We ask the rhetorical question:Can we conceive of a software platform where a program P can be installed so that it performs as the program writer intended, without depending on the correctness and benevolence of other programs on the platform, except where and how P chooses to rely on those other programs?
All commercial platforms fail at this simple goal.
I contend that capability discipline in the platform design is uniquely suited to this obvious goal.
This is an empirical judgement arrived at after looking at architectures of a number of software platforms.
It is not about all conceivable disciplines.