Webinar: Bridging IT–OT Gaps: OT-Led Data Transformation in Action

Register Now
Get In Touch
Get In Touch

Redundancy Without Proof Is an Assumption

Resilience in Practice for Enterprise SCADA

How to Validate Resilience Without Disrupting Operations

If you operate AVEVA™ Enterprise SCADA in a pipeline environment, you have likely heard the reassurance before:

“We have redundancy.”

It sounds like a reliability guarantee. It often becomes a comfort blanket in budget discussions. But in practice, redundancy can be one of the most misunderstood concepts in industrial systems. Redundancy without proof is not resilience. It is an assumption. Proof means the team can execute recovery without discovering dependencies during the incident

Redundancy is a design feature. Resilience is an operational capability.

The gap between the two is where incidents become painful, recovery becomes slower than expected, and confidence in the system erodes. This article challenges the assumption that configured redundancy equals operational readiness. It lays out a practical way to build proof without turning validation into a major program.

The real problem: resilience is often assumed, not proven

Redundancy failures are rarely dramatic in the way people expect. The system may fail over, but the overall recovery experience is still disruptive because the organization was not ready for what the event actually required.

When resilience is assumed, you commonly see patterns like these:

  • Recovery depends on a small number of people who know the environment best
  • Failover procedures exist informally but are not documented well enough to survive turnover
  • Change windows introduces unintended instability because rollback readiness is unclear
  • Dependency chains are discovered during the incident instead of before it
  • Evidence of readiness cannot be produced quickly, which turns recovery into a scramble


None of this is a condemnation of the architecture. It is a reminder that resilience is not only a technical property.

If you have ever said, “It should have failed over faster,” what you experienced may not have been a redundancy failure. It may have been an operational readiness gap.

The insight: resilience is an operating model, not an infrastructure setting

Many organizations treat resilience as a hardware topic. They invest in redundant components, but they do not invest in the habits that make those components dependable under pressure.

Resilience depends on three things that do not appear in a rack diagram:

  1. Validation
    Configured is not the same as ready. If the organization does not validate failover and recovery behaviour, confidence is based on belief.

  2. Governance
    Resilience erodes when changes happen without consistent expectations, rollback readiness, and evidence capture. Forced change windows and “just make it work” patches are where readiness gaps are exposed.

  3. Repeatability
    If recovery relies on memory and heroics, it cannot be predictable. Predictable recovery requires procedures and evidence that are usable across shifts, not only by the most experienced person on the team.


The Challenger reframe is straightforward:

Redundancy without proof is not resilience. It is an assumption.

Assumptions are expensive when they fail because they fail under the worst conditions. High impact, high urgency, and limited time.

What the resilience gap looks like in real operations

You do not need to wait for a major incident to see whether resilience is real. The clues show up in everyday operations.

Here are common signals that resilience is assumed rather than proven:

  • Validation is postponed because it feels risky to test
  • Recovery steps are discussed verbally but not documented
  • Changes are made without a clear rollback path
  • The team cannot clearly state what a “successful recovery” looks like operationally
  • Readiness evidence is scattered across email chains and tickets


These are not uncommon. They are predictable results of operating pressure, staffing constraints, and the tendency to focus on what is urgent.

But they are also fixable if you treat resilience as a repeatable operating capability.

The better path: build resilience-proof into proactive maintenance

Building resilience-proof does not require a large overhaul. It requires a small set of repeatable habits that turn assumptions into evidence.

A practical approach can be implemented as a simple loop.

Step 1: define what resilience must mean operationally

Resilience is not a binary concept. It needs an operational definition.

Ask four questions:

  • What conditions trigger “resilience mode” in your operation
  • What does a successful recovery look like for the control room
  • What are the escalation triggers when recovery does not behave as expected
  • What evidence would satisfy leadership that readiness is real


This step turns resilience from an abstract comfort statement into a set of expectations you can manage.

Step 2: validate the chain, not just the component

Many teams narrowly validate redundancy. A component fails over. That becomes the proof.

Operational resilience depends on the chain:

  • the sequence of recovery steps that restores usable service
  • the dependencies that must be present for the service to function as expected
  • the visibility operators need to trust what they are seeing
  • the readiness steps that reduce confusion during the event


The goal is not to perform disruptive testing constantly. The goal is to validate enough to expose hidden assumptions.

