How Open Source Hardware Increases Security

Security is paramount in virtually all tech-related industries, from mechanical engineering to medical filing. And hardware hacks, in particular, can have some devastating consequences if left unchecked.

Hardware hacks can override software security measures and result in long-term access to sensitive information, such as in the recent China hack. Using seemingly innocuous chips, Chinese hackers were able to gain access to networks that utilized any altered hardware, such as CIA drone operations, DOD data centers, and Navy warship networks.


Fortunately, one security solution lies in open source hardware: devices with their specifications fully available to the public—including potential hackers.

Safety in Transparency

This may sound contradictory, but closed systems can actually be less secure.

The problem lies in the confidentiality—if you know nothing about a piece of hardware, how can you know its security features? Imagine purchasing a car with confidential specs. No outside agencies could vouch for the car’s safety since the inner workings are kept secret.

Would you take the gamble and buy it, even though you have no way of knowing if the car is truly safe to drive?

With open systems, hardware security can be independently verified by government agencies, corporate entities, or crowdsourcing. Open source can be a more secure option because you can make informed decisions about your hardware, rather than blindly trusting a closed system.

Determining whether a piece of hardware has even been hacked in the first place can prove difficult without design transparency. The Chinese hack may have been avoided with open source hardware, as manufacturers or government agencies could have compared affected devices to the source design and notice the hack sooner.

Years of combating software hacks have shown that open source can be far safer than a closed system, hence why all supercomputers run open source software.

Using the Power of the Crowd

Making hardware designs public allows for customized consumer security, especially for consumers who opt to build their own electronics. By opening up hardware for crowd engineering, experts and hobbyists can rise to the challenge and submit their ideas. Crowdsourcing design can drastically improve an initial hardware concept. The more that users can engineer and modify a device, the more secure it can be.

Although open source hardware is not as advanced as open source software, it has the potential to catch up soon. The “benevolent dictator for life” model already present in open source software can apply just as well to hardware, incorporating only modifications from crowdsourcing that actually improve the product or its security, such as with the Lulzbot open source 3D printer.

Open source chip projects are attracting attention from giants like Google, Tesla, Samsung, Qualcomm, and IBM. This opens up crowdsourcing solutions for issues that affect nearly all computer and smartphone chips, such as the ubiquitous Spectre security flaw.

Open source allows the global engineering community to lend its talents in when facing such large-scale problems.

Moving Into the Future

The open source hardware industry will still have its own challenges to face, but further research and new initiatives in the field can drastically improve cybersecurity. If they so choose, governments, engineering firms, and corporations can reap the security benefits of open source by rigorously testing public designs for security flaws.

From the business side, we can look to models already being used in software. Free versions can be made available along with premium, paid versions, akin to the difference between Fedora and Red Hat, two open source products by Linux.

Open source hardware designs already abound on the Open Circuit Institute, Hackaday, and Open Electronics, and this accessibility will only grow more.

What do you think? Do you agree that open source hardware could yield enormous benefits for security in the digital age? Or does the transparency of open source hardware pose more potential risks?