Thou shalt have no other gods before the ANSI C standard 1424

JMFBAH

Not necessarily. It depends on the system.

Keeping a system up is about availability. Ensuring that your data is not corrupted or tampered with (perhaps maliciously) is about integrity. If you are stuck with the choice between crashing the system or allowing the adversary to tamper with your data, which choice you select will depend on your priorities.

It depends on whether integrity is more important than availability. That priority list is dependent on the application, and we cannot a priori pick a single choice that will work all for applications.

Perhaps what you are getting at is that security is not the only priority; another priority is that the services keep working. To put it another way, one way that your service can go down is for it to be hacked; another way that your service can go down is that a security patch or defense can crash it; and if we care a lot about making sure that our services don't go down, we have to weigh these risks. Getting that kind of tradeoff right requires knowing our priorities, knowing how to weight the different goals, and buttessing the risk of different kinds of failure modes. It's not easy.