You're correct that this would be very nice to have.
However this is a problem the industry has been struggling with for decades. It's simply not easy (and maybe not even possible) to achieve what you claimed "should" happen. Nobody knows how to produce bug-free software at scale.
I know. I'm just pondering if it's possible to come up with a design that guarantees a secure system even if you assume that all of your protective layers will have security holes in them that you will not be able to patch. Does or can such an architecture exist?
However this is a problem the industry has been struggling with for decades. It's simply not easy (and maybe not even possible) to achieve what you claimed "should" happen. Nobody knows how to produce bug-free software at scale.