Let's see if I've got this straight
C is dangerous because of it's memory handling.
C is powerful and flexible because of its memory handling.
Bad developers shouldn't write operating systems.
Bad developers do write operating systems.
Pascal is a poor model for secure OS writing as it's not got enough features to write an OS.
Now let me remind people of a few bits of history.
C was developed to allow Unix and other system apps to be written easily in a time of constrained resources both on the hardware to be supported and the compiling process itself (although I think the DEC Proprietary language "Bliss" was better at optimization it retained the single data type "word" and everything had to built on top of that. Not fun).
C was written by and for the staff at Bell Labs, who included some of the best software developers in the world. Key apps for them included the software to control the US telephone exchanges. This must be reliable.
Nicholas Wirth did not write an OS in Pascal. He and his team at ETH did write an OS in follow on languages Modula 2 (for Lilith workstation) and A2 for the Oberon language. Embedded development could be done on Turbo Pascal because it supported access to the whole memory and IO address space as 2 special arrays with no safety net of any kind.
Ada was specifically written to support real time embedded software development. AFAIK most of the 20 000 different languages the DoD supported, a statistic that got DoD in getting "1 language to rule them all" (to coin a phrase) were assembler languages, followed by things like Jovial, developed exactly for those functions.
But Ada's design-by-committee design stuffed everything but the kitchen sink in and made compiler development a royal PITA.
And all (except Bliss, which is contemporary) were developed after C. A live compiler on the terminal beats a dead tree standard any day. :-( .
The automotive and other industries (medical products IIRC) do have secure C coding standards.
They typically work by assigning all the necessary memory at start up. From then on everything is static allocated.
C & C++ are very powerful. But do you need that power? My experience of embedded was a lot of the time it was "write a hex value to this location and read something at this location."
On that basis being able to specify (at some level in the language) specific hardware addresses (with a bit of in line assembler) were the key needs for those functions.