• Windows 2000, XP, Vista or Windows 7  (Some Windows 7 platforms may have trouble, see here.)
• DirectX 9 or later
• Video interface with at least 64MB of Video RAM
• Java runtime environment (1.5 or later)
• The game runs on 64 bit versions of the windows operating system -- but you must have both the 32-bit version of Java and the 64 bit version of Java installed.

1. Install the latest video display driver for your system.  This is the number one cause of problems with the game.  Run dxdiag (Start / Run / dxdiag) or type "dxdiag" in the Start / Search field on Vista to find what kind of display device you have.  If you have an Intel chipset as your display device, try downloading the latest driver from your computer's manufacturer (e.g., Dell).  Intel provides poor video drivers.  If the display information does not report a chip type, you might have a Dell and an ATI card.  Get the ATI driver and install the driver from the ATI bin directory (e.g., setup.exe -install.)
2. If your display resolution is 1024 x 768, set the Task bar to "Auto hide" or you can't read the ticker.
3. If you have an IBM computer having an IBM Java Runtime environment, you must update to IBM JRE version 1.5, or install a Sun JRE.
4. Does your system have a java runtime environment from Sun? (http://www.java.com/en/download/manual.jsp -- just the runtime is needed!) Confirm you are running the correct java by opening a command prompt and typing "java -version". You need at least 1.5.  And you need the 32 bit version.  If you have a 64-bit operating system, you also might need the 64-bit version of java.  Sun might force you to run the 64-bit version of Internet Explorer before they let you download the 64-bit Java (but they won't tell you that.)
5. Does your system have a graphics card with at least 64MB of RAM? (see the "display" screen from the dxdiag results)  Also, the card must support DirectX 9.  For example, the nVidia GeForce4 MX DOES NOT support DirectX9.
6. Are you running Windows 7 and getting  a message like: "World Texture Create Fails".  First, update your driver.  If that fails, try this DirectX installation from Microsoft.
7. Some older plug-in video cards (e.g., ATI Radeon) 9200 will not work unless you disable and remove the driver for the motherboard's video interface.  Uninstall the driver and tell Windows to not install it on the next boot.
8. If you run "NetSupport" for Classrooms or similar remote access software, that may disable DirectX functions.  See: http://www.netsupport-inc.com/support/td.asp?td=256&lang=
9. If you have dual monitors, some systems may have very sluggish cursor movement, others may have black windows.  Try turning off the dual monitor feature.
10. If the game was installed using an administrator account, and played using a user account, do users have read/write access to the CyberCIEGE directory and its subdirectories?
11. In the display / properties / settings /advanced, is "fonts" set to normal or small? (Large does not work).
12. Does your computer have a sound driver installed and is sound enabled in the BIOS?
13. The Help / Encyclopedia will not open when F1 is pressed.  Update the registry as described here.
14. Finally, if there is a recent "crash.txt" file in the CyberCIEGE/game/[campaign name]/[login name]/logs directory, send it to CyberCIEGE@nps.edu

Accessing Help / Encyclopedia via Microsoft Domain

Sometimes Microsoft HTML Help is broken.  The game relies on this help.  This section describes things you might try to get Microsoft's software to work.

If the game is installed on a local disk, from Start, Run dialog:

helpctr -regserver
regsvr32 itss
regsvr32 hhctrl.ocx
regsvr32 jscript

Or, if your system was corrupted via a "registry cleaner", try this Fix Windows XP Help:
http://www.dougknox.com/xp/utils/fix_windows_xp_help.htm

Or, re-install Microsoft HTML Help: 

http://go.microsoft.com/fwlink/?LinkId=14188

If CyberCIEGE is installed on a network domain (vs a local disk), you may not be able to access the encyclopedia (via F1).  Fix this as follows:

Cut/paste the following (in between the “=====” )into a notepad file and name the file FixCHM.reg

===========================================

===========================================

Replace "comfort" in the above file with the name of the network share that you use.

Double-click to run the file.  This setting “MaxAllowedZone=1” allows access from the “Local Machine zone” and the “Local intranet zone” (i.e. just LAN systems and not Internet systems).  Make sure you've added the network share to the "Intranet" sites in IE under the Internet security options.

• Added SSH into the SSL functions.
• Introduce self-signed server certificates and user settings to
• accept any server certificate or root.

