Even for a non-RT system there is usually no proof that a full system failure won't occur. E.g. Linux has no proof that a kernel panic won't occur. Systems that claim to conform to POSIX standards rarely have a proof of this. If some organisation can trace all the cases of system failure to hardware failures they may choose to trust claims made by software, including hard real time claims, without formal proof.