One OS to rule them all.
Traditional infrastructure stacks are assembled from dozens of independent products. Each one has its own attack surface, its own update cycle, its own configuration language, and its own failure modes. You end up managing the glue between products more than managing your actual workloads.
Every boundary between products is a potential breach point. Every integration is a fragile handshake. Every vendor update risks breaking the one next to it.
Tophan eliminates this by being one OS with integrated Scales — each Scale replaces an entire product category, but shares the same immutable foundation, the same security model, and the same management plane.
The base layer is read-only. Always. There is no mechanism to modify the running OS image at runtime. Configuration is declarative and applied at boot. If something goes wrong — malware, misconfiguration, cosmic rays — reboot and you’re back to a known-good state.
This isn’t a feature bolted on after the fact. The entire system is designed around immutability from the ground up.
Modern threats are automated, adaptive, and fast. Tophan’s security posture assumes the attacker is an AI:
| Defence | How It Works |
|---|---|
| Immutable Base | OS image is read-only. No persistent rootkits. |
| Golden Images | Workloads deploy from verified, signed images. |
| Reboot = Reset | Any runtime compromise is wiped on restart. |
| Microsegmentation | Every workload is network-isolated by default. |
| AI-Aware Monitoring | Behavioural analysis designed for machine-speed attacks. |
| Automated Response | Threat response happens in milliseconds, not minutes. |
| Transparency | Every action is logged, auditable, and traceable. |
Each Scale is a complete, production-ready appliance. A Scale isn’t a wrapper around someone else’s software — it’s a purpose-built system that owns its entire domain.
Scales share:
But each Scale owns its own lifecycle, configuration, and upgrade path. You can run one Scale or fifteen. Add them when you need them.
Tophan uses overlayfs composition for everything — OS, applications, and workloads.
┌─────────────────────────────┐
│ Application Layer │ ← Workload-specific
├─────────────────────────────┤
│ Scale Layers │ ← Feature appliances
├─────────────────────────────┤
│ Configuration Layer │ ← Declarative config
├─────────────────────────────┤
│ Immutable Base Layer │ ← Read-only OS image
└─────────────────────────────┘
Layers are:
This means 100 VMs running the same base OS store that OS exactly once on disk. Updates apply to the base layer and propagate everywhere on next boot. No drift. No snowflakes.
┌──────────────────────────────────┐
│ Dragon's Eye │ Management UI
├──────────────────────────────────┤
│ tophand (Orchestrator) │ System daemon
├──────┬──────┬──────┬──────┬──────┤
│ Hyper│ Net │ Stor │ Sec │ ... │ Scales
├──────┴──────┴──────┴──────┴──────┤
│ Vault (Secrets) │ TPM-backed trust
├──────────────────────────────────┤
│ Immutable Base (Linux) │ Read-only foundation
└──────────────────────────────────┘
Everything above the base layer communicates through well-defined APIs. tophand is the system daemon that orchestrates Scale lifecycle, and Dragon’s Eye is the single interface for humans.