You don't really "prove" statements like that. You get some "expert witnesses" to testify one way or another, and your opposition gets some "expert witnesses" to testify the opposite, and then the judge/jury decides who they think was more credible.

I imagine the way to do this effectively would be to get some well-regarded infosec firms to audit both OSes (from source as much as possible), and also compile lists of vulnerabilities found, fixed, not-fixed, etc. over time. Then you need a witness who can explain all of it in a way that's accessible to and likely to sway a jury.