The purpose of non-destructive testing is to validate form/fit/function - across the entire operational mission/ asset lifecycle/ whatever - contrasted with the STIG/CIS benchmark which throws the real problems "over the wall" to Ken H.
Using the outputs, the lifecycle manager constructs their budget for operations + maintenance (OpEx) and replacement (CapEx).
Physical systems wear out. (Weibull)
Cyber systems fail spectacularly.
CPS systems wear out + fail spectacularly. (Power-law?)
Why is this relevant?
Back in the 1940s, too many planes were falling out of the sky. (Q. How many planes are too many?)
You call this philosophy a "surety system", "fly fix fly", "patch Tuesday", " FAA's approach to the Boeing 737 MAX" - whatever.
Regardless, by the 1950s, it was decided that action needed to be taken. The status quo was unacceptable. It was too expensive for operators.
The national safety council created something called the "Hierarchy of Controls." It was immensely successful. (Planes stopped falling out of the skies.)
You can call this approach "safety by design". This approach and it's benefits are very well documented and might even be applicable to Navy C4ISR.
To tie a bow on this thread:
How can we make Kerberos safe?
This approach is taught in first year engineering.