Critical software should be designed to be robust.
Critical software should then be tested and verified to be robust.
We should not have the slightest worry about the security of a critical system.
All programmers who work on critical systems should have passed TS/SCI level type background checks and should be monitored financially on a continuous basis.
“All programmers who work on critical systems should have passed TS/SCI level type background checks and should be monitored financially on a continuous basis.”
Not realistic. The cost for that would be astronomical and most of the currently employed would fail the checks (other than nuclear plant operators).
“should have passed TS/SCI level type background checks”
Those are absolutely useless these days. They give clearances to anyone who is a US citizen regardless of any previous background in their native country. I have seen Chinese spies get clearances. I’ve seen people who hate the US get clearances. Character is never an issue any more with clearances. Not even a felony conviction stops clearances. As long as you tell the truth on the forms and several people say you are who you claim to be, that’s all it takes.