It can be customized just like linux where you can compile a custom kernel omitting unneeded features and then also ship a small userspace around it, and the core userspace tools are generally a little less feature rich than linux's already.

But it's not a matter of surface area that makes openbsd solid, it's the priorities while writing that affects how every little thing has been written over time.

You can write 10 different versions of a function that all work and are all nominally perfectly free of security gaps.

Yet they will all still be 10 different levels of robust. Some versions will fail as soon as some assumption is violated, and some make fewer assumptions and remain safe even when varying amounts and forms of "that can't happen" happens.

It's not just cosmic ray bit flips either, or a hacker trying to do power glitch attacks or rowhammer etc, stuff that makes the hardware violate it's promises. But stuff like a different developer updating something 15 years later who is not the original and does not realize every single facet of how it works and just how the current implimentation covers all possible edge cases, and so doesn't realize how their change opened up an edge case that was covered before. With fragile code, the new code simply has the new security gap until someone discovers it the hard way. With robust code, it's more likely to still be safe. The edge case maybe makes it fail to function, but not in a way that anyone can use productively.

Not that freebsd is exactly swiss cheese. These are all relative. I would and do rely on freebsd any day.