<-- Back to matrix

MATRIX 301

by Doctor Doom (JCH8169@SUMMA.TAMU.EDU)

Colonel Count von Hohenzollern und vom Doom, DMScc, DSc, PhD

OUTLINE

System design principles
- Security Code and System Rating
- Maximum number of nodes
- Maximum amount of IC
- System Load
Intrusion Countermeasures
- White IC
- Gray IC
- Black IC
System Alerts
- Passive Alert
- Active Alert
Options for IC
- Shielding
- Staging
- Constructs
- Expert IC
- Artificial Intelligences
Trends in security
Matrix combat
- Matrix initiative
- Matrix actions
- Matrix combat
- The opposition
- Avoiding combat

“Okay, now students. This is MTRX 301, so, for those individuals have erroneously selected this room, you are given the opportunity to leave without causing a disturbance…

“Very good. Now, as indicated, this course is to further your studies in the realm of Matrix manipulation, which will include System Architecture, Types of IC, and there shall be a section on Matrix Combat. It shall draw heavily from information learned in earlier courses, but such is the nature of scientific and engineering programs. All exams shall have an essay format. Questions?”

“Mr. Doom?”

“Ahhh, DOCTOR Doom, please.”

“Sorry–Doctor Doom, will we get to work on the computer system?”

“Indeed, some lectures shall be held almost entirely in the Virtual Reality environment. The majority of your final grade in this course shall derive from exercises I shall design which shall require you to demonstrate your prowess in the Virtual Reality environment.

“The last element of your grade shall be an out of class project. You shall be charged with the task of designing (although not actually programming) a computer system armed for a imagined client. Based off of your client’s needs and his budget, you must develope a system that most efficiently meets those requirements.

“The syllabus, as you may observe, is being handed out by my assistant. Please note the exam dates. The only acceptable excuses for missing an examination possess a marked similarity to those of Professor Izbin’s–should any of you have him for Chemistry–namely, that you are either SEVERELY ill or you have experienced a death in the your immediate family. Aside from that, attendance is not required. I find taking attendance tedious and a waste of valuable time, and I shall neither dedicate personal efforts nor those of my assistant’s to its determination. However, many of the topics we shall discuss shall not be found within the textbook, and as such, regular attendance is strongly recommended.

“Also, hearken unto the text book list. Many of you shall breathe a sigh of relief in the knowledge there shall be only three texts for this course. The first two, “Virtual Realities” by Tom Dowd and Chris Kubasik and “ShadowRun Second Edition”, you should recognize from your last semester. Therefore, if you followed the advice of your professor, you should still possess these volumes. The ONLY additional text is “Beyond the Looking Glass”, written by myself, and therefore quite important.”

Let us begin…

I. System design principles

Security Code and System Rating

All nodes have a Security Code and System Rating. The Security Code is denoted by a color system, proceeding from Blue to Red. The System Rating is a numerical value that follows the Security Code; together, this is referred to as the Security Rating.

In designing a system, choose the maximum Security Rating, e.g., Red-9, Orange-11, Blue-5, whatever. This value is the rating of the CPU. All other nodes must be equal or subordinate to this rating.

Also, the lowest node may not be less than half the maximum rating. Further, a Red system may not contain Blue nodes. Therefore, a Red-8 may contain nothing less than a Green-4.

Maximum number of nodes

Determine the maximum amount of nodes possible in the cluster, a common synonym for a system, which indicates the entire system controlled by ONE CPU. Multiply System Rating by 5 to determine this value, e.g. a Red-5 could support 25 nodes, as could an Orange-5.

NOTE: Only SPUs and Dataline Junctions count towards this total; Datastores, I/O Ports, Slave Nodes, SANs do not. Also, RARELY does a CPU service any where near the vicinity of the maximum number of nodes.

Maximum amount of IC

Determine the maximum amount of supportable IC Rating Points (similar to technomancer’s Load Rating): Square the System Rating and multiply it by the Threshold Number; that is the maximum. The Threshold Number is merely the numerical representation of the Security Code, i.e., Red = 4, Orange =3, Green = 2. Blue nodes are incapable of supporting Intrusion Countermeasure software.

