Comment by nradov

Actually it isn't necessary. Unlike bridges, very little software is safety critical. Clients don't need to try to distinguish good from bad software development, they can just require a certain level of performance and reliability in the contract with clear financial penalties for failure.