[petra]

That's true.

Altough i wonder: why didn't someone with deep security expertise, maybe ARM with it's mbed,created something developers can't harm, and on the other hand, issue a product label saying:"this is protected by our stack..." ?

I could see that be attractive to some b2b buyers, attracting devs, further strengthening the value of said label , increasing marketshare and reducing costs, and creating a positive feedback.

[nickpsecurity]

They did. It's mostly bs, though, since they cut corners too or cant impact the software lifecycle enough. Few people trust those labels. It could still be done, though, in a way along lines of Underwriter Laboratories and Consumer Reports with private evaluations.