[SentinelLdnma]

Software "engineering" will definitely need to be looked at differently from physical, but there are still things we can do.

Critical systems (or at least the critical subsystems) must not allow any unapproved/untested changes. Hence why it's better for safety controls to be hardware/firmware and not part of a general-purpose OS.

It's one reason why you see separate payment terminal hardware on self-checkout kiosks. The payment hardware is more tightly controlled whereas they can modify the kiosk much faster.

There are also RTOS (real time OS) that offer execution time guarantees. Used in aerospace.