Bear is clean-slate resilient operating system design that operates on Intel x86-64 multicore blade servers and ARM embedded systems. The design comprises a minimalist micro-kernel with an associated hypervisor that extensively share code to present a small attack surface. The system places all device drivers in user space and strictly enforces MULTICS-style protections through VT-x and extended page table entries. To achieve resilience, the system continuously and non-deterministically refreshes trust without attempting to detect intrusions. The system uses a diversity loader to ensure that every refresh results in a unique image.