Few years ago I was working a secure system for
XXXXXX and I received a weird demand: Create a top-secret Cryptographic Algorithm. The reason behind working on the system was that there was a suspicion that US agencies had
bloated and inserted back-doors in the application even though the source code was available.
Problem is that a top-secret Cryptographic Engine can never be proven to be secure that is why all Cryptographic engines are released in public domain.
Kerckhoffs's principle - Wikipedia, the free encyclopedia
Unfortunately our top agencies are being run by
monkeys who know nothing and make weird demands which can never be fulfilled by serious professionals.
And yes you are right, creating an OS is not an easy task, even for the government agencies, forget about the Kernel, even the boot-loader is too complicated. That is why there are hundreds of thousands of Linux System Programmers but only a few hundred Linux kernel developers.
BTW, quest for that "hardened OS" has been going on since stone age and it will continue until eternity. It will never be achieved because they will never be able to arrange proper budget and most importantly, proper people.