I am almost sure this is because the system would have to pass a certification procedure somewhere, and for that they would need this level of clarity. Am I right?
Having worked in a couple of safety critical companies, there are things you definitely HAVE to do, but some companies do it better than others.
Some companies have process and development practices down pat: things go smoothly, and meeting the qualification process objectives is easy, because the work has been done right the whole way.
Other companies have less established or less consistent process. They generally meet the process objectives and deliver a working product, but the development process is often more of a struggle, and there is often a lot of "cleaning up" of missed pieces at the end of the release process.
This is just to say: companies and products in the safety critical space don't necessarily have some intrinsic quality, just a higher minimum bar.
In my experience there is exactly 0 correlation between certification needed and code Quality. Right now working in a multi billion company doing SW that must pass many certifications. The code is absolut trash. The tooling is terrible. The people confuse make and cmake. All said. And the SW gets certified, because it is all a matter of how much it costs to certify. It is a kind of high level corruption, that is not seen as corruption.
In my experience there is a correlation. All software I tested that had to be certified had the lowest quality by far. Certification only cared for the happy path and lots of very specific error messages. It was extremely important that the correct error codes were returned in the specified cases. Anything unexpected like e.g. an out-of-memory-error was more or less ignored because the specification didn't consider such kind of error. Even if it made the software unusable - all that mattered was the certification.
