[nickpsecurity]

The Shapiro article in Tannenbaum's link is good too. He's a bright guy that did the EROS project for anyone that doesn't know. Here it is in archive.org:

https://web.archive.org/web/20050514121653/http://www.eros-o...

https://web.archive.org/web/20050211090602/http://www.eros-o...

Two other good articles are why the EAL4 evaluations that Windows et al were getting are worthless and what a secure, build system might look like.

https://web.archive.org/web/20040214043848/http://eros.cs.jh...

https://www.usenix.org/legacy/publications/library/proceedin...