Two Sundays ago, the licence layer. Permissive licences move ownership cleanly; copyleft absorbs surrounding integrations; AGPL closes the network gap. A licence is a permission slip, and sovereignty is the practice of using it.
Last Sunday, the architectural layer, and the lever beneath it. A single-tree project with one release-engineering team is forkable in a way that a distribution-as-assembly is not; but forkability is only half the answer. The other half is jurisdiction. The institution that governs the upstream sits under some state's law, and forking the source does not fork the governance. The only complete answer is to become the institution oneself, hold the tree, and govern it under one's own law. The single tree makes that affordable to attempt. It does not make it free.
Both pieces ended at the same limit. The licence layer, the architectural layer, even the institutional layer can, in principle, be taken by a receiver determined enough to become the institution. The layer beneath all of them cannot, in the same sense. This Sunday concludes the bow by saying clearly what cannot means at the hardware layer, and what RISC-V actually buys. The discussion uses European examples because they are the most visible in the Western press, but the question runs equally in Beijing, in Bengaluru, and in Brasilia. The honest limit at the silicon is regional-indifferent.
What Sits Below the OS
Underneath the operating system runs a layer whose elements are usually described as firmware and microcode. The two words do not refer to one thing.
The system firmware, formerly BIOS, today UEFI, boots the machine, initialises hardware, and hands control to the OS bootloader. It is a piece of software distributed by the motherboard or laptop vendor, and on some hardware classes it admits open alternatives such as coreboot.
The platform management firmware. On Intel x86 this is the Intel Management Engine (ME), running on a separate small processor inside the chipset. On AMD x86 the equivalent is the Platform Security Processor (PSP), an embedded ARM core in the SoC. Both have full access to system memory and continue to operate even when the system is powered off but connected to mains; the Intel ME additionally carries a network path, through Active Management Technology, that the AMD PSP does not.
And the CPU microcode. The instructions the operating system thinks it issues are, on modern x86, decoded by a microcode layer inside the CPU into the actual hardware operations. Microcode is updateable, signed by Intel or AMD, and shipped through firmware updates. The OS sees the architectural ISA; the silicon executes microcode.
Why These Layers Cannot Be Forked
A piece of software is forkable when one can read the source, modify it, build it, and run the result. The first condition is the binding one. ME firmware is binary-signed by Intel; without Intel's signing key, an altered image will not run. The same is true of the AMD PSP, and the same of microcode updates.
This is not legal restriction. It is cryptographic restriction enforced in silicon. The silicon checks the signature and refuses to run anything not signed by the appropriate party. There is no licence text one could rewrite to change this, and no fork one could maintain. The receiver does not have the key, and will not have the key. The position is not the one with respect to Linux kernel governance, a structural arrangement that could in principle be rearranged. It is the position with respect to a physical object whose internal logic the producer has decided. That object is not under negotiation. It is under purchase. This is, in a precise sense, the layer one cannot fork.
What ARM Is, and Is Not
A common European response to x86's two-vendor lock-in has been to look at ARM. ARM is, after all, British: ARM Ltd is headquartered in Cambridge. Its owner, however, is SoftBank, a Japanese holding company that acquired the firm in 2016; NVIDIA's attempt to buy ARM from SoftBank in 2020 to 2022 was blocked by UK, EU, US and Chinese regulators, and ARM listed publicly in 2023 while remaining majority SoftBank-owned.
ARM is an instruction-set licensor, not a manufacturer. The architecture is licensed to silicon vendors who design and produce chips that implement it. The architecture itself is not open; ARM Ltd licenses it under commercial terms. Each manufactured ARM chip carries its own platform management firmware, often equivalent in posture to the Intel Management Engine and AMD Platform Security Processor; the embedded core inside AMD's PSP is itself an ARM core. ARM is not the answer to the sub-OS problem. It is, in many implementations, the same problem in a different cabinet.
What RISC-V Is, and What It Buys
RISC-V is an open instruction-set architecture, originally from UC Berkeley, now governed by RISC-V International, which moved its incorporation from the United States to Switzerland in March 2020, on purpose, to insulate the open-collaboration model from any single state's trade policy. The specification is published openly, and any silicon vendor can implement it without a licence fee.
This removes one proprietary attach point: the ISA itself. And yet the second Sunday's lesson reappears one layer lower than it was first stated. You can fork the specification; you cannot fork the body that governs it, and that body sits in a jurisdiction like any other. That an open instruction set had to choose neutral ground deliberately is the admission; that the choice did not settle the matter is clear enough from the fact that, by 2024, at least one government was reviewing whether to restrict its own firms' participation in RISC-V at all.