The breakdown of IC allocation is typically:

25% Active (the vast majority being White IC)
50% Dormant Gray IC
25% Dormant Gray IC designated “response” IC

NOTE: Black IC allocation is not governed by the limitation of maximum supportable IC Rating, although it does add to the Load Rating of a node just as any other ordinary IC construct.

System load

The Load Rating of a particular node, that which determines the maximum quantities of IC and technomancers that may be active within it at any one moment is determined by the Security Rating. Multiply the Security Code (using Blue=1, Green=2, Orange=3, Red=4) by the System Rating. Hence, a Red-8 would be 32. Thus number may be exceeded by 100%; however, if a node surpasses 200% maximum load, it will be sent into Slowdown, and no system operations will be possible.

NODE EFFICIENCY (can alter effectiveness of IC)

System Load             Efficiency Modifier
Light (<50%)            +1
Normal (51-100%)        Normal
Overload (101-200%)     -2
Slowdown (201+)         No System Operations Possible

Deckers also add to the System Load of a particular node. To determine this value, divide the MPCP’s current value by two. Add to this number the total number of Mps of programs presently in Active Memory divided by 100 and rounding up. So, a Fairlight Excaliber with 253 Mps in Active would have a Load Rating of 6 + 3 = 9.

Right… now that we have ascertained the magnitude a system may attain, and what quantities of IC it is capable of supporting, let us move on to the subject of IC itself.

II. Intrusion Countermeasures

All elements of IC have Ratings, which determine their effectiveness. The Load Rating for an IC program is based on the IC’s Rating, and is affected by the particular type of IC and the options selected for it,

WHITE IC

The most common and, as the name implies, the most benign. All White IC is immobile save Probe. Further, if involved in Matrix Combat, all types of White IC can only fight defensively.

ACCESS

The most common type of IC, it verifies the legality of a signal. It it is not successfully attacked or deceived, it sounds a Passive Alert on its next Action.

Typical Appearance: A doorway, a gate, a tunnel, doorman/guard.
Load Rating: 1/2 Rating

BARRIER

This is a solid security lock on a node, and hence it is one of the most common types of IC to activate following a Passive Alert. This IC inhibits datatraffic, and thus would guard Datastores where no such traffic would normally occur. It declares and triggers alerts in a similar fashion to Access IC. Other IC and corporate technomancers (with the proper passcodes) can pass through it without incident.

Typical Appearance: Electric Fence, vault door, force field, brick wall.
Load Rating: 1/2 Rating

PROBE

Another of the more common IC types to be activated following a Passive Alert. Rarely is it active previous to an alert due to its function basically being to heavily interrogate EVERYTHING it can find, including interference and random “noise.” The procedure is similar to that of Access IC, but the Probe will only request identity verification on its Action.

Deception programs are effective, but Sleaze utilities operate with +2 target numbers. Probe may be crashed normally, but if the technomancer fails to affect it, the IC will declare an Active Alert on its next Action.

Probe is often allocated as “response IC” in a system.
Load Rating: Rating

SCRAMBLE

Usually found in Datastores or attached to specific files or programs. It can be defeated with Deception or Decrypt programs or crashed with Combat utilities. If attacked, it will attempt to erase the file its protecting. If at any time the technomancer fails in an attempt to attack or slow the IC, the file shall be destroyed on its Next Action Phase.

Typical Appearance: A snake that crushes data, a whirlwind that scatters it, a shifting jigsaw puzzle.
Load Rating: 1/2 Rating

GRAY IC

Slightly more malevolent is Gray IC, in that it is capable of harming the cyberdeck. Unless a Analyze utility is used successfully, Gray IC resembles white, in that the Sensors Attribute of the cyberdeck recognize both as IC. All Gray IC is to be considered to possess the abilities of White Probe IC of the same rating.

Generally, Gray IC requires a trigger, oftentimes that is White IC. Once active, it requires no further prompting, however.

Some paranoid corporations place active Gray IC where sensitive data is stored. Although, this should be considered atypical in practice.

