ABSTRACT
This chapter discusses the basic principles of resilience and shows how they can be applied to the design of an aircraft. Resilience differs from safety in that safety endeavors to prevent the failure of a system, in this case an aircraft. The most obvious example is the Sioux City direct current-10 crash of 1989. In this case, the aircraft lost control when its control system was damaged. The informed operator support rule as formulated by Billings states that the operator, that is the pilot, should be completely knowledgeable about the operations of the automated system. Neutral state is a rule of interest mostly to pilots and to control systems. Loose coupling has to do with slack between elements of the system, so that a failure in one element does not propagate to other elements. The dominant characteristics of physical redundancy are that the system should have two physically identical and independent branches.