It does not remove every attach point either. A vendor implementing RISC-V still designs the actual chip, and may include proprietary management firmware. SiFive, Andes, and Alibaba's XuanTie line ship chips with their own initialisation firmware. The open ISA does not make every chip open. What it buys is a substrate on which independent silicon design can be built without licensing dependence on ARM or x86, and the substrate is being taken up in several regions: the European Processor Initiative, German and French startups, China's Loongson with its own LoongArch ISA, Alibaba's XuanTie. The shape of the response is similar; the progress is at different stages.
The Floor Is Not Fixed
None of these efforts buys a finished sovereign chip on this side of 2026. Fabrication is its own layer again, and at the leading edge it has belonged, until recently, to three firms: TSMC in Taiwan, Samsung in Korea, Intel in the United States. Europe's most advanced answer measures the distance precisely. SiPearl's Rhea1, described on its 2025 tape-out as the most complex processor ever designed in Europe and intended to power the JUPITER exascale machine, is built on licensed ARM Neoverse cores and fabricated in Taiwan. Europe's most sovereign chip rents its instruction set and borrows its foundry. That is not a failure of a serious project, which it is; it is the shape of the limit, drawn at the exact point European sovereignty currently reaches.
To see how far that point still has to travel, look at what owning the whole depth costs, and the clearest current demonstration is China's. It is offered here as a measure rather than as applause for a party: China is pursuing its own instruction sets, its own fabrication, and its own materials at the same time. SMIC has manufactured five-nanometre-class parts for the Huawei Kirin 9030 without the extreme-ultraviolet lithography that was supposed to be a precondition, with a domestic lithography programme of its own reported in trials; and in the laboratory the push reaches further still, a Peking University group reporting in 2025 a silicon-free two-dimensional transistor, built from a bismuth compound, that under test conditions outran the best comparable devices from the established fabs. That last result is a research finding and not a shipping product, and it would be careless to present a laboratory transistor as a chip one can buy. But the direction is plain, and it sets the scale: the layer one cannot fork is owned only by spending a generation learning to cast it, across material, fabrication and instruction set together. It is the layer with the longest lead time and the highest entry price.
Which returns the question to Europe, and to the honest size of the gap. The EU Chips Act of 2023 is the wager that the distance can be closed, and it is a serious wager; but it is a wager on the 2030s, not a fact of 2026. The sovereignty announced in the present tense, in the directives and the ministerial speeches, owns the software and rents the silicon. The second half of that sentence is the half that tends not to be said aloud.
What Is Achievable Now
The discussion above is not nihilism. The honest limit at the hardware layer does not erase what is achievable at the layers above. A receiver who runs a permissively-licensed single-tree OS, locally built from audited source, on its own hardware in its own data centre, with platform management firmware partially neutralised where the hardware allows, has improved its position with respect to foreign jurisdictional reach more than any number of procurement documents would suggest. The improvement is bounded by what the silicon allows. It is real within those bounds, and the same reasoning runs whether the receiver sits in Paris or in Shenzhen.
The phrase one occasionally hears here, defence in depth, applies in reverse. Sovereignty in depth is the practice of taking each layer that can be taken. The OS layer can be taken. The base-system layer can be taken. The firmware layer can be partially taken. The silicon layer is what one is left with, regardless of which capital is doing the taking. Naming what one is left with is the first step in not pretending one is not left with it.
The Limit
This piece is the honest limit of the bow. OS sovereignty is necessary; it is not sufficient. Architectural sovereignty, the single-tree base system, is the next layer; it is not sufficient either. The hardware layer is the layer below which the discussion ends. Any sovereignty claim, in any capital, that does not acknowledge this is selling something the silicon will not deliver.
A second honest limit: this bow has used European examples as its working case because those examples are the most thoroughly codified in the Western press. The principle does not stop at any border. Sovereignty is not isolation; the aim is not to disconnect from the world, but to know where one's compute actually answers to, and to reduce the unnecessary foreign attach points where the reduction is tractable. The licence layer, the architectural layer, and the partially-tractable firmware layer are where the reduction is tractable. The silicon layer is the one where it currently is not. Treating that fact as the end of the discussion is more honest than treating it as not the end.
Three Sundays on European software sovereignty, and the honest floor is this. Europe is learning to own its software, and it does not yet own its silicon; the most sovereign processor it has designed rents its instruction set and borrows its foundry. That is not a defeat, and it is not a reason to stop. It is the measure of the road still ahead, and the most useful thing this series can do is to name it plainly, rather than let the word sovereignty carry, in the present tense, a weight that only the next decade's foundries can bear.
The licence was the layer with the most words. This was the layer with the fewest, and the most consequence. The third and last on European software sovereignty.