The first four are IC that directly assaults the Persona Programs of a deck. In combat, each extra success for the IC subtracts one from the targeted program. No Persona Program may fall below one, however. Also, this is not permanent damage; it may be prepared either by restarting the cyberdeck or implementing a Restore program.

ACID

Attacks the Bod Rating of the cyberdeck directly.

Target: Evasion
Load Rating: Rating

BINDER

Attacks Evasion directly.

Target: Evasion
Load Rating: Rating

JAMMER

Attacks the Sensor Attribute directly.

Target: Evasion
Load Rating: Rating

MARKER

Attacks the Masking abilities of the cyberdeck.

Target: Evasion
Load Rating: Rating

The following IC are noticeably more devious.

KILLER

The name pretty much says it all. It engages the Persona in Matrix Combat. Every net success it generates inflicts one “wound” to the Persona. (After 10 wounds of damage, any Matrix construct, be it IC or a technomancer, crashes)

Typical Appearance: Warrior, soldier, thunderstorm, attack drone
Load Rating: 1/2 Rating
Target: Bod

BLASTER

Behaves as Killer IC; however, if successful in crashing the Persona, it immediately is afforded an opportunity to burn the cyberdeck’s MPCP chips during the same Action Phase.

In this event, make a test with the # of dice being the IC’s Rating against the Target Number of the MPCP Rating. Hardening must still be overcome, and each extra success permanently reduces the MPCP by 1.

Typical Appearance: Same as Killer.
Load Rating: 1.5 x Rating
Target: Evasion

TAR BABY

Trap IC. If an attempt to deceive or Sleaze the IC fails, or if it is attacked but unharmed, the IC crashes, taking the utility with it! That program must be reloaded.

Tar Baby automatically triggers an Active Alert as it crashes.

Typical Appearance: Trap, pit, pool, snare (often disguised as something else)
Load Rating: Rating
Target: Evasion

TAR PIT

Even worse. Behaves like Tar Baby, but also corrupts all copies of the attacking utility in storage memory. Offline storage copies are unaffected.

Typical Appearance: Same as Tar Baby
Load Rating: 1.5 x Rating
Target: Evasion

TRACE

Nasty. Attempts to gain a positive lock upon a cyberdeck’s access path and follow it to its location.

Once activated, make a test of the IC Rating verses a Target # of the cyberdeck’s Masking Rating. Base Time to complete the trace is 10 turns divided by number of successes rolled. If the test fails, the IC does not manage the lock, but may attempt again on its Next Action Phase.

Trace is a two-part construct, one traces the technomancer, and the other stays in system waiting to report–which is the part that the technomancer must defeat or successfully use a Relocate program against. The IC is mobile and will most likely move to a node with higher security. Like White IC and the Tar programs, it can only fight defensively.

Typical Appearance: A wolf, bloodhound, detective, seeker drone

Trace & Report

When complete, it reports the real-world address of the technomancer’s entry point into the system.

Load Rating: 1/2 Rating
Target: Evasion

Trace & Dump

The technomancer is automatically dumped once/if the trace succeeds. Oops. His location is reported as well. Double oops.

Load Rating: Rating
Target: Evasion

Trace & Burn

Evil. Works like Trace & Dump but executes as Blaster attack against the MPCP of the deck. It manifests as 1/2 Rating (round up) of the Trace IC.

The technomancer can only be defended by another persona also at the location or a program frame present there.

When defending against the attack, the technomancer +2 to his target numbers. The only way to defeat it is successfully implement a Relocate previous to the completion of the trace, or crash the in- system element.

Load Rating: 1.5 x Rating
Target: Evasion

BLACK IC

Thus named because it attacks the technomancer, not his cyberdeck. Normally, Black IC inflicts physical damage, but can be set to do mental (stun) damage should the system owner be feeling magnanimous.

REMEMBER: Dead men tell no tales, but prisoners can be downright talkative.

Load Rating: 1.5 x Rating
Target: Evasion

III. System Alerts

Passive alert

To coin a phrase, Condition: Yellow. A passive alert means that the computer is not sure whether if it has been invaded, but is going to be careful. Add +2 to the ratings of all IC. Passive alerts last only an hour or so at most, because they slow down other processing. Any time a second passive alert is triggered while the system is already on alert, it automatically triggers an active alert.