• When retrieving PKI client application records, single user default caseshould rely on whether or not the workstation requires local authentication- user’s can authenticate even if not necessary (e.g., on a system having anopen guest account.)
• Scenario replay function assigning users to servers.  Still an approximation,but only do assignment if it is a workstation.
• Link encryptor network connection via menus failed to update encryptor-specificstate.  Resulted in crashes of scenario.
• Revert IdDB scenario back to using Web services to access data.   ACL protection works for authenticated web sessions.
• Error handling of bad video interface to report message and shut down gracefully.

• “Down time” scenario attacks on email server succeeding.  These should not occur.  Side effect of web/ssl changes.

• Completed SSL scenario including use of TLS and smartcards.
• New MAC and integrity scenarios in a new MAC campaign
• Distinct logic to steal web/email passwords via wiretaps.
• Add 'shared' attribute to assets in goals to reflect cases where all asset goals having that shared asset must succeed or all such user goals will fail.
• Add 'Asset Computer Single Level Network' condition to assess label on the component containing an asset for the network connected to a given user’s computer.

• Loading scenarios with existing email goals leads to crash if computer is later scrapped.
• Permit assignment of network labels via the menus and support replay logs.
• Video status debug function failed due to earlier change in user entity management.
• Network MAC connection type comparisons not accounting for non-MAC components.
• Flow between network of different labels not properly accounted for. 
• Incorrect integrity motive calculation, typo in code.
• Asset goal description truncated, shorten line length.
• Browser configured to use smart card for TLS not requiring smart card reader.
• Remove 'Asset Protection:' field from SDT - has not been used.  Intend that 'Use ACLs' be used instead.
• Zone domain calculation for sub-zones returns invalid value.
• Alter User Identification scenario to use SSH for remote access from the hotel computer - the web service is vulnerable because of its patch frequency.
• Clarify meaning of software assurance with respect to software integrity.  
• Application assurance reflects integrity.  O/S assurance reflects policy enforcement strength.  A different O/S value (Integrity) reflects integrity.
• Replace high motive integrity logic with new topology assessment, removing old, now unused, code.
• Stop Worms help tip for returning to office comes from wrong location.
• Do not process gamecore when malware added to a computer, wait for next cycle because it won’t effect goals immediately.
• Change IdDB scenario to use SSH to access identity database instead of web server to avoid web SUID feature descriptions.
• In Link Encryptor scenario, remove extraneous LANs to simplify player help.
• Error message if designer includes network connections on workstation ID devices.
• Repaint menus to avoid blank menu displays.
  

• User Identity scenario missing files prevented new SSL functions from protecting remote communications within the scenario.
• Treat pay-per-cert fees as losses when computing player loans.  Was keeping Hard Rain scenario from letting player buy a router.

• Remove motive to modify email in hard rain scenario.
• If user given account on one workstation, and the workstation is otherwise unassigned, assign the user to that workstation.
• Hard Rain scenario not penalizing player when Miller cannot construct the quote.  And add popup help for cases where scenario is one of the first played by a student.
• Users being selected for speaks when cursor is off the displayed office.
• Email client dialog not displaying CA combo box when checkbox is selected.
• Custom component configuration not handling null replay file names.
• Add 'CompanyHasWorkstations' condition to assess workstation counts.
• Clarify attack messages when a public CA is spoofed into issuing bogus email certificates.

• Reimplement SSL functions to make  use of PKI features.  Include TLS and smart card-based access.  Distinguish web-based authentication from other remote authentication.  (Some saved scenarios that use SSL, e.g., IdDB, may fail with this update.)
• Initial implmementation of SSL scenario (Angle Locks).
• Associate users default group with a domain as a means of identifying which domain a user belongs to.  
• Introduce daemon entries into ACLs, e.g., for email and web services.
• Add custom trigger and component interface handing to allow developers to call out to external software.  

