Darwin is interesting because of the pace of radical changes to its core components. From dropping syscall backwards compatibility to mandatory code signing to dyld_shared_cache eliminating individual system library files to speed up dynamic executable loading. It's a very results-oriented design approach with no nostalgia and no sacred cows. I think only a big hardware vendor like Apple could pull it off.
Totally. The march continues with userspace drivers and exclaves[1]. I think it's fair to say that security is a big driver for their kernel evolution.
