NixOS probably helps with this, but it isn't a requirement - some devices already have a dual-root-type setup where they update the inactive root, boot into it, and the boot sequence doesn't mark it permanently active until it boots properly, reverting to the original root if something goes wrong.
I think if more devices aren't doing this kind of thing then the cost might not make sense to them at all. Perhaps they aren't bricking devices often, or perhaps their support load is low.
But I'm only speculating. I'm all for more NixOS if it helps people.
>dual-root-type setup where they update the inactive root, boot into it,
Fedora-IoT effectively does this with rpm-ostree + greenboot.
Greenboot specifies a series of directories under /etc that organizes your custom scripts (scripts that must not fail, scripts that may fail, scripts to run on success, scripts to run after previous failed, etc) then it marks your current ostree as either being active or auto-rollsback into previous.
I think if more devices aren't doing this kind of thing then the cost might not make sense to them at all. Perhaps they aren't bricking devices often, or perhaps their support load is low.
But I'm only speculating. I'm all for more NixOS if it helps people.