Image by Benjamin Elliott


Given a system, uncover vulnerabilities. Suggest mitigations

Resilience Analysis Cube.png


Operations Resilience Analysis Framework is a unique suite of resilience solution, a unique tool to analyse, develop, and communicate resilience. System can be modelled using the resilience notations, and the journey of modelling the system is most valuable as it deepens the way the system resilience is superficially understood. Thereafter it is used to analyse hidden vulnerabilities, simulate mitigations, and analyse impact propagation. It offers a single picture for clarity and language to manage the latent inert dimensions of resilience in organizations.

Which is more resilience.png


Our approach to operational resilience is preventive. C3S advocates zero tolerance for disruptions.

We leave no stone unexplored, even if seemingly unimportant. This seemingly unimportant stone, as ICT adopts the characteristics of a complex system, may be the cause of an unexplained major disruption.

Our philosophy is to enhance resilience by systematically discovering and removing vulnerabilities in the design, not by adding resilience. Simplifying, not adding complexity to the system. This enhancement can be proactively conducted before any disruptive event.

Resilience Cycles.png


The Resilience Lifecycle revolve around the Actual Event (red box), defined as the unexpected incident that threatens the proper continuation of the business operations. The objective of a good resilience design is to reduce the possibility of the Actual Event, and if that is not exhaustively possible, then a system of recovery operations that allow the components affected by the Event to be recovered gracefully without disrupting the business processes.

For known vulnerabilities in the system that cannot be removed easily, these are represented by the Potential Event box, and often they are contained by proper mitigating actions. Some known vulnerabilities can also be extracted from others who have a similar system, and that can enrich the Potential Event box.

The Unknown Event is the most uncertain domain in the Lifecycle, as they are not yet known but likely to exist. They are the deadliest Event if it ever occurs, they usually catch the organisation by surprise at the wrong time.  As it has never been studied or analysed, the initial shell shock with a high degree of uncertainty can set back the recovery process in an unexpected dimension.

Operations Resilience Analysis Framework is used to mine some of the Unknown Events to become the new box known as Virtual Event. The Virtual Event can then be tested and be confirmed as a Potential event or dismissed totally as a vulnerability, hence reducing the list of uncertain vulnerabilities in the Unknown Event box.

Resilience Notation.png


We realised when we started on our journey to resilience, the stumbling obstacle we faced then was a lack of industrial language and vocabulary to communicate such an inert concept amongst all the stakeholders. Therefore, we developed our Resilience Notation to address this deficiency.

Resilience Notation defines a set of primitives that are simple but essential in describing the resilient characteristics of a system. 

There are seven layers of interdependencies in the notation. Failure in any active node must be responded by a new working path that has been established and tested. Failing which the system will not be able to continue its intended operation.

Once the system is represented in this notation, the resilience features of the system is clearly denoted by the appropriate symbols.  With this, we can fully understand the working of the resilience design and possible vulnerability of the design.  

As the notation is largely pictorial and does not contain any form of textual technical jargon, a system represented in this form can be used by a technical person for analysis to a non-technical person in the management level to understand the system behaviour.  The simplicity of the representation is by no means compromise on any resilience description of the system and able to maintain the context of the resilience design throughout.

Resilience Topology.png


To fully analyse the resilience of a system, two orthogonal aspects of the system dependency must be established.  

The Resilience Topology, that represents the flow, processes, and connectivity of the system.  And the Dependency Network that represents all the dependencies of each entity to support the topology. 

The Resilience Topology is constructed using the Resilience Notation which allows the actual design and configuration of a system to be modelled. Functional nodes are conceptually decomposed down to the resolution where the fault recovery mechanism can be represented. The Resilience Topology captures the way the resilience design will respond to the different faults that may occur in the system.


We believe that true resilience knowledge is inherent within the people in your organisation. Through our immersive EMARFER Sessions, we facilitate your staff to take a deep dive into the resilience of the system, exploring and reframing into less known or less considered perspectives and dependencies. The vulnerabilities found are, but a by-product compared to the understanding and insight gained by your staff into the system. At the same time, they learn to apply our resilience methodology in your organisation.

The platform for entire Operations Resilience Analysis is our EMARFER Application Software as a tool for visualisation, documentation, simulation and EMARFER Sessions.

The main steps in a typical Operations Resilience Analysis engagement are:

  1. Construct Resilience Topology Diagram for the System to model the design and configuration of the system capturing how the system reacts to faults

  2. Construct Dependency Networks for Operations Design Vulnerabilities

  3. Analyse the constructed Dependency Networks to discover and report on the Operations Design vulnerabilities by tracing all the possible fault points. 

  4. Analyse the Operations Design Vulnerabilities found and where practical provide a high-level recommendation to mitigate or rectify the risk.

The systematic Operations Resilience Analysis Framework, explores the less known and less considered perspectives, morphs the mental model of knowledge about the system, breaks up comfortable mindset, leads to innovations rather than stagnated evolution, is a key benefit in this methodology.