We secure systems because there is some risk of an event happening that we'd like to mitigate, and there's always going to be a tradeoff between the ability to work effectively and avoid the potential problems. So first you need to know what specifically you're trying to avoid, and then you can look for ways of preventing that.
So let's say the military of North Bonanzallia is working on some top secret missile guidance software based on garbonzo rays. Everyone already knows how to drive the missile, so there's no risk in that part getting out. Also, even though Garbonzo rays are secret, guiding a missile using images is well known. So if the code for the missile guidance system gets out, it would reveal details of how the garbonzo ray generating hardware worked (let's say it needs special pulse timing or whatever), but it wouldn't reveal the secret of how the garbonzo rays are created.
So, only the team working on the API that translates the garbonzo rays into an image needs to work in an EM sealed room with strict network control and mandatory searches and scans.
They would run source control on a server in that room, and the machines in the room would not be able to communicate with anything outside. The other teams can then integrate their pieces in another room, without any code leaving the secure zone. The application code can then come into the secure zone for testing, and redacted reports can leave the secure zone.
So, really, any version control system will do.
