[citation needed] Using a default privilege among many compiled programs allows corruption to grow without any method of error detection.
The immutable capability keys, exclusive to six Church instructions, navigate the computational context of a Turing machine through the separately programmed structure of the object-capability model.
The laws of the lambda calculus are implemented by the Church instructions with micro-programmed access to the reserved (hidden) capability registers.
The structure of function abstractions, including those for memory management, input, and output, scheduling and communication services are protected as private frames in a thread.
Capability limited addressing detects and recovers from errors on contact without any harmful corruption or information theft.
The imperative Turing commands must bind to binary data objects as defined by the selected capability register.
Instead of binding instructions to static linear memory as a default shared privilege used by malware and hackers, instructions are bound to typed and protected, private digital objects using capability keys in a capability-based security system of immutable mathematical symbols.
[1] Manufactured by Plessey company plc in the United Kingdom in 1970, it was successfully deployed by the Ministry of Defence for the British Army Ptarmigan project[4] and served in the first Gulf War as a tactical mobile communication network switch.