Via Sriram Krishnan I came across the Singularity research project at Microsoft. Singularity is a managed code operating system, a key feature being "dependability", whereby the system runs as expected, without instability due to security vulnerabilities, third party code, and uncertain behavior when software is installed or uninstalled. In much the same way that msil and metadata provide type safety and verifiability in individual managed code programs, they are used correspondingly at the OS level in Singularity, MSIL being using for binary system interfaces and metadata being used to detect problems as soon as possible. Configuration problems are detected as early as possible in the sequence design - compile - install - load - run and if a problem occurs at runtime it is always handled immediately.
Singularity provides strong process isolation in which once a process has been created its code cannot be affected either by accident or by malicious code. Communication between processes is provided by strictly typed bi-directional channels.
This sounds like where Windows should be heading, not least to escape from the current mess its in because of security problems. At the program level we have seen the huge advantages of running managed code with its type safety and verifiability, and its exciting to think those principles could be extended to the whole OS