You make a very good point about maintenance and reliability.
Documentation is key. I too have several pieces of kit that have run for several decades. Just like flash memory that has had too many writes, my own memory is starting to fail. If it were not for the comments, it would take me ages to reverse engineer what was going on. Also, these days, projects often have many authors and each contribution needs to work reliably with each other.
I have spent a good few years in the medical industry on both hardware and software. It's an absolute nightmare and badly miss-understood.
I spent a few years on the safety commitee. The most scary time of my life!
(it's mainly about butt covering and little to do with safety)
Your mention of safety-critical systems made me laugh because it reminded me of some absolute howlers that I've witnessed.
I can't give too much detail for obvious reasons but here are two.
Example 1.
If value > X then do something. 'Comment: Take corrective action.
If value > X then do something. 'Comment: Repeat detection in case first attempt fails.
Seriously, I found those two straight after each other in a piece of code.
The second example was more about how two pieces of kit 'talked' to each other.
One was the main controller (made by company X) and the other was a very lethal business end (made by company Y).
The two communicated via RS232.
All had been working well for several years until one day a unit was installed in France and the lethal bit failed to shut down when told to.
This took a while to fault-find but the findings were unbelievable.
The French cutomer had just installed the recently released French language pack when the life threatening event occured.
The reason:-
To terminate the process, the controller sent the ascii characters STOP. The (now French) business end was expecting FIN.
How that control system ever passed any safety standards is totally beyond me. For starters, a stop command should never be required, it should be a continuous stream of 'keep going'. ASCII words should NEVER be used for control. There are internationally recognised control codes for that.
I could keep going but I won't bore you all. It just astounds me how such things can not only get created but also get past design review and "expert" certification. Mindblowing
Rant over.