Well, virtually all modern cars have software running critical systems. How is that regulated? I don't think it would be too difficult to adapt those regulations to flying "tacocopters".

One of the most basic safety measures cars take is to reboot critical systems several times an hour and have mechanical backups so the breaks both work and can overpower the engine. You can't exactly do that with a drone.

I am not aware of a single automotive subsystem controller (or any other embedded system for that matter) that reboots as a preventative mechanism. For handling an unrecoverable error, yes, that's standard practice. But rebooting in an attempt to prevent errors? That screams bad design.

Can you offer more details?

