First you miss history. Now economics. High-assurance development of the TCB, critical part of system needing it, cost around 35-50% extra on development. Volume sales spread that out. Windows would cost $100-200 with key pieces done that way. The same basically. Only negative effect is rigorous dsvelopment slows release and upgrade cycle. Many firms maximize profit by shipping often then fixing problems later. Market currently rewards that. It's why Lipner, who led high-assurance VMM, favored quick shipping over security in the SDL he built at Microsoft.
Now, with regulation, you'd still have the same software being developed. The components would be simpler (JSON subset vs XML). Costs spread out in volume. People would get used to new, huge features taking "two or three quarters" (Lipner) instead of a few weeks. Non-paid or non-critical usage could be done to test out proposals without building whole thing.
Far as IoT, solutions already exist that are either inexpensive at OEM level or cheap per unit. Just getting ignored by most of market since there's no regs or liability. Hell, Im typing this on a device running one underneath the OS that cost the same as a ddvice without one. ;)
Now, with regulation, you'd still have the same software being developed. The components would be simpler (JSON subset vs XML). Costs spread out in volume. People would get used to new, huge features taking "two or three quarters" (Lipner) instead of a few weeks. Non-paid or non-critical usage could be done to test out proposals without building whole thing.
Far as IoT, solutions already exist that are either inexpensive at OEM level or cheap per unit. Just getting ignored by most of market since there's no regs or liability. Hell, Im typing this on a device running one underneath the OS that cost the same as a ddvice without one. ;)