Lack of imagination when thinking up things that can go wrong.
You would think that the system would report missing configuration files, wouldn't you? But in an embedded system, the more checking you add the more things there are to go wrong. A ship can simply sit in the water - most of the time - a car can generally remain stationary without damage - but suppose a software checking system itself develops an error at several thousand feet? What are the options?
What if it reports a problem with the AE-35 antenna unit, for instance?
I'm glad I don't have to make those decisions.