The crux is in the "never have been possible" bit. In complex systems, it is impossible to eliminate these potential states with functional programming or any other technique, unsafe states are always potentialities that must be actively controlled.
Another way of casting it is like this. The goal may be:
1. Eliminate possibility code can enter invalid state 2. Control parameters of the system so that it remains in a safe condition
Those are very different goals.
Right, I understand your meaning better.
I agree with you: no matter how good of a job the code (by construction or types or otherwise) does of “making unsafe states unrepresentable”, that in no way makes a real world complex system “safe” by itself.
Code can be structured so that valves may only be open OR closed, but nothing stops the real world from returning a sensor reading that says “the valve is <undefined>”. To remain a “safe” system, the system must deal with inconsistent states like “heisen-valves”.
heisen-valves are a perfect comparison, thank you.