good idea , never found that OS tho. but i would ask why dont we modify for e.g debian jessie as the host OS and inside of it already installed kvm with whonix workstation and gateway by default in this modified debian, and all of that in one image .ova . and sure this debian can only be updated and also its isolated from all programs which has an outside traffic.
if this step going to be achieved , i think its going to be even more secure theoretically than whonix+qubes, because qubes OS case we r depending on another OS which has its own problems which may affect whonix anonymity. because they didnt design it to support whonix , and we r having this issue with all hosting OSs to whonix, because there is no OS which i know designed to support whonix by default.
so i think this step is very important to make an entire OS presenting anonymity within itself without depending (even by installation) on another OS (like a parasite).