I'm in automotive, but we have similar requirements to medical.
There's no "100% fail proof" solution, it's about determining the modes of failure and addressing them individually and combined, minimizing the risk and defining an acceptable level of it. If you accept that failures are inevitable, which they are, some are likely, some vary rare, you can prepare for them via redundancies, fault tolerant design, etc.. It's also about doing proper system design and performing certain methodologies such as "Failure modes, effects, and diagnostic analysis" (FMEDA)[1], "Fault Tree Analysis" (FTA)[2] and accounting for those.
There are standards like IEC 61508[3], or its automotive adaption ISO 26262, with which certain engineering disciplines and fields must be audited against in order to pass certifications and be able to market the product. In case of ISO 26262 it's not mandatory (will be soon), but good luck explaining any judge or jury why are you the only company in the existence not applying it in your vehicle design.
There's no "100% fail proof" solution, it's about determining the modes of failure and addressing them individually and combined, minimizing the risk and defining an acceptable level of it. If you accept that failures are inevitable, which they are, some are likely, some vary rare, you can prepare for them via redundancies, fault tolerant design, etc.. It's also about doing proper system design and performing certain methodologies such as "Failure modes, effects, and diagnostic analysis" (FMEDA)[1], "Fault Tree Analysis" (FTA)[2] and accounting for those.
There are standards like IEC 61508[3], or its automotive adaption ISO 26262, with which certain engineering disciplines and fields must be audited against in order to pass certifications and be able to market the product. In case of ISO 26262 it's not mandatory (will be soon), but good luck explaining any judge or jury why are you the only company in the existence not applying it in your vehicle design.
[1] https://en.wikipedia.org/wiki/Failure_modes,_effects,_and_di...
[2] https://en.wikipedia.org/wiki/Fault_tree_analysis
[3] https://en.wikipedia.org/wiki/IEC_61508