Many thanks for that most comprehensive answer safetypee.
Do you have any references (PDF or such) where I could read more about that?

This is one of the reasons why I stayed in basic research rather than in applied research.

One has much more freedeom to exploit novel ideas since there are neither economical (as long as you get funding for it) nor safety limitations.
Still even if you try to build a safe computer system for aviation you never know if your specification covers all possibilities (the LH A320 Warsaw
accident is my favorite example for this).
So the implementation of the specification might be 100% correct
but you never know about the specification itself, this is, in a sense, very similar to the axiomatic system of mathematics.

My very personal point of view is that this problem might represent one of the great threats for modern aviation.