Even one controlled validation exercise can reveal gaps that would otherwise remain invisible until a real incident.

Step 3: capture minimum viable recovery documentation

Documentation does not need to be heavy to be useful. It needs to be usable.

Minimum viable recovery documentation should include:

  • a clear trigger and escalation path
  • the recovery sequence in plain language
  • the validation steps that confirm recovery is complete
  • the rollback considerations if recovery does not behave as expected
  • where evidence is stored so it can be retrieved quickly


The purpose is repeatability across shifts and turnover.

If you can only do one thing, document the steps that prevent the team from losing time during the first fifteen minutes of an event.

Step 4: convert readiness gaps into a prioritized backlog

Validation and documentation will reveal gaps. That is the point.

The worst mistake is to treat gaps as failures and move on. The better approach is to treat gaps as backlog items and prioritize them based on operational impact.

A useful prioritization lens:

  • impact on recovery time and operational confidence
  • likelihood of recurring under normal conditions
  • effort required to close the gap
  • risk created by leaving it unresolved


Closing these gaps is how resilience becomes real, not theoretical.

Step 5: revisit on a predictable cadence

Resilience is not set once. It is maintained.

A simple cadence makes a difference:

  • monthly review of readiness-related changes and evidence capture
  • quarterly validation of the most important recovery assumptions
  • continuous improvement based on what incidents and near-misses reveal


This keeps resilience aligned to reality instead of to a design that was accurate years ago.

What success looks like: resilience that holds under pressure

When resilience is proven and maintained, you see practical improvements:

  • recovery is faster because sequencing is understood and repeatable
  • fewer people are required to stabilize events because dependencies and roles are clear
  • change windows become safer because rollback readiness is disciplined
  • onboarding improves because recovery knowledge is not locked in a few heads
  • leadership confidence increases because readiness has evidence, not just belief


This is what “reliability by design” looks like at the resilience level. It is not only architecture. It is the operating model around architecture.

Next steps

If you want to assess whether your resilience is proven or assumed, start with one question:

If your best Enterprise SCADA expert was unavailable during an event, would your team still recover with confidence?

Dexcent can help you pressure-test the assumptions, define what operational resilience must mean in your environment, and build a practical path to resilience proof that fits within operational constraints.

If you would like a working conversation about resilience readiness and proactive maintenance for AVEVA™ Enterprise SCADA, reach out to Dexcent here: 
Talk to a Dexcent specialist

We’ll pressure-test your readiness assumptions and identify the first two gaps to close. And to explore the full proactive maintenance framework, including the Four Pillars model, KPIs, and the maturity checklist, access the eBook here:
Proactive Maintenance for AVEVA™ Enterprise SCADA

Andrew Capper

Vice President of Industrial Digital Transformation

Linkedin Envelope
Read Bio

Andrew Capper is Vice President of Industrial Digital Transformation at Dexcent, helping industrial organizations improve data-driven decision-making by optimizing the data journey, reuniting siloed information, and delivering a trustworthy version of the truth.

With more than 25 years of experience, he is known as a results-driven leader who delivers on commitments and tackles complex information management challenges with a practical, human-centric approach. His work spans digital transformation strategy and roadmaps, governance, digital maturity assessments, and performance measurement through clear KPIs and metrics. Andrew is a NAIT graduate with training in Instrumentation Engineering Technology and Security Systems, and he brings a strong focus on safer, more effective operations from data producers through to data consumers

Nader Asgharinia

MP, P.Eng.

Vice President of Enterprise SCADA & Advanced Applications.

Linkedin Envelope
Read Bio

Nader Asgharinia, PMP, P.Eng., is Vice President of Enterprise SCADA & Advanced Applications at Dexcent, leading the delivery of complex, mission-critical solutions with a clear focus on client experience and operational excellence. With more than 30 years in business execution and over 25 years managing multi-million-dollar programs for mission-critical and SCADA systems, he brings a pragmatic, delivery-at-scale approach to every engagement. Nader is recognized for building high-performing teams, driving disciplined portfolio execution, and delivering measurable business outcomes, including significant growth in program portfolios and team capacity over time. He holds a B.Sc.(Hons.) in Electrical and Electronics Engineering from the University of Newcastle-Upon-Type in the UK, a B.Sc. in Computer Science from the University of Calgary, completed Georgetown University’s Director’s Program, is a Professional Engineer in Alberta, and a Project Management Professional.

