Slicing

Slicing and hacking are a large part of the Star Wars Galaxy. With famed slicers such as DJ becoming enshrined in Star Wars canon the drive for characters to make a musketeer of data spikes grows as well. Unfortunately, the rules for slicing are quite basic. The difference in hacking an Imperial mainframe vs. a small door panel is captured in the difficulty adjustment with little other challenge. Hacking can very easily become quite mundane and an auto-win roll at later stages in the game.

This supplement is based of the "NETRUNNER" RPG and has shifted their rules to add a new level of complexity and challenge for slicers.

This section describes expands on the basic computers and slicing checks to add a level of complexity to an otherwise basic check. Whether its hacking the credits from a cashier's kiosk to going to head to head with a rival slicer, these rules will provide the basis for slicing in the galaxy.

To hack, one requires an access port. These are called terminals. Whether its a key console on the wall or a massive mainframe command terminal, these terminals represent the opening into the game. All sliceable terminals are given a Security Level rating (Lvl 1,2, etc.)  A terminal’s rated level correlates to the depth of system control and information it has access to.  Accordingly, the level of a terminal is equivalent to the difficulty of the check needed to hack said terminal. A guideline for rating terminals is presented below:

LEVEL: 1
DIFFICULTY: P
DETAILS: Clerical Terminals, Sales Registers.  These terminals carry only surface level information about a facility’s operations.  Can access up to level 2 terminal controls.

LEVEL: 2
DIFFICULTY: PP
DETAILS: Control Lights, Temperature, and publicly accessible entrances and terminals (lvl 1).  Can access up to level 4 terminal controls.

LEVEL: 3
DIFFICULTY: PPP
DETAILS: Control Fire extinguishers, sprinkler systems, lvl 2 terminals and entrances.  Can access up to level 6 terminal controls.

LEVEL: 4
DIFFICULTY: PPPP
DETAILS: Control security force deployment, level 2 and 3 security Drones/AI, level 2 and 3 terminals and entrances.  Can access up to level 8 terminal controls.

LEVEL: 5
DIFFICULTY: PPPPP
DETAILS: Control secure servers and access Black ICE protected information.  Typically requires a direct uplink to access.  Control level 5 and below terminals, entrances, and security forces/drones/AI.

Bridging Terminals
All terminals within a security network are linked to some degree.  Bridging a connection between a lower level terminal and a higher level terminal allows a slicer to access the information and control available at that higher level.  Each terminal level bridged in this way generates an intrusion point.  The security level that a terminal can bridge access to is determined by the starting terminal’s own security rating and using the following formula:

(Starting Terminal Level) x 2 = Maximum Bridge level

For example, a level 1 terminal can be used to access a terminal rated level 2.  Once a slicer has seized control of the level 2 terminal, it may be used to bridge access to a terminal rated up to level 4.

Bridging can be accomplished by rolling a subsequent computers check with the difficulty set through the table above and modified by the intrusion points below. This would be a "SEIZURE" action as described below.

Intrusion Points
Intrusion Points are a measure of the system's awareness of an enemy attack and the strength of the countermeasure deployed to combat those attacks. Every intrusion point generated upgrades enemy firewalls and VI's counter-slicing checks.

There are two ways to generate Intrusion Points.  Each time a terminal level is bridged, it generates an Intrusion Point.  In the example above, bridging a level 1 and 2 terminal generates 1 Intrusion Point.  Bridging a level 2 and 4 terminal generates 2 Intrusion Points.  Thus, bridging systems from level 1 to 4 generates 3 total Intrusion Points.

(Ending Terminal Level – Starting Terminal Level) = Intrusion Points

Furthermore, Slicers can generate intrusion points on any failed or high threat Computers Check within a system.

1 failure or 2 threat = Intrusion Point

Imperial Firewalls & Safeguards (IFS)
Slicers tend to relate intrusion points to the complexity of IFS that can be deployed against them. These could be everything from anti-intrusion systems and safeties to wraith shields, blast doors, or other physical countermeasures.

LEVELS: 1
IFS NAME: White Alert
FUNCTIONS & TACTICS: Alarm and Locate (A&L). Alerts the system to a potential intrusion and attempts to Locate the terminal which has been compromised.

LEVELS: 2
IFS NAME: Grey Alert
FUNCTIONS & TACTICS: Alarm, Locate, and Defend (ALD).  Alerts the system to possible intrusion, attempts to locate the compromised terminal, and deploys defensive countermeasures to delay the attacker long enough for conventional security forces to arrive.

