ABSTRACT
As the practical interest for resilience engineering continues to grow, so does the need for a clear definition and for practical methods. The purpose of this chapter is to propose a working definition of resilience and analyze it in some detail. The working definition is as follows:
The key term of this definition is the ability of a system to adjust its functioning. (The terms system and organization are used interchangeably in this chapter.) This makes clear that resilience is more than the ability to continue functioning in the presence of stress and disturbances. While the ability of a system or an organization to preserve and sustain its primary functions is important, this can be achieved by other and more traditional means. Continued functioning can, for instance, be achieved by isolating the system from the environment, or by making it impervious to exogenous disturbances. An example of that is the defence-in-depth principle, which means that there are multiple layers of barriers between the system and the environment in which it exists. The defence-in-depth solution can, of course, serve
to protect either the system, the environment, or both. In the field of nuclear power generation, defence-in-depth is defined as:
A simple example of guarding against external disturbances is when I shut the door to my office or study to prevent unwanted noises from being heard (a physical barrier system) as well as to indicate that disturbances are unwanted (a symbolic barrier system; cf. Hollnagel, 2004). A more complex example is the allocation of beds in a post-operative Intensive Care Unit (Cook, 2006). In the case of industrial production, the ability to continue functioning can be ensured by having sufficient buffers for the system, such as resources and supplies. A more extreme example is provided by central command and control facilities for military (and governments), which can either be airborne or located in well-protected centres on – or sometimes under – the ground.