Active alert

Condition: Red. This means the computer decides it has been invaded. It notifies its human operators, who will take whatever action the Game Master thinks appropriate, usually sending one or more deckers into the system after the invader.

The controlling operator’s most drastic response to an active alert is to shut down the computer. The operator will take this action if it looks like the invader has beaten any defenders sent against him, or if the alert was triggered from a highly security-sensitive node like the CPU or a red datastore. It takes 2D6 turns to shut down the computer without damaging the system. Shutdown triggers various alarms in the Matrix as programs wind down and files close safely. The technomancer’s persona sees flashing red lights and hears klaxons. If the persona is still in the system when it shuts down, the technomancer is dumped.

IV. Options for IC

Intrusion Countermeasures have several options that may be incorporated into their design, which can be of an offensive or defensive nature. Please note that these options are quite expensive, and therefore, it is not feasible for every IC element or construct to possess them due to the prohibitive price.

SHIELDING

IC may be designed with three defensive options: Hardened, shifting, and normal. Normal, as the name indicates, bestows no modifiers.

When IC has Hardened defense, any damaging attacks against it are at a +2 Target Number, unless the attack has the Penetration option, which nullifies the effects.

Shifting defense also gives a +2 Target Number against damaging attacks, unless the attack has the Area-Effect option, which nullifies the benefits.

Either defense option increases the effective rating of the program by 1 for the purposes of determining Load Rating

STAGING

Killer IC is considered to have Light Staging. However, there is the option of making this program decidedly more potent (and larger…and much more expensive!)

Killer (M) has Moderate Staging and the Load Rating equals the Rating
Killer (S) has Serious Staging and the Load Rating equals 1.5 x Rating
Killer (D) has Deadly Staging and the Load Rating equals 2 x Rating

Killer may also be designed to incorporate either the Penetration or Area-Effect options available for Attack programs. Only one of these options may be present within the IC. Add 1 to the effective Rating of the IC for purposes of determining Load Rating.

CONSTRUCTS

Multiple pieces of IC may be combined into a single IC construct that moves and acts in unison. Due to increased efficiency of this approach, IC tends to appear in this manner, though there is the ubiquitous concern of node overload. A construct may contain any combination of IC, be it White, Gray, or Black.

Base Load Rating for the entire construct is equal to the highest Load Rating of the IC in the construct. All additional IC programs contribute only 1/2 (round up) its Load Rating to the constructs overall Load Rating.

Initiative is determined by the LOWEST IC rating in the Construct.

On its Action, the construct may utilize any or all of the abilities of the different IC in the construct, within certain parameters:

If multiple combat IC are being brought to bear, all must have the same target, either Bod or Evasion. Different targets may not be mixed. However, non-combat IC with different targets MAY be used, e.g., as Trace is non-combat, it may be activated along with Killer, even though the two IC target Evasion and Bod, respectively.
When multiple combat IC are being utilized, their attack is combined into ONE assault. The effective rating is determined by the lowest IC rating involved. All target numbers also derive from this lowest rating. If the attack is successful, all results are figured based on the extra successes generated. If it fails, they all fail.
When counter-attacking in cybercombat, the IC is treated as having a Rating equal to the lowest-rated piece of IC in the Construct. Even in the case of an IC equipped with multiple combat-IC programs, only ONE may be implemented in the counter- attack.
If the Construct crashes, all the programs crash.

All Constructs are mobile.

EXPERT IC

Expert IC is an IC system governed by advanced expert systems. Any type may become Expert IC, and its addition is implemented at the system level. In game terms, the addition of the expert IC programming increases the rating of the IC by 1, 2, or 3 points. The actual increase is contingent upon the sophistication of the expert system built into the IC. Expert Systems come in three levels: 1, 2, and 3. Each adds its level to the Rating of the IC; however, the Load Rating does not increase proportionately:

LOAD RATING TABLE

Expert System Level     Calculate Load Rating from:
1                       Original IC Rating (do not include expert
                        system increase to the rating)
2                       Original IC Rating +1
3                       Original IC Rating +2

NOTE: The Game Master should play expert IC as being noticeably smarter than regular IC. Yes, it shall certainly be tougher, but to the player characters that should appear to be due to the IC’s intelligence rather than to any increase in the game mechanics. Though normal IC conducts itself in a method similar to a machine, expert IC should begin to display almost animal-like intelligence and instinct.