LEVELS: 3
IFS NAME: Blue Alert
FUNCTIONS & TACTICS: Alarm, Locate, Defend, and Attack (ALDA). Alerts the system to possible intrusion, locates and isolates the compromised terminal, deploys defensive countermeasures to delay the attack and directly combats the intruder with VI countermeasures.

LEVELS: 4
IFS NAME: Black Alert
FUNCTIONS & TACTICS: Alarm, Locate, Defend, Attack, and Pursue (ALDAP). This is the most dangerous variety of ISF.  In addition to deploying all the tactics of lower level IFS, it will actively pursue an attacker back to their home terminal or the compromised terminal and attempt to destroy them by any means necessary.

NOTE:  Black IFS are ruthless and efficient, and the Empire knows it.  Black IFS almost always guards the most protected data that a facility has. Of course, not all IFS are made equal; the better companies with more resources tend to have more esoteric, adaptive IFS or less resourced crime syndicates may be using outdated firmware.

Additional Slicing Actions

Ident Spoofing (iS)
“Detection is a foregone conclusion.  Only the very lucky and the very very skilled aren’t detected.  For everyone else, there is Spoofing.”

Ident Spoofing is a process by which a Slicer can delay detection and/or delay the deployment of IFS.  On an Ident Spoofing Computers check, one success temporarily lowers the Intrusion Point rating by 1 for 1 round.  Every additional success temporarily lowers the Intrusion point rating by 1. Every 2 advantages may be spent to increase the duration of this delay by +1 round.

SSD DA/R/E
In order to acquire complete system control, Slicer have developed a slicing protocol.  Collectively, these actions are called the SSD DA/R/E protocol: Search, Seizure, Decrypt, Data Acquisition/Recording/Erasure.  Each step of this process requires a successful computers check to complete. If the relevant steps of the protocol have been successfully completed, the slicer has just owned the entire system.

However, not all actions need to be attempted to get what you want. You are free to only do some of them. Furthermore, you may combine multiple parts of the protocol into one check. Of course, this increases the difficulty of the check. Your ultimate trade-off is speed (time it takes to slice, multiple checks) vs. complexity of task attempted (how many different slicing actions you’re trying to do at once).

Search (S)
Slicer make a Computers Check to find the location of the Data they are trying to acquire, or the target they’re trying to Seize. This action is for when you want to find out what’s hidden in the system, or you’re not sure where your target is hidden within the system. This step is primarily for mining pay data out of a complex storage system.

Seizure (S)
This action describes the process of acquiring system node control, control of a discrete virtual construct (protective programs/subroutines), or control over a specific real world system (i.e. fire suppression system). The Slicer decides what they’re trying to achieve control over. The Slicer must make a Computers check to seize control of their target. System nodes must be seized in this way to bridge a lower level terminal to a higher level one.

Decrypt (D)
This is the catch-all-term for granting access to a protected system as well as breaking into enemy signals. In short, if you’re trying to breach a protected system/signal, the first thing you’re doing is decryption their signals and codes to write yourself access.

Data Acquisition, Recording, and Erasure (DA/R/E)
Data acquisition is simply copying over target data onto a transferable system.

Data recording is for writing in new bits of data into a system without it being recognized as foreign code.

Data erasure is a simple wipe of all relevant data stolen or any other kind of targeted data which needs to be gone.

Slicing Systems
A Slicer can attempt any slicing action with a separate computers check or she can combine actions in any way she wishes to complete her goal and get out of the system quickly.

Combining these actions augments the difficulty of the Computers Check in any of the following ways:

·         Increasing the diff by 1 for every additional action attempted with the Computers check.

·         Adding 1 Setback for each additional action attempted with the Computers check.

·         Upgrading the difficulty by 1 for each additional action attempted with the Computers check.

Ultimately, the decision to increase diff, add setback, or upgrade is determined by the fictional circumstances surrounding the intrusion.

For example, if Data Erasure on a system is rated a level 3 (PPP), attempting to perform data erasure and recording at the same time may increase the difficulty by +1 (PPPP).  Furthermore, attempting to copy, write, and erase all at the same time would increase the difficulty by +1 (PPPP) and upgrade the check once (RPPP).  These actions do not need to be done in any particular order. With perhaps the notable exception of Decrypt, that’s the initial type of action used to breach a system or signal. Still, you are free to combine Decrypt with any of the other