Definitely! I've worked on the design of these types of systems, there is more subtlety to the security models than people assume. Some of the designs in the wild have what I would consider to be notable weaknesses.

The most interesting subset of these systems are high-assurance bi-directional data paths between independent peers that are quasi-realtime. Both parties are simultaneously worried about infiltration and exfiltration. While obviously a misnomer, many people still call them diodes...

The entire domain is fascinating and less developed than you would think.

And even if you do get it right, there is always that one guy that takes a USB stick and plugs it into your carefully air-gapped systems. And cell modems are everywhere now, and so small even an expert could still overlook one, especially if it is dormant most of the time.

It's in a proto state due to anemic academic funding. We need to throw cash at the problem.

Yes, it is underfunded for sure. I have been underwhelmed by what academia has managed to produce, funding aside. It is a solvable problem but you have to give the money to the people that can solve it in an operational context, which rarely seems to happen.

It is a genuinely fun project for someone with sufficiently sophisticated skill but I suspect there is relatively little money in it, which colors the opportunity and outcomes.

The absence of clear commercial opportunity gives the domain a weird dynamic.