Crumple Zones: Absorbing Attack Effects Before They Become a Problem

  • Michael Atighetchi
  • Partha Pal
  • Aaron Adler
  • Andrew Gronosky
  • Fusun Yaman
  • Jonathan Webb
  • Joe Loyall
  • Asher Sinclair
  • Charles Payne, Jr.


A specific and currently relevant issue motivating the notion of ruggedized software is the confluence of the threat of cyber attacks and our increased dependence on software systems in enterprise as well as tactical situations. Software services that are essential for mission success must not only withstand normal wear and tear, stresses and accidental failures, they also must endure the stresses and failures caused by malicious activities and continue to remain usable. The Crumple Zone (CZ), a software shock absorber that absorbs attack effects before they cause significant system failures, is an architectural construct that we have developed and are maturing iteratively. We argue that the CZ is an important building block for constructing ruggedized software for supporting network-centric operations. In this paper we discuss the CZ in the context of Service-Oriented Architecture (SOA) and describe a configuration that has been realized and demonstrated.