What about hardware malfunctions (Score 1)

This approach can never be trusted. You can't have data of different security levels on the same media, circuitry, network, ..., what ever. Even if you could create secure software - yeah right, this would not protect against a hardware malfunction. Any number of failures could cause secure data to be available at a lower level. Something as simple as scrapped wires touching, or a staple shorting two contacts could echo data into a different virtual machine. Of course such a "malfunction" could be introduced by any person with physical access to any part of the system/network that "sees" this data.

Ken