Gerrit Nel

CISSP, CISM – Vice President of OT Infrastructure and Cyber Security Services

Linkedin Envelope
Read Bio

Tobias (Gerrit) Nel, CISSP, CISM, is Vice President of OT Infrastructure and Cyber Security Services at Dexcent, leading the development and delivery of practical services and solutions that integrate, complement, or replace OT infrastructure and protect OT assets from cyber threats. He is known for building resilient security frameworks, governance processes, and integrated solutions that reduce risk and support compliance across diverse industries. Gerrit has over 40 years of relevant IT/OT experience and has built and delivered highly skilled and high-performance delivery teams. His strengths include Cyber Security roadmaps, security architecture, incident response, and alignment to standards such as IEC 62443, NIST, and NERC CIP. Furthermore, he has deep foundational technical experience in Networking and OT infrastructure systems architectures that he leverages in building and leading successful delivery teams. Gerrit holds a B.Sc. in Computer Science from the University of Johannesburg and brings deep cross-sector experience supporting clients in oil and gas, mining, chemical, healthcare, financial, and government environments.

Jaydeep Deshpande

P.Eng. – President

Linkedin Envelope
Read Bio

Jaydeep Deshpande, P.Eng., is a seasoned and decisive executive with over 25 years of experience driving operational excellence, profitability, and market growth in national and multinational organizations. As President, he is recognized for his strategic leadership, disciplined execution, and ability to lead organizations through change. Jaydeep is passionate about developing people, building strong leadership teams, and fostering a positive, performance-driven culture. His expertise spans strategic planning, business diversification, financial management, and organizational transformation, with a consistent focus on delivering growth-oriented, profitable results. He holds a Bachelor of Chemical Engineering from the University of Alberta, is a Prosci Certified Change Practitioner and Project Management Professional (PMP), and has completed the CMA Accelerated Accounting Program, bringing deep financial and strategic insight to executive decision-making.

Karim Amarshi

Chairman of the Board

Linkedin Envelope
Read Bio

Karim Amarshi is Chair of Dexcent’s Board of Directors, providing governance leadership and strategic oversight to support the company’s long-term strategy and executive team. With nearly 40 years as an entrepreneur and owner-operator, he is recognized for building high-performance organizations and forging strategic alliances across Information Technology, government, health care, education, and energy. He is the former co-owner and Chief Executive Officer of one of Canada’s leading enterprise Information Technology solution providers, where he led the organization through three successful mergers and helped scale long-term client and vendor partnerships. Karim remains active across a diverse business portfolio, serving as a founding principal, officer, and advisor to organizations spanning Information Technology, hospitality, manufacturing, retail, and real estate in Canada and internationally.

Yasmin Jivraj

FCIPS, I.S.P. | Board Member

Linkedin Envelope
Read Bio

Yasmin Jivraj, FCIPS, I.S.P., is a Board Member at Dexcent, providing executive guidance and strategic oversight to support corporate management and long-term business direction. Over a 35-year career, she has held senior leadership roles across private, public, and non-profit organizations, with a track record of building operating foundations and driving profitable growth. Following a 15-year tenure as a co-owner and President of one of Canada’s leading strategic Information Technology solution providers, she expanded her governance leadership through active board service in post-secondary education and community-focused organizations. She is recognized for decisive, purpose-led leadership, clear communication, and deep expertise in technology, business models, and methodologies that help enterprise organizations advance digital transformation.

Nadir Jivraj

CEO, Board Member

Linkedin Envelope
Read Bio

As Chief Executive Officer, Nadir is accountable for providing overall leadership and Dexcent’s Industrial operational performance. Nadir has been involved as an executive sponsor with Oil & Gas and Mining companies for over 35 years, and through the years has developed a strong working relationship with the Executive leadership team of many Fortune 500 companies.

Nadir is known for recognizing value and superior investment opportunities in the technology services sector. His pursuit of highly prospective technology companies around the world has resulted in numerous company start-ups. Prior to starting Dexcent, Nadir had led companies through highly profitable business transactions, including the merger of Atlas Systems Group with CompCanada (later renamed Acrodex) in 2000 and later as Chairman of the Board of Axcend Pvt – an engineering solutions provider – based in Bangalore, India from 2004 – 2014. Acrodex and Axcend were sold in 2015