ARTIFICIAL INTELLIGENCES

Sorry, Jordan, but there aren’t any game-mechanics discussed in these sections…not even suggestions on how to handle it. sigh

V. TRENDS IN SECURITY

As iterated before, only about 25% of IC is active at any one time. The rest is dormant, awaiting an unauthorized signal to trigger it. Nor is it true EVERY NODE has IC upon it. Remember, IC at best inhibits, at worst, blocks datatraffic; the system must still be permitted to function without copious quantities of IC vigorously interrogating every odd data construct or signal.

Also, regarding the distribution of Security Ratings… a metaphor that has been often utilized in all the campaigns I have participated in is one of climbing a mountain, and to my mind, the mountain was invariably Everest. One starts at a Green-4, then proceeds to an Orange-6, then reaching a Red-10. This is not terribly accurate or practical.

A better metaphor for what it should be like would be from “Lord of the Rings” when the armies of Aragorn are invading The Dark Lord Sauron’s land, Mordor.

Mordor was framed by two mountains ranges, the Ered Lithui (Ash Mountains) to the north and the Ephel Dzath, or Mountains of Shadow, to the west and south. These huge natural defenses allowed for only two avenues of access, treacherous mountain passes, EACH guarded by fortresses. Cirith Ungol, the southern route, was bound by Minas Morgol at its opening and the fortress Cirith Ungol just before entering Mordor itself. To the north was Cirith Gorgor, where Morannon, the Black Gate, flanked by the Towers of the Teeth, Narchost and Carchost, guarded what was considered the “safer” of the two passes.

The metaphor: The System Access Node, or SAN, (although, unlike the example, rarely is there more than one) is generally very high security, along the lines of the CPU itself. The rationale is that most legitimate technomancers working within the system shall not enter via this passage, instead utilizing one of the I/O ports.

Within Mordor, there were was the Great Plateau of Gorgoroth, as well as the lower lands of the vast plain of Nurn, where slaves tended the mineral rich soils provided by the moderated volcanic ash deposited there.

The metaphor: Certainly, the system shall have areas of high and low security within it; however, once one surmounts the initial hurdles of accessing a cluster, the security should calm down considerably. After all, the denizens of the system themselves must be permitted to operate within it.

The ultimate goal of Aragorn’s conquest was The Dark Tower, Barad-dur, the mightiest fortress of all of Middle Earth, where the Lidless Eye in the Tower, Sauron the Great resided.

The metaphor: Obviously, this is the CPU, where THE highest of all Security Ratings is…although this does not necessarily mean its is hip-deep in IC–it must be flexible enough to command the system. It is also deeply buried in the cluster…a CPU is almost never situated next to a SAN, rather it is usually “screened” by SPUs.

Mordor was dominated by the imposing peak of Mount Doom, called Orodruin by Dwarves, and Amon Amarth by elves. Its eruptions were inspired both awe and fear due to their scope and destructive capability.

The metaphor: Mount Doom, an inherently hazardous place, symbolizes sensitive areas within a cluster, which have security of similar magnitude to the CPU.

Naturally, for role-playing purposes, you could carry the metaphor further, by incorporating various gates, traps, snares & pits (White IC), Orcs, trolls, and men-at-arms (Gray IC), and the dreaded Nazgul, or Ringwraiths, the fearsome lieutenants of the Dark Lord, as Black IC or IC constructs.

An excerpt from Virtual Realities illustrates this:

Node ratings

In designing a computer system, one of the issues to decide is what ratings to assign to the different types of nodes in the system. The Node Rating Table rates systems by their relative importance/security and presents a range of appropriate System Ratings for each type of node.

When deciding which track to use in the system, the Game Master should keep in mind they system owner’s resources. Everyone would like to have an ultra-secure system, but only governments and the largest megacorporations can afford to create and maintain that level of security. The best policy is to decide the IDEAL importance/security of the system and then adjust down for the coproration’s resources.

