Such architectures have been commercially deployed in embedded, mobile, and desktops for quite a while. Earliest one I remember still supported was about 2005 for x86 desktops. All by companies or CompSci groups much smaller than VMware in labor and budget simply applying methods that worked in the past in high-assurance security. Cutting assurance down where complexity or budget demanded but only where it was necessary. These big, mainstream companies cut it way down for reasons of profit maximization of existing market share. Then they end up at Pwn2Own or their customers on breach lists.
