Comment by bumby

That requires knowing how it will fail. It’s hard enough to do so with lots of interfaces and even more so when the software is opaque.

Now extend that to safety critical domains where a separate party doesn’t control an API and it gets harder still.