It is literally impossible with today's software engineering tools. If you want real computer security, we need to rebuild the industry from the ground up with correctness and proofs from step 1. That looks like formal analysis tools and then engineering tools built upon them. This research area has largely stagnated since the 80s & early 90s since no one actually cares about correctness because it is expensive. Without correctness guarantees, you cannot have computer security, full stop. All we have are band-aids on top of the gaping wounds upon which our entire industry was built.
So step one of your new OS engineering process is to build a whole new software engineering paradigm, and all of the engineering tools to go with it, from the ground up, based only on research from like a dozen people that mostly ended around 1990.
So step one of your new OS engineering process is to build a whole new software engineering paradigm, and all of the engineering tools to go with it, from the ground up, based only on research from like a dozen people that mostly ended around 1990.