OS is large and complex, even different operating systems may be desired by different customers
Compromise of an OS impacts all applications
Use: Hypervisor, virtual machines, guest OS and applications
Compromise of OS in VM1 only impacts applications running on VM1
Do your taxes in on VM1 while browsing potentially dangerous places on the web on VM2
Compromise of OS(TCB) means an attacker has access to everything.
Getting the TCB right is extreamly important
Smaller and simpler(hypervisor only partitions physical resource among VMs and let us guest OS handle management)
Secure coding is really important when writing the OS which typically is written in languages that are not type safe
