Oct. 30, 2019 · 3 min read
Resilience vs Robustness.
Robustness refers to systems that are designed to effectively handle known failure modes
Resilience refers to systems that can handle failures that were not foreseeable by the designer
You can think of robustness as being able to deal well with known unknowns, and resilience as being able to deal well with unknown unknowns.
Resilience and Safety
Vacations are planned outages
– Dave Rensin (Wheel of Staycation)
Good luck is when opportunity meets preparation, while bad luck is when lack of preparation meets reality.
– Eliyahu Goldratt
Johan Bergström points out that the word resilience doesn’t make sense in Scandinavian languages but in English, for example, resilience has different meaning depending on context. It can mean the ability of a material to return to its original state after being stress (the example he uses is a spring returning to its former state after being pulled. Bergström additionally points out that in the psychology “resilience” refers to a human being’s ability to thrive despite adversity (this is called resilience theory), and finally in ecology resilience is the ability to continually adapt to constantly evolving stressors.
When we think of safety it is usually by reference to its opposite, the absence of safety. The traditional view of safety, called Safety-I, has consequently been defined by the absence of accidents and incidents, or as the ‘freedom from unacceptable risk.’ As a result, the focus of safety research and safety management has usually been on unsafe system operation rather than on safe operation. In contrast to the traditional view, resilience engineering maintains that ‘things go wrong’ and ‘things go right’ for the same basic reasons. This corresponds to a view of safety, called Safety-II, which defines safety as the ability to succeed under varying conditions. The understanding of everyday functioning is therefore a necessary prerequisite for the understanding of the safety performance of an organisation.
Erik Hollnagel (Safety I and Safety II)
Resilience is something a system does, not what a system has; creating and sustaining “adaptive capacity” within an organisation (while being unable to justify doing it specifically) is resilient action; and learning about how people cope with surprise is the path to finding sources of resilience.
John Allspaw (Amplifying Sources of Resilience)
Resilience Engineering (RE) is both multidisciplinary field of study as well as a community of practitioner-researchers from multiple high-tempo, high-consequence domains such as aviation, medicine, power distribution, space operations, and critical infrastructure.
John Allspaw (Resilience Engineering: The What and How)
‘Safety differently’ is about relying on people’s expertise, insights and the dignity of work as actually done to improve safety and efficiency. It is about halting or pushing back on the ever-expanding bureaucratization and compliance of work. The cost of compliance and bureaucracy can be mind-boggling—up to 10% of GDP, with every person working some 8 weeks per year just to cover the cost of compliance, paperwork and bureaucratic accountability demands. This is non-productive time. It has also stopped progressing safety. Over the last two decades, safety improvements have flatlined (as measured in fatalities and serious injury rates, for instance) despite a vast expansion of compliance and bureaucracy.
Sidney Dekker (Safety Differently)