or A/S partitions, automatic rollback, and bare-metal recovery. No hypervisor required. - Hardware Security Engines: Physical security modules providing cryptographic services, key management, tamper detection, power monitoring, perimeter circuit monitoring, and self-destruct support. - Secure Compute Nodes: Pre-integrated dev kits and turnkey solutions built on the Zymbit stack. - AI Model Protection: Encrypted delivery and runtime protection of edge AI models, with separate key management for OS, AI models, service access, and I/O hardware. Guards against model poisoning. - OS Image Management: Supports fully custom Linux images (Yocto, Buildroot, etc.) with no vendor lock-in. The stack targets zero-trust provisioning with no trusted human required during setup. It is designed to meet compliance standards including NIS2 and the EU Cyber Resilience Act (CRA). Use cases include adaptive retail, drone infrastructure, autonomous vehicles, factory automation, on-premises key management, and diagnostic equipment.