You have to start somewhere. Strongly specialized programs that f.ex. never access disk and only access network are a good candidate to be tested in either restricted containers or brand new OS-es that carry legacy baggage.

It's doable, but nobody wants to put in the money, time and energy into pioneering it.