IMO, if you have:

* MPU to segment the kernel mem
* separate stack msp/psp
* some way to signal to the "OS" to clean up the current app
* some way to recover/reinit anything shared with the app

you could do graceful recovery