Shadowrun 4: A New Matrix Paradigm

From time to time I like to play around with game design elements of RPGs (and other games, often miniature games) that I really enjoy. Over the last year, I’ve played a lot of Shadowrun 4th edition and I’ve grown to count it amongst one of my favorite RPGs. To be fair, Shadowrun 4th has its share of flaws, but I do believe it is probably the apex of Shadowrun’s RPG design in its foundation. One of the major flaws holding Shadowrun 4e back from achieving a higher level of quality is its Matrix rules, the design intended to allow Hackers (a player character archetype) to access the Matrix (a global wireless computer-linked communication system that employs both augmented and virtual reality).
Yep, pretty much this.
So, just as an FYI, this blog post is going to be pretty incomprehensible if you’re not familiar with SR4’s mechanics. You’ve been warned!
I’m not going to get into a full review of neither Shadowrun 4 nor the existing Matrix rules, but I do want to showcase here my design for a replacement system. I chose to create a design that fit into Shadowrun 4’s paradigm and solved some of the existing rules biggest issues – namely, the number of rolls needed to resolve a single Matrix task, using the rules to push the story rather than trying to mimic how actual computer programming works, and simplifying/streamlining the process so that hacking takes no more time at the table than any other archetype’s actions.
So I tinkered around with an idea – what if Hacking worked on a similar paradigm to Magic in Shadowrun? Magic basically takes only three rolls to resolve a typical spell: casting, resolving the effect of the spell, and then resisting drain.
What I came up with is the outline for a system where the Decker (I prefer this term to Hacker, and I’m using the term Cyberdeck rather than commlink, but these are basically just names) uses the same three rolls: hacking, resolving the effect of the program (mimicking the effect of a spell or a gun), and then resisting detection – since the whole point of hacking is to do it without setting off tons of alarms, just as the point of spellcasting is to cast a spell without knocking yourself out.
Click past the jump to see the rest of the design!

Note: This is an initial game design concept – more work needs to be done to turn it into a complete system and it is presented as an idea that needs further design and refinement.

Design Principles

Hacking should be more about the Decker’s skill and less reliant on his gear/programs.
Ideally, hacking operations should require no more than three die rolls. Adding additional die rolls, bookkeeping, or extra steps should be avoided.
The hacking system should not attempt to accurately model how computers work; instead, it should strive to meet the needs of hacking from a story perspective.
A simplified hacking system should strive to showcase the Shadowrun Matrix’s unique flavor.
In general, simplifying and streamlining means reducing the number of variables and things to keep track of – the most noticeable effect of this is that in this paradigm, the number of programs (with the exception of attack programs – see below) have been reduced to six.

Design Goals

Hacking needs to be streamlined from previous incarnations: not as complex, fewer dice rolls, easier to comprehend.
Hacking needs to be in line with the other systems of Shadowrun and follow a similar paradigm (i.e., Attribute + Skill + Gear).

System Design Sketch

System Rating

Everything that can be hacked has a System Rating. This generally runs from 6-12, although there is no upper limit. A truly high-level system (like a military command center) might have a system rating of 17 or higher. The system rating acts as both a threshold for the number of hits required to affect the system and as a condition monitor if attacked in cybercombat, with the number of boxes in the condition monitor equal to its rating. In the case of vehicles and drones, use the Pilot Rating and add 5 (this is a rule of thumb and is likely to be adjusted). In the case of other items, the rule of thumb is to set the item’s system rating at ½ its body, rounding up.
Generally, this means that you would take an existing System Rating in SR4 and double it. Subtract the program’s Rating to get your Adjusted System Rating.

Cyberdecks and Condition Monitors

Cyberdecks have a physical condition monitor (representing the physical condition of the deck) and a detection condition monitor (representing the Decker’s ability to avoid detection whilst hacking). When the physical condition monitor is boxed out, the deck is destroyed. Just like a physical condition monitor for a character, damage to the deck inflicts dice penalties for every row of three boxes. Similarly, the detection condition monitor inflicts penalties for every row of three boxes as well.

