Key aspects from the talk iirc (I was in the audience :)):
* Real time embedded CPUs are usually without an MMU -> kernels such as FreeRTOS lack secure memory due to the lack of MMUs in those CPUs
* A kernel targeting embedded CPUs with MMUs that supports secure memory management
* Secure memory communication a there called server/client method to communicate leveraging Rust borrow checker build time for later having "user-land processes" to communicate via pages.
These things combined allow a very small kernel, with user-space implementation of usually kernel-level functionality, such as the system clock timer (presented in the talk).
All of this is meant to provide a complete trustworthy processing chain, from CPU dies that can be inspected through infrared microscopy through the CPU epoxy package/cover to the entire build/software tool chain.
The Xous OS project both takes care of the Kernel, but also the CPU/RISC-V runtime with an MMU, something that is usually quite difficult to obtain - but due to synergy effects with another chip consumer/organization they managed getting their custom processor manufactured.
The problem is : do you trust your hardware? If not can you build, or buy, hardware that you can verify? So they built https://www.crowdsupply.com/sutajio-kosagi/precursor with an FPGA instead of a CPU from Intel or SpacemiT and are going up and down the chain to insure that EVERYTHING can be inspected.
It's about providing the security benefits we get from MMUs (e.g. process isolation) to microcontrollers. There are no OSes for that space because basically no microcontrollers have MMUs. They had to make one for this OS.
I highly recommend watching the talk, it's very good!
