Graceful Collapse – Part 1: Traditional Defences and Resilience in Complex Systems

By Douglas Owen FSI

In this blog I want to explore whether the traditional approaches we use to defend systems from harm can contribute to resilient performance as well.

I will leave the success side of the coin for another day, and focus on the traditional defences below and their capacity to deliver systems capable of minimising harm in the face of great complexity:

  • Redundancy – having more than one system that can performs the same function
  • Segregation – splitting a system up
  • Diversity – having more than one system that performs the same function, but are different from one another
  • Resistance – the inherent capacity of a system to withstand whatever is thrown at it

I think that it’s important to recognise the contribution they can make (and already do make) to resilient performance within the systems that we build. I discuss the inevitable limitations and vulnerabilities too, and the paradox that some of the approaches add to the very complexity that arguably underpins the need for resilient performance in the first place.

The full paper is available here:  

Nov 2016 Graceful Collapse - Part 1 - Traditional Defences (0.8 MiB)

… with a summary in the table below.

Part 2 is now available, it looks at common mode failures in the context of traditional defences and resilient capabilities.

Table 1. Summary of traditional defences, their resilient capabilities and vulnerabilities

Defence Potential Resilient Capability Additional Complexity* Vulnerability
Redundancy •  Allows reconfiguration using redundant systems

•  Can (temporarily) increase capacity by bringing redundant systems on line

+ +
•  Capacity may be degraded depending on performance of redundant systems where one or more has failed

•  Reduced overall reliability by increasing wear across the system

Segregation •  Defence against unforeseen threats of the same generic energy type (e.g. Kinetic, electrical, thermal, etc.)
+ +
•  Connections add failure cascade pathways

•  May only provide defence against specific threat types

Diversity •  Allows reconfiguration using diverse systems less vulnerable to common mode failures
+ + +
See ‘Redundancy’, plus:

•  Increase in system complexity increasing possibility of unanticipated and emergent

•  Complexity hampers usability and sustaining situation awareness

Resistance •  Retain margin of performance over a wider range of operational conditions resisting effects of volatility
•  May only provide margin against specific types of threats

•  Can limit reconfigurability

*Key:      + None / low      + + Moderate      + + + High

You can access the full paper here:

Nov 2016 Graceful Collapse - Part 1 - Traditional Defences
Nov 2016 Graceful Collapse - Part 1 - Traditional Defences
0.8 MiB