Testing using simulated inputs is how we usually do it. (Not just for SDCs.) Take publicly available data sets, internally generated test rides, crest a fuzzing process, and run lots and lots and lots of simulations.
Parts of the analysis would also just be via plain old six sigma style PHA, FMECA, fault trees, etc; for hardware failures mostly. The use of fail safe style code analysis will depend on how the software works; neural networks are still opaque to these processes.