It uses the abomination called PolarSSL with its own history of exploitable vulnerabilities.
True, but genetic diversity in this case is what can save your bacon. Organisms have been doing it for ages.
and was writting with security in mind
Using naive heuristics to defend against SQLi and XSS demonstrates the opposite.
Well, the Hiawatha project is notoriously bad at PR, nevertheless, it's open source, and there are multiple people scrutinising the code. But if you ignore those toy-like security kludges and the over-the-top claims of security, it turns out to be a rather solid platform.