                        BLUE     GREEN      ORANGE       RED
                        1 2 3 4|1 2 3 4 5|1 2 3 4 5 6 7|1 2 3 4 5 6 7 8
                        -------|---------|-------------|---------------
NO SECURITY             [[]]XX##         |             |
LOW SECURITY                  []XXXXXX####             |
MODERATE SECURITY              | [[[]]]XXXXXXXXXXX######
HIGH SECURITY                  |      [[[]]]XXXXXXXXXXXXXX########
ULTRA-HIGH SECURITY            |          [[[[]]]]XXXXXXXXXX###########

[[[[]]]]        DLJs, SMs
XXXXXXXX        I/OPs, Low Security SPUs and DSs
########        CPUs, SPUs, SANs, and High Security DSs

Security tracks

No Security

An open system such as a public-service network or free advertising database requires no security. Little of importance is available, so there’s no reason to defend it. These systems usually contain only blue nodes, which cannot contain IC. Minimal security systems are referred colloquially as Blue Systems.

Low Security

Limited access systems such as library databases, sub-scription services, and most telecom grids have low security. These systems are known as Green Systems.

Moderate Security

Moderate security is typical for most government, underworld, or corporate systems not containing highly classified data. These systems are often referred to as Orange Systems.

High Security

High security systems include powerful megacorp R&D and finiancial, classified government, and the major crime syndicate systems. They are referred to as Red Systems.

Ultra Security

The infamous black system is as tough as they come. The most vital megacorp systems and government military systems are at this level. Dangerous stuff.

VI. Matrix combat

Matrix initiative

Multiple actions are determined exactly as in physical combat.

Technomancers roll 1D6 and add it to their Reaction Attribute. The ONLY method (not magic, not wired reflexes, not vehicle control rigs) to augment this test is via Response Increase on a cyberdeck. With this, technomancers add +2 per level of Response, plus an extra 1D6 per level.

Deckers using pure cybernetic command receive an additional di for Initiative.

Those using a combination of cybernetic command and keyboard determine Initiative normally.

IC Reaction is based on the node’s Security Code and the rating of the IC. The Security Code color gives the basic speed. Add the IC’s Rating to this for the Reaction Time (see table below). Then make the usual 1D6 roll.

IC REACTION TIME

Security Code           Reaction Time

Blue                    Yeah, right...
Green                   5 + Rating
Orange                  7 + Rating
Red                     9 + Rating

MATRIX ACTIONS

Following are typical possible actions in cyberspace.

Free Actions
- Delay Action
- Observe
- Speak a Word
Simple Actions
- Change Range (move from observation range, to sensor range, to contact range, in any combination)
- Erase Program
- Execute System Operation
- Jack Out!
- Jam IC (only works with White IC)
- Load Programs
- Modify MPCP Value
- Run Defense Utility
Complex Actions
- Execute Sensor Utility
- Execute Utility
- Run Complex Utility

MATRIX COMBAT

1. Decker Declares Range

Once in the Matrix, the decker declares the range he is maintaining to the various constructs and programs. Usually, this is observation range. To gain information about something in the Matrix, the decker must close to sensor range.

A decker at observation range can move about freely.

2. Sensor Range

A decker enters sensor range in order to use a sensor utility against a node or IC. Unless the system is already on passive or active alert, deckers are usually safe at sensor range. If IC reacts, it will close to within contact range of the persona.

A. Make Execution Test

The decker first makes an Execution Test for the sensor utility. If the test is successful, the decker may run the program. If the test fails, the decker may attempt it again, adding +2 to the target number.

Use any extra successes in the Execution Test to determine the effect of sensor utilities run against the node. Sensor utilities must also be run following a successful Execution Test to be effective against IC.

B. Run Sensor Utility

Make a test with a number of dice equal to the program’s rating plus any Hacking Pool dice against a target number equal to the IC’s rating. Count the successes.

C. IC Resistance Test

Roll a number of dice equal to the IC’s Rating against a target number equal to the persona’s Evasion Rating. Count the successes.

