In 1996 the European Space Agency lost their brand new Ariane 5 launcher on it’s first flight. Here’s a recently updated annotated version of that report. I’d also note that the software that faulted was written using Ada a ‘strongly typed’ language, which does point to a few small problems with the use of such languages.
The first problem is that there are always language trap doors which programmers can exploit. In this case they decided to leave an operand error (an overflow condition) as an unchecked conversion which is all perfectly legal in Ada.
The second problem is that Ada has a ‘fail hard’ approach to error handling, which resulted in it throwing an exception upon detection of the overflow. A slightly less rigorous language would have probably just kept on keeping on.
Language is not enough, software designers and programmers must understand both the power, and limitations, of the tools that they use. Simply requiring the use of ‘strongly typed’ languages as, for example, ISO 61508 does, unfortunately does not automatically confer greater safety.