Chapter 7. Platform Resilience Engineering

You never change things by fighting the existing reality. To change something, build a new model that makes the existing model obsolete.

Buckminster Fuller

This chapter is where the revolution of security transforming into resilience takes shape as an organizational metamorphosis. Here, we can reimagine how a security program is crafted, dismantling the social, organizational, and process dynamics of the worn-out status quo. By necessity, it becomes a resilience program to resist the persistent “production pressures” that push our sociotechnical systems toward brittleness. In SCE, we transform the security program from a siloed group prescribing policies and procedures, totally divorced from the work being done, into a platform engineering effort that treats resilience as a product, prizing design-based security solutions grounded in systems thinking.

In this chapter, we’ll talk about “meta design”—how software is designed, built, used, and refined through your organizational structure—and how we can support resilience through organizational structure and practices. We’ll delve deeper into production pressures, discover why Platform Engineering teams are the right organizational structure to apply resilience pressures, and learn how these teams can design, build, use, and refine software that supports resilience as a product.