• In ParaZog, change label of 'Derivative Database Instructions' so it is not attacked before the carbon credits derivatives. 
• Don’t let scroll bar fiddling result in double click events.
• Some reloaded games initially display without a status panel.
• SDT game run script syntax error kept some windows command processors from parsing the sdf file name.
• Player scenario advancement broken.  Needs to reflect progress per campaign.
• F1 pressed in email client form brought up VPN help.
• Saving game with time compression causes restored games to return to that time compression.
• Loading scenario missed PKI CA’s if the CA is not also one of the installed roots.
• Add user thought if network filter might be blocking goal.
• Error in 'userClaims' determination of which workstation used by a user for a given goal.  Could affect email attacks.
• Add 'minutes played' column to campaign analyzer summary table.
• When attacker assumes some user’s ID, require NFS as a minimum (for filtering).
• Attack button no longer appearing after debrief screen. 
• Extend sniffed password logic to make password available to attacker from wherever.   Take advantage of the attack cycle, with assumed id’s occurring first.   Per-server, record users whose passwords are compromised. Also record post-it passwords. 
• Authorization profile logic not accounting for clearances and group membership.
• Measurement of user training for computer does not account for remote access to servers.
• Link Encryptor scenario 'stale keys' reported even if keys are changed if game is replayed. (save / restore lastKey and lastTime)
• SDT library tree not displaying elements with lower case suffixes.
• ACL rights not properly saved/loaded when they differ from intended rights.
• SDT would not open set if another set with the same name was open, even though the sets are of different types.
• Email client configurations managed within authentication servers.
• Use of email services in attacks should depend on whether the target asset is an email.
• Not checking authorization profiles for locally defined profiles.
• Reference integrity attack descriptions missing goal related information.
• Alter runPlayer.bat to try java in system path if registry is not visible.
• Replace the CyberCIEGE.exe compiled bat file with an explicit bat file - some platforms will  not run the compiled bat files.
• Saving a scenario that has not been started leads to crash when scenario starts. 
• Camera movement: when iterating to the main office building without a viewpoint, use the world center for the main office instead of the initial camera position (which may be offsite).
• When user position not within a defined zone, walking path calculations can cause a crash.  At least provide an error message.
• When moving to a new phase, reset the frequency reference clock for attack triggers whose motive is -3 (governed attack triggers).
• Public access to web server access was being determined based on intended access vice the ACL values.
• Reporting loose filters allowed access to a subverted service even though the service was not subverted.
• Reference integrity wiretap attacks not reporting goal-based attack reasons.
• When computing computer training values, don’t count unauthenticated access.
• Subversion of partner CA should depend on security attributes the player can assess.
• Add custom trigger and structure for custom component configurations.
• Respond to Shift-F10 with popup menu for currently selected component or user. Enter key was not being accepted. 
• Zone entry logic change to reflect users who are 'escorted' visitors, i.e., offsite visiting needing access to a workstation.  Or assigning a user to a desk.
• Add patch management status to subverted service attack feedback.
• Email UI missing function to let player validate PKI certificates.
• IT Manage screen over-written by user speaks bubbles.
• When computing IT staffing-based 'trust' in components, don’t penalize components that are in foreign domains.
• Hiring IT staff not immediately effecting IT-dependent security.
• VPN use of spoofed roots not accounting for policies that require certs from selected domains and no cross certification.
• Filters scenario steel formula asset missing dac protection setting.
• Physical security scenario can be won even if Jerry fails his goal.
• Update player cash for costs along with other updates, don’t wait until end of the day.
• Saved games were storing calculated rights for ACLs vice explicit modes.  ACLs don’t use calculated rights.
• Some game reloads cause crash, moved UI re-init before scenario loading.
• When dragging users, calculate access to closest workspace rather than mouse position.
• Adjust GenesRus economy so Mary’s goal failure puts player into a penalty

• NMCI platforms hide the registry from the command processor, look for Java in the system path if regedit fails.
• Some platforms cannot execute compiled batch files.  Replace the run-from-cd compiled batch file with a simple batch file.
  

• Campaign player not advancing scenarios.

