When we design systems, it is usual to scrutinise them for any safety issues of concern and ensure the critical components are sufficiently reliable, or to add other systems designed to protect against failures. Such safety-critical systems are in effect adding to the defences against system vulnerability to known scenarios, or “design safety cases”. But these additions inevitably make the systems more complex and their control more challenging. Understanding how they behave requires a system-wide model. This model must allow the observation of the possible non-linear, non-predetermined interactions and interdependencies, between subsystems, especially safety-critical ones, which can give rise to unforeseen, emergent, or resonant behaviours. These are often the cause of unexpected and unplanned disturbances in normal operations, which in turn, are normally worked around, but which can occasionally get out of hand and result insignificant incidents. Currently the only complex system modelling approach which allows this systematic identification of such resonances, is Hollnagel’s Functional Resonance Analysis Method (FRAM). This allows us to pick up safety issues, but also to design-in and evaluate functions to learn from normal operations and to continuously improve the operability of the systems. But the real bonus is, that through this learning, we can utilise the memory, or database, to discern trends in patterns of behaviours, which could enable the anticipation of emerging problems and modify the responses proactively. So, this allows the incorporation of an extra dimension, of not just passive, reactive (imagined?)safety, but proactive operational resilience, for actual complex socio-technical systems, in the real world. This paper sets out to illustrate this approach, by looking at the safety-critical systems in the Macondo Well Blowout accident.