I have been building a project called MADADAH.
It is an offline, hardware-bound safety supervisor for Windows systems. The basic idea is simple: if the required physical authority token is removed, the supervised system halts and stays halted until the proper recovery protocol is completed.
Core design points:
* Fully offline operation
* No cloud dependency
* Physical USB authority token required for runtime
* Halt/latch survives restart and reboot
* No normal software override path
* Dual-token recovery ceremony
* Atomic local JSON state files
* Watchdog-supervised roles
* SHA-256 sealed evidence packs
This started as a solo side project and has turned into a serious safety/control architecture. The current focus is validation, evidence, and making the system boringly repeatable under fault conditions.
I am not pitching this as a replacement for existing security stacks. The goal is to add a hard physical safety layer around systems where "keep running no matter what" is the wrong answer.
Project site:
Evidence page:
https://madadh.systems/evidence
I would appreciate honest feedback from builders, security people, infra people, and anyone who has worked on fail-closed systems.
The question I am trying to pressure-test is:
Where would a physical, offline, fail-closed supervisor be most useful?