This talk explores the features that can be added to an RTOS to create more secure microcontroller software. We start with the advantages of partitioning. Then show how to partition code and how to isolate the partitions. These methods build upon the security features of the Cortex-M architecture. Next, methods are introduced to limit system damage by malware that has invaded a partition. The talk includes numerous diagrams and code samples and emphasis is upon practical solutions that work. The presentation is expected to be beneficial to both programmers and security experts -- it introduces many new concepts that go beyond best programming practices. The talk concludes with suggestions for microcontroller security improvements to further advance the state of the art.