Spot on Deptrai ... most of the hardening is a consequence of having a highly structured system necessary both for efficiency and to be testable to get through certification. An attack on an aircraft's critical systems would have to be very determined for many of the reasons you've stated.

You mention backdoors, for critical software all code is reviewed and there must be no redundant or unexectued code. All code must be fully documented. All branches must be executed in test. This leads to the rather interesting situation that within development it might be useful to have the ability to change gains etc. To do so you password protect the data entry. Because the password routine is in the code then it has to be tested, to test it you need to document it, to document it you need to publish the password. So password protection for the Exp. FTEs is more of a gentlemen's agreement Needless to say the production s/w has to have such features removed!