The Hacking Test

Whenever a Decker attempts to interact with an object with a system rating, he rolls Logic + Hacking + his Cyberdeck’s rating (this is a number that ranks between 1-6 and is roughly analogous to the current “system rating,” not named here to avoid confusion with this design’s use of the term). A typical Shadowrunner is likely rolling 15 dice (5 Logic, 5 Hacking skill, rating 5 cyberdeck).
Note: Again, to emphasize, this paradigm means that the Decker must roll a Hacking Test to accomplish any and all tasks inside a system – the usage of the Hacking test is intentionally broad because it is likely that a Decker will be making this test every round he is jacked into the system.
The threshold for his test is the system rating of the system he is attempting to hack. The Decker’s Exploit program rating helps the Decker by lowering the system rating’s threshold for this test by its rating (i.e., a Decker hacking a system rating 8 would subtract his Exploit program’s rating of 5, meaning that the actual threshold for the Hacking test is 3). This keeps the focus on the Decker’s skill rather than his gear, as the Decker modifies his programs on the fly to best suit his needs. This new System Rating (the original minus the Decker’s Exploit program rating) is known as the adjusted system rating.

Crashing a system

Instead of hacking a system, a Decker can attempt to crash it. This is done by attacking the system in cybercombat. The system rating is the system’s condition monitor and also serves as the number of dice the system rolls to defend itself against cybercombat (much like a Body attribute on a physical object in the real world). Crashed systems do not function until they are rebooted. Authorized Deckers can reboot a crashed system with a simple action. A system cannot be crashed if there is an active defender (Agent, Sprite, or enemy Decker) present.
Note: The procedure for crashing a system is just a basic idea for now and needs more development.

The Detection Test

Using a similar approach to magic, after a Magician casts a spell, he then resists drain. In this hacking paradigm, after a Decker performs a hack, he then resists detection. This mechanic represents the Decker’s skill at evading detection whilst hacking a system. To do this, the Decker must resist a number of hits equal to the adjusted system rating. The Decker rolls his Hacking skill + the Hardening rating of his deck. Any hits that are not resisted inflict damage to the deck’s Detection condition monitor. When the deck’s detection condition monitor is boxed out, alarms go off in the node and any adjacent connected node. Any Deckers or agents in those nodes are instantly aware of the hacking Decker’s location and cybercombat is very likely imminent.

Glitching the Detection Test

If a Decker glitches on the Detection Test, the IC of the system has noticed something is wrong and begins to interfere with his presence. This is represented by a basic chart that establishes a rule of thumb—the GM may always decide on something else happening and certain systems (such as ones used in an adventure) can have their own custom response chart.
Glitch on a System Rating 6-9: The Decker is hit with a Traceroute attack program with a rating equal to the adjusted system rating.
Glitch on a System Rating 10-12: The Decker is hit with a White IC attack program with a rating equal to the adjusted system rating.
Critical Glitch on a System Rating 6-9: The Decker is ejected from the system and may suffer dumpshock.
Critical Glitch on a System Rating 10-12: The Decker is hit with a Black IC program with a rating equal to the adjusted system rating.
Note: Naturally, glitches by player characters are going to be fairly rare, but this provides a simple and easy to use guideline for when that happens during the game.

Remaining in the System

Once a Decker has successfully hacked a system (i.e., he has boxed out the system’s condition monitor either through hacking or cybercombat), he can stay in that system indefinitely. Note that if an enemy agent or enemy Decker enters the same node, the Decker can be engaged in cybercombat. Every time the Decker attempts to make the system do something, he must resist Detection, meaning that Deckers who are active inside a system are likely to trigger alarms eventually unless they are exceptionally careful or stealthy.


Normally, just like a Magician casting spells, a Decker is limited by the rating of his program in how much he can affect the system rating of the system he is attempting to hack. Drawing another parallel to magic, Deckers can “overcast” by Overclocking their deck. This allows the Decker to increase the rating of his program up to double its base rating. However, during the Detection Test, any hits that are inflicted affect his Cyberdeck’s physical condition monitor rather than the detection condition monitor.
Note: This is the cinematic “holy crap I really need to make this work” moment. Overclocking has a definitive downside (you could fry your deck). It is likely that the player character is going to overclock in conjunction with spending Edge on both the Hacking Test and the followup Detection test, just like a player character Magician who overcasts. It is possible that the detection test could or should also be more difficult when the Decker is overclocking.

