I laughed out loud when I read on the Invisible Things Labs' Blog that
   Xen is "only" a "few hundreds of thousands of lines of code."[1] Sure,
   this is small compared to most modern monolithic desktop OSes, but it's
   not particularly small compared to a stripped down Linux kernel build,
   and it's absolutely gigantic compared to a modern microkernel. The Nova
   Microhypervisor and seL4 are each about 9000 SLOC.
   But when I shared this disbelief with a couple of friends who at least
   have a passing understanding of computer security, each of them just
   shrugged. And of course both Nova and seL4 have had a lot of trouble
   gaining any kind of foothold in the market.
   Am I completely off base in thinking that it should be self-evident
   that one should start building any secure system by minimizing the size
   of their trusted computing base? Or is the issue that applications are
   still the source of most vulnerabilities, so it's premature to try to
   make the kernel super secure? Or that there are too many ways to
   violate isolation in a microkernel by compromising shared server
   processes?
   I ask because I am wondering if I should "learn to stop worrying and
   love the bomb" and (re-)embrace Xen and/or Linux, or if I should
   continue pursuing some approach along the lines of seL4/Nova/Genode for
   building secure systems?
   [1] [1]http://theinvisiblethings.blogspot.com/2012/09/how-is-qubes-os-d
   ifferent-from.html

References

   1. http://theinvisiblethings.blogspot.com/2012/09/how-is-qubes-os-different-from.html