Currently, each Sovereign Stack deployment is composed of full Virtual Machines. Full VMs have greater overhead than using System Containers. This roadmap item would add the ability for System Owners to deploy Sovereign Stack workloads using System Containers instead of VMs.
This will result in better performance, but has some security trade-offs; in summary full VMs provide better isolation but have higher overhead, while system containers are more lightweight but have less isolation. The choice between them depends on the specific security and performance requirements. Full VMs are considered the most secure, and thus default.