Home Consulting Products Open Source About Jobs Book a call
About

Founder-led.
Practitioner-built.

Clewline was founded by someone who has done the work, not observed it, across defence, government, industry, and the open source communities that underpin all of it.

Sal Kimmich, Technical Director at Clewline
Photo coming
  • Top 100 Women in AI Ethics 2025 (AI Ethics World)
  • UK Top 50 Open Source Contributor 2023 (OpenUK)
  • Security Woman of the Year Shortlist 2024
  • PhD University College London
Sal

Technical Director, Clewline.
Technical Community Architect, Linux Foundation CCC.

Sal is a cybersecurity practitioner and technologist with over a decade of experience deploying security at the intersection of systems, policy, and open source governance. Her career spans the Missile Defense Agency, cloud infrastructure startups, and the Linux Foundation.

At the Linux Foundation's Confidential Computing Consortium, she coordinates governance across member organisations including Microsoft, NVIDIA, ARM, and TikTok, working at the layer where sovereignty becomes a technical property, not a policy aspiration.

Her book, Code, Chips and Control, maps the nine sovereignty domains from silicon supply chain to AI vendor risk, and the geopolitical dimensions of hardware security. It is the intellectual foundation for Clewline's consulting approach.

She holds a PhD from University College London, has been recognised as a Top 100 Woman in AI Ethics (2025) and UK Top 50 Open Source Contributor (2023), and was shortlisted for Security Woman of the Year (2024). She is based in Brighton, UK.

Mission

"Sovereignty isn't a policy position. It's a property of a system, and it has to be engineered."

Clewline exists because the organisations responsible for AI and technology decisions need someone who can work from the regulatory text all the way down to the running system. Most advisors work one end or the other.

Affiliations and community roles
Linux Foundation CCC
Technical Community Architect
Governance and technical coordination across the Confidential Computing Consortium member organisations.
CHAOSS
Co-maintainer, Data Science Working Group
Developing metrics and tooling for open source community health.
OpenUK
International Ambassador · Cybersecurity Advisory Board
Representing UK open source interests internationally.
OpenSSF
Contributor
Contributions to Scorecard and SLSA implementations.
Publications and speaking
BOOK - 2024

Code, Chips and Control

Technology sovereignty, hardware security, and the geopolitics of the semiconductor supply chain.

"Data residency is not data sovereignty. Geographic location without verifiable access control guarantees does not satisfy the substance of most regulatory obligations."

Ch.7 - Hypervisors & Virtualisation

Read on Leanpub →
SELECTED SPEAKING

FOSDEM (Workload Identity, Digital Sovereignty), CHAOSSCon (Open Source Community Health), Open Source Day (Indigenous Data Sovereignty, AI Ethics), International Policy Forums (AI Governance, Digital Sovereignty).