The main exception might be high-assurance systems. They require clear description of requirements, formal specification of design + goals, proof one embodies the other, test cases that show it empirically, replication by third parties, and hostile review (pentesting) of all of that.

Praxis’ method was a practical application of these concepts used in industry:

https://www.anthonyhall.org/Correctness_by_Construction.pdf

If the design is the hypothesis, would you count that as science?