This is not a feature of Device OS, but you could add a feature to your user firmware fairly easily.
You store a flag and a counter in EEPROM or the file system. It could be in retained memory on Gen 3 and earlier, but that won't work right for this code on Gen 4 (P2, Photon 2, M-SoM).
You clear the successful boot flag at the very beginning of setup, and set it sometime later from loop, like 3 minutes after boot. You can use the millis() counter to check, which resets to 0 on system reset. Also clear the counter in successful boot.
If, at boot, you already have a clear boot flag, you increment a counter. If that counter exceeds 2 or 3, then you are in a rolling reboot, and you call System.enterSafeMode() so the device goes into safe mode and does not run your firmware but can be flashed OTA.