ABSTRACT
Resilience engineering wants to differ from safety practices that have evolved differently in various industries. The nuclear industry, for example, relies to a large extent on barriers and defences in depth. Aviation system safety thus seems to run relatively open-loop and represents a partially reactive control of risk. Military systems, having to deal with active adversaries, emphasise hazards, hazard analysis and hazard control, relying in large part on top-down approaches to making safer systems. In contrast with aviation, this represents a more proactive control of risk. The role of a safety organization in fanning discussion about risk alive, by the way, is problematic. But a safety department has to reconcile competing demands for being involved as an insider, while being independent as an outsider. In addition, a strong safety department could send the message to the rest of an organization that safety is something that can and should be delegated to experts; to a dedicated group.
