Resilience

Critical Infrastructure Resilience in the Age of AI

Illustration of a resilient, redundant data center power and cooling architecture

As AI infrastructure becomes more deeply embedded in economic activity, government services, and corporate operations, the consequences of its failure escalate accordingly. A data center outage in 2015 was primarily a customer service problem. A major AI infrastructure outage in 2026 can disrupt enterprise operations, public services, and increasingly, national-level economic and security functions that depend on continuous AI availability.

Resilience Requirements Are Rising Faster Than Most Designs Account For

Traditional data center resilience frameworks — tier classifications, N+1 or 2N redundancy schemes — were developed for a world where most workloads tolerated brief interruptions reasonably well. AI training workloads behave differently: an interruption mid-training can waste days of compute and energy if checkpointing is inadequate, while inference workloads supporting real-time applications have effectively zero tolerance for unplanned downtime in many use cases.

This raises the practical bar for resilience design — not necessarily by mandating a higher nominal tier classification in every case, but by requiring more careful analysis of failure modes specific to AI workloads: power quality issues affecting GPU clusters, cooling system failures that can force rapid thermal throttling, and network fabric failures that can stall distributed training jobs across an entire cluster rather than affecting a single rack.

Cyber-Physical Convergence Changes the Threat Model

Resilience in AI-era facilities increasingly requires treating physical and cyber threats as a converged risk category rather than separate domains managed by separate teams. Facility control systems, cooling management platforms, and power distribution increasingly rely on networked sensors and software — creating attack surfaces that did not exist, or existed in far simpler forms, in earlier generations of data center infrastructure.

  • Building management and cooling control systems require the same rigour of cybersecurity hygiene historically reserved for IT systems
  • Physical access control increasingly needs to be integrated with identity and access management practices used for digital systems
  • Critical infrastructure designations in several jurisdictions are extending specific security and resilience obligations to large data center facilities
A facility that is resilient against power loss but vulnerable to a converged cyber-physical attack has not solved its resilience problem — it has only solved half of it.

Redundancy Strategy Has to Account for Correlated Failures

Conventional redundancy frameworks often assume failures are largely independent — that a backup generator failing is unrelated to a cooling system failing. AI-era facilities introduce more scenarios where failures can be correlated: a power quality event affecting an entire row of GPU racks simultaneously, or a cooling system failure that forces thermal throttling across a synchronised training job rather than affecting isolated equipment. Designing resilience for these correlated failure modes requires more sophisticated risk modelling than simply specifying a higher tier classification, and it is an area where facility-specific engineering analysis, rather than generic industry benchmarks, adds the most value.

Testing Resilience, Not Just Designing It

Resilience that exists only on paper or in as-built drawings is of limited value during an actual incident. Leading operators increasingly conduct regular, realistic failure testing — partial power failover drills, cooling system failure simulations, and tabletop exercises for cyber-physical incidents — to validate that designed resilience actually performs as intended under real operating conditions, including the human and procedural elements of incident response, not just the underlying engineering. Facilities supporting genuinely mission-critical AI workloads should treat this kind of regular validation as a non-negotiable operational discipline, not an occasional audit exercise.

Resilience as Sovereign Capability

For governments and large enterprises, resilience of AI infrastructure is increasingly discussed in the same terms as resilience of energy or telecommunications infrastructure: a question of national or organisational capability, not merely operational risk management. This framing is reinforced by the IEA's own observation that AI is becoming not just an "energy taker" but, through onsite generation and storage, increasingly an "energy maker" — a dynamic that further entangles AI infrastructure resilience with broader energy system resilience.

This sovereign-capability framing has practical implications for design and procurement: greater scrutiny of supply chain dependencies for critical components, more conservative redundancy assumptions for facilities supporting essential services, and closer alignment between facility resilience planning and national critical infrastructure frameworks.

Building Resilience In, Not Bolting It On

DATAPERT works with clients to integrate resilience planning — covering power architecture, cooling redundancy, and cyber-physical security — from the earliest stages of data center development, rather than as a retrofit exercise. Explore our advisory capabilities or start a project to discuss resilience requirements for your next programme.

Share LinkedIn X Email

Build the Infrastructure Behind
Tomorrow's Digital Economy

Whether you are planning a hyperscale campus or an AI-ready data center, DATAPERT can support the journey from concept to delivery.