Finite state machines make exception processing easier. They also inspire horror in those used to if() then ... else() trees, but them's the breaks. SFAIK, FSM are the difference between high reliability and ... not so reliable systems.
Finite state machines are limited in their ability to compute. That is why they are reliable. If your problem's solution is beyond the ability of a FSM, then you are in the same boat.
Each failure event becomes a state transition instead of an exception. You can then go a long way towards proving that nothing in the FSM object's state was trashed. You can also build a test harness that provides good coverage ( up to 100% ) and documentation of that level of coverage.
That's one way to do hi-rel processing in 'C'.... it all makes choice of language less of an issue. And if you have adequate logging of test site installs ( meaning all state transition data is logged ), then you can reproduce 100% of failures in a controlled environment.
It's not magic, but somehow, making the error cases
explicit events has ( on me at least ) the effect of being
able to reason about them more effectively. It's just another event.