D. Determine Result

Compare the successes from the persona’s sensor utility test with the results of the IC’s test, but remember that the program must beat the Security Code of the node as well. Additional successes in excess of the IC successes and the Security Code are used to determine the result.

3. Contact Range

A decker must first be at contact range to use either a masking or combat utility. Contact range is also required to transfer a file from or to a computer system.

A. Execute Masking Utility

A masking utility uses the Special Execution Test, described in Masking Utilities (Works just like the earlier test, only the IC’s target is the Masking attribute – Doom). This requires a Complex Action. Successes in excess of the total of the IC’s successes and the Security Code of the node are used to determine the effects of the programs.

B. Using a Combat Utility/Conducting an Attack

Combat Utilities use the following procedure. Attacking IC uses the same basic procedure.

Execute the Combat Utility (persona attacking only)

Make a normal Execution Test. This requires a Complex Action. In the case of Persona vs. Persona, the Execution Test has the opposing decker’s Evasion attribute as a target number.

Conduct the Attack

Number of Dice: Program rating, plus Hacking Pool dice (if persona is attacking) or the IC Rating (if IC is attacking)

Target Number: Node’s System Rating (if IC), or Bod (if persona).

Resolve the Resistance Test

Number of Dice: IC Rating dice (if IC), or MPCP dice if target is persona (plus that decker’s Hacking Pool dice, if used)

Target Number: Decker’s Computer Skill (if attacked by a persona), or System Rating of the Node (if attacked by IC)

Determine the Effect

Compare the number of successes each opponent achieved, being sure to include the extra successes needed for the Security Code of the node (for the persona’s attack only). IC never need worry about Security Codes. The persona may ignore Security Code when resisting an attack.

The extra successes (the successes in excess of what was needed to overcome the opponent) are used to determine the actual effect, per the individual program or IC descriptions.

THE OPPOSITION

Hostile (defending) deckers have various levels of expertice, and do not need deception programs because they have passcodes for all the nodes. (No, chummer, you can’t mug one of them in the Matrix, and steal the codes.) Use the rules for pursuit in Avoiding Combat, in the next section, to determine whether or not a hostile decker finds the invader.

Following are several examples that may help Game Masters design system defenders as they become more familiar with the rules. Keep the odds balanced so that the player decker has to sweat, but try to avoid throwing an army (or Godzilla) at him.

BUSH LEAGUE

A corporate decker working on a cyberterminal starts hunting around the system, beginning in the node where the alert was triggered. Use the Corporate Decker Archetype with a cyberterminal version of an Allegiance Alpha deck with Attack 6.

MINOR LEAGUE

A Corporate Decker Archetype is sent into the system using a Fuchi-4 deck with Attack 4 and Shield 2. Persona programs are all Rating 3.

MAJOR LEAGUE

Use the Corporate Decker Archetype equipped with a Fuchi-6 deck with Level 1 response increase. The decker also carries Attack 6, Shield 2, and Mirrors 2. Persona programs are all Rating 5.

HEAVY HITTER

This Corporate Decker Archetype has the same experience as a Major Leaguer, but his persona programs are all Rating 6, and his deck has a Level 2 response increase.

AVOIDING COMBAT

A decker may attempt to avoid combat or disengage from current combat. Combat can be avoided by simply staying clear of it, moving into another node before it is too late, and so on.

Gray and Black IC, as well as opposing deckers, will probably pursue a fleeing opponent. As long as the fleeing decker remains within one node of the pursuer (observation range), the pursuer can easily follow. If the decker is able to move two or more nodes away, the deck’s programs and abilities can be used to make good his escape. When the IC or hostile decker pursues the character decker, make a test using a number of dice equal to the IC’s Rating, or the hostile decker/ persona’s Sensor Attribute (no Hacking Pool), and using the fleeing Persona’s Masking Attribute as the target number. If the IC or pursuing decker gets at least 1 success, they know exactly where the decker went and will attempt to move there. If the test fails, they have lost the trail, and will probably begin a node-by-node search.

If the decker shakes the pursuing IC, and the IC re-discovers him, the decker may use a sleaze or deceive program against the IC as normal.