Re: some thoughts...
If you are building software that can cause death or injury then YOU are on the hook anyway.
If you use GPL software you are responsible for any flaws in it in exactly the same way as software you write in-house.
Interestingly you are also responsible for any flaws in closed software you use - you have a much tougher job demonstrating to the regulators that you have a way of testing the COTS software to show that it doesn't have any flaws and have plans to remedy them. If you don't have a contract with the supplier saying that they WILL fix any flaws you find then your only remedy is to pull your product from the market.
It is far easier to build (or at least do the regulatory paperwork on) a safety critical system with open source software than closed
The same applies to hardware - I just spent the equivalent of a nice BMW getting a PC built by a certain CPU maker beginning with "I" - EMC tested.
It failed - despite the approval stickers all over its case. I now have to modify the PC to make it pass and show that I will apply the same modifications to all the other units I sell.