This article appeared in Volume 19, Issue 2 July 2016 of the Insight magazine How resilience engineering maintains sustainable value Scott Jackson, jackson@burnhamsystems.net ABSTRACT The purpose of this essay is to show that the concept of the resilience of an engineered system is in agreement with the concept of sustainable value. The INCOSE Resilient Systems website (INCOSE 2015) defines the resilience of an engineered system as β€œthe ability to provide required capability in the face of adversity. Similarly sustainable value has its roots in economics. According to (Hart and Milstein 2003), a sustainable enterprise β€œis one that contributes to sustainable development by delivering simultaneously economic, social, and environmental benefitsβ€”the so-called triple bottom line.” So to the extent that capability is aligned with stakeholder value, resilience supports the goal of sustainable value. Capability may be some degree of system performance or simply sustaining human life following an encounter with a threat. Adversity can be external or internal threats. External threats can be natural, such as earthquakes, or human-made such as terrorist attacks. Internal threats may be human error or software faults. RESILIENCE PERSPECTIVES Historically resilience was perceived to apply to the recovery of an entity after a disturbance. This was known as the reactive perspective. Both the fields of material science and psychology adopted this approach. However, modern resilience engineering has adopted both the proactive and reactive perspectives as a means of analysing the periods before, during, and after an encounter with a threat to determine the characteristics of a system that will allow it to sustain its value. This perspective is reflected in the drift correction principle described by Dekker (2006). This principle allows the system to detect an approaching threat and make corrective actions. RESILIENCE PRINCIPLES The publication of Hollnagel et al (2006) was a milestone in the establishment of modern resilience engineering. A second book by Hollnagel et al. (2011) explains how resilience engineering can be implemented in practice. Building on the work of Hollnagel et al, Jackson and Ferris (2013) identified a set of 34 design rules to achieve resilience. Jackson and Ferris (2013) also concluded that since most of these rules were heuristics, that is, rules of thumb extracted from experience, they would be subject to flaws and imperfections themselves. That is, although these rules would achieve their goals most of the time, there would be times when they did not work. For this reason, Jackson and Ferris concluded that additional rules would be required to compensate for the vulnerabilities of the initial rules. They referred to the additional rules as dependent rules. In addition, since the dependent rules themselves may possess vulnerabilities, third and fourth rules may be required to achieve resilience.