That AVR can still be manipulated. If your definition of safety includes preventing in-person attacks on the data storage, then you pretty much need armed guards.

If that's the standard, then no wonder "software safety is near non-existent".