Resetting the Detection Condition Monitor

The Detection condition monitor does not “heal” as long as the Decker is jacked into the system in which he suffered the “damage.” Deckers do not simply jack out and jack back in once they are close to detection. Once the Decker jacks out of that system and performs a purge (a complex action requiring a Logic + Hacking roll with a threshold of 2), his deck’s Detection condition monitor resets and all the damage inflicted on it is “healed.”


Under this paradigm, the following are the core programs used by Deckers:
Exploit: Primary program for hacking. Reduces the threshold of a system rating for gaining access or information.
Spoof: Secondary program for hacking. Reduces the threshold of a system rating for giving commands.
Purge: The “medic” program – erases data from the cyberdeck. Adds its rating to the Decker’s Logic+Software Test for eliminating harmful viruses (including Traceroute).
Sleaze: Passive program – its rating equals the number of boxes of the cyberdeck’s detection condition monitor.
Analyze: The “perception” program. Adds its rating to the Decker’s Logic + Hacking Test for gaining additional information about icons in the matrix.
Armor: Passive program. Adds its rating to the Decker’s Logic Test to resist damage in cybercombat.

Cybercombat and Attack Programs

If everything in the Matrix has a system rating that also acts as a condition monitor, cybercombat can become a bit more interesting—you can essentially use the same options as physical or astral combat, such as taking aim or called shots. In addition, this paradigm makes Attack programs into basically the “gun” that the Decker carries into combat. In fact, you could easily present a number of different Attack programs with different ratings, perhaps some armor penetration, and so forth – this way, there can have a “street samurai catalog” of different types of Attack programs. Tar baby, traceroute, white IC, black IC – these all become “guns” that the Decker can have loaded into his Deck’s “holster” (program space) when he goes into the matrix.
Note: It is possible that Armor programs could similarly have some differences and thus also be part of the “street samurai catalog.”

Technomancer interaction

Under this Paradigm, a Technomancer’s Resonance equals his Deck rating and the rating of any required program. Overclocking on a Technomancer opens him up to physical damage on the Detection roll. In addition, Technomancers basically have access to any and all “guns” in the Attack program catalogue.

Agents and Sprites

Agents and Sprites should never be as good as an actual Decker. Under this proposal’s paradigm of Logic + Hacking + Deck rating, Agents and Sprites should only get two out of the three. I would recommend using Logic + Agent rating/Sprite force. This makes Agents and Sprites useful (roughly as useful as a tasked Spirit is to a magician) without making them as good as an actual Decker. Agents and Sprites have a detection condition monitor equal to their rating/force. The type and number of Attack programs or armor programs that a sprite or agent can carry should be limited to their rating/force. My initial recommendation would be 1 Attack program from rating/force 1-3 and 2 Attack programs at rating/force 4-6.


Example: Hacking the cameras to hide the team’s presence
A shadowrunner team is infiltrating a research facility. Sam the Decker has a 5 Logic, a 5 Hacking Skill, and a rating 5 Cyberdeck. All of his programs are also rating 5.
The shadowrunners need Sam to hack the facility’s security cameras so that they can enter the facility undetected. Sam is already jacked into the matrix and is within wireless range of the system. The system rating of the node controlling the security cameras is 9. Sam subtracts his Exploit program rating of 5 from the system rating of 9 and ends up with an adjusted system rating of 4. Sam rolls 15 dice (attribute + skill + deck) and gets 5 hits, successfully hacking the node. The cameras do not record the shadowrunners entering the facility. (Note: The GM could, if he wished, use the results of Sam’s Hacking Test to determine how long the cameras are nonfunctional)
Sam then must resist Detection, rolling his Logic of 5 and the Hardening of his Deck (also of 5) against a threshold of 4 (the adjusted system rating). Sam rolls 3 hits and he crosses out one box on his Detection condition monitor. Until he jacks out of the system, performs a purge, and his detection monitor resets, Sam is going to suffer a -1 penalty to all future Matrix skill rolls.
Note: In this case, Sam has the option in his next Initiative pass to try and “own” the camera system node. This would be accomplished by another Hacking Test against the adjusted system rating and successfully resisting Detection. “Owning a system” is another concept that is very basic in this design sketch.

One response to “Shadowrun 4: A New Matrix Paradigm

  1. I like this. I’m not an expert on Decking so I can’t comment too much, but this does make sense to me.

Leave a Reply