There are different degrees of badness. You can hurt 1 person, or hurt many people. In a medical device, you can typically only hurt 1 or 2 persons (patient and doctor) at a time. In an airplane or reactor, you can hurt many at once.
Medical devices handle single-point failures ---one thing can go wrong and the device is still safe. It may not work, but it has to fail safe. Of course, for some things and circumstances, not working (availability) can be hazardous.
To some extent there's an analogy between safe programming and legal contracts. You try to predict and handle and exceptions in an intentional way. You might have severability ---where other parts keep functioning if one part craps out--- and watchdog timers ---where functions must be executed in a certain time span. You need to define correct behavior from observables as much as possible.
This makes the game more interesting.
