Changes to safety critical systems are inevitable and can impact the safety confidence about a system as their effects can refute articulated claims about safety or challenge the supporting evidence on which this confidence relies. In order to maintain the safety confidence due to changes, system developers need to re-analyse and re-verify the system to generate new valid items of evidence. Moreover, identifying the effects of a particular change is a crucial step in any change management process as it enables system developers to estimate the required maintenance effort and reduce the cost by avoiding wider analyses and verification than strictly necessary. This paper presents a sensitivity analysis-based technique which aims at measuring the ability of a system to contain a change (i.e., robustness) without the need to make a major re-design. The technique exploits the safety margins in the assigned failure probabilities to the events of a probabilistic fault-tree analysis to compensate some potential deficits in the overall failure probability budget due to changes. The technique also utilises safety contracts to provide prescriptive data for what is needed to be revisited and verified to maintain system safety when changes happen. We demonstrate the technique on a realistic safety critical system.