• VPN Scenario allows advancement to phase four even though web access goal fails.
• Save game function crashes when workstations deleted prior to save.
• 2d animation and fire system not being shut down before scenario reload.
• Identity database scenario would not load due to duplicate component name checking error.
• Right click on a server rack, but not on the computer causes a crash.
• Advanced VPN scenario is insufficient money to purchase a CA and the VPN gateway.
• Hard rain scenario ending leaves player thinking they should do something different to avoid the negative ending.
• Spot light grouping not really working.  Disable fire light group in small base.
• Triggered game saves are not creating asset content files. And game not loading proper folder.
• Attack feedback when compromised crypto software leads to wiretap.
• When player pauses game, reset time compression to the initial time compression defined for the scenario.
• Parazog scenario saves an interim point in phase three.  Rename that point to 'ParazogPhaseThreeA' to be consistent with other saved file names.
• Deselecting the 'guard at door' entry in the ZONE screen should cause the associated guard to wander and not be associated with the zone.
• Single click on asset subsequent to a double click causes asset content to display.  Also, double click on empty asset displays empty form.
• Don’t save currently selected devices or computers - not really kept.
• Appending (PARAGRAPH) to text when saving causes multiple lines of that.
• VPN logic failed to account for NOXCERT policies in some profiles.
• In the ParaZog scenario, clarify that Max is done with the offsite office.
• Loading saved versions of ParaZog can cause phase three to be skipped. 
• Lack of smartcard minter not reflected in failed goal thoughts, and does not lead to failure to decrypt email.
• Don’t let player scrap CA’s.
• Hide attack log button when in the network screen.
• Email client dialog CA selection combo box not hidden if 'use card' is selected
• Authentication server scenario required the data server have long passwords to get past that objective - it should only be required of the user workstations.
• Authentication server scenario, player had to run a few seconds into phase 2 before new user appears.
• Who Are You? VPN domain selection does not include offsite locations.  Define two primary offsite locations as separate domains.
• VPN client can access servers on local LANs though configuration should prohibit it.
• Add guard feedback if ID Device VPN setting prevents communication with databases.
• Asset screen intended access listing of discretionary controls should have column headings so it is clear that 'modify' is a mode of access.  Also, don’t open group popup dialog if player selects 'public'.
• Alter Patches scenario to have an introductory phase that encourages the player to first just watch what happens.
• Attack response trigger frequency setting of -1 subject to side effects of random value logic. 
• Checkpoint direction faces wrong direction (introduced by recent change).
• Door location logic in military base too narrow at wide outer door.
• Loading saved game results in incorrect time if saved at 12:xx.
• If workstation has a configured VPN client that keeps it from meeting goal (e.g., because player also configured a local gateway) reflect that in a user thought.
• SDT scenario form scrollable text areas hard-coded too large.
• Change the Café scenario to use forced cameras.
• Add encyclopedia trigger and hint to Hard Rain scenario to give player a clue about configuring the email application.
• Key Types scenario floor plan missing server room image.
• Don’t let scroll bar fiddling result in double click events.
• In ParaZog, change label of 'Derivative Database Instructions' so it is not attacked before the carbon credits derivatives. 
• Some reloaded games initially display without a status panel.
• SDT game run script syntax error kept some windows command processors from parsing the sdf file name.
• Spot light grouping not really working.  Disable fire light group in small base.
• Triggered game saves are not creating asset content files.
• 2d animation and fire system not being shut down before scenario reload.
• Identity database scenario would not load due to duplicate component name checking error.
• Right click on a server rack, but not on the computer causes a crash.
• Advanced VPN scenario is insufficient money to purchase a CA and the VPN gateway.
• Thinkpad laptop problem with display of java dialogs - kept flashing dialogs.  May be related to 'blue window' problem with java dialogs.  Fix by setting focus to null after each call to dialogs.
• Camera tracking logic and 'Force Camera' scenario reworked. 
• Player could cause camera to lock onto unintended location. 
• Rework user walking through doorway logic to more reliably prevent the camera from turning until the user is clear of the door.
• VPN Scenario allows advancement to phase four even though web goal not met.
• Save game function crashes when workstations deleted prior to save.

• Attack descriptions for subverted services truncated -error introduced in version 1.9s5.
• When camera is tracking one use, a single click on another user will change the Information Panel, but will not alter the camera tracking.  Cameratracking should be disabled at that point.
• Guards not walking to new assignments at new zone checkpoints.
• In the ZONE screen, move the physical security display above the zone description.
• When attacker assumes a user’s ID (e.g., via poor passwords) access should be limited to the modes of access permitted the user.
• Monthly costs of IT staff/guards incorrect after firing someone.
• Convert security and IT staff costs to $/hr to better hide fact that single staff covers 3 shifts.
• Change log renaming logic to copy the temporary log file rather than rename it.  Anti virus or unknown software might open the temporary file, preventing it from being renamed.
• Player able to select the attack log while a dialog is up - that led to hiding the dialog, effectively freezing the game.
• Insiders at main site should not physically attack offsite zones.
• Move the directX/java query executable to the game/exe directory so that it can make use of the msvcr71.dll.
• Error in camera tracking logic caused camera to shudder between positions.
• Correct placement of ID devices within internal checkpoints.
• Provide pull-down menu functions for firing guards and IT staff. And extend the 'other' pull down menu to include hiring staff.
• Relax non-fatal error checking when game is in automated test mode.
• Increase size of user description and user goals windows so texts more readable and more clearly laid out.
• Error messages for Windows 7 video issues.
• Use of remote service (e.g., web server) to access asset with no password protection reported as a subverted service.
• Revise format of attack log entries to have one component or network per line.  Make it easier for users to understand the attack logs.
• User speaks and component diagnostic messages: test that camera has stopped panning before displaying message for component or stationary user.
• In SDT, let designer move elements from one set to another.
• 'Network Authentication Through Cryptography' movie does not display from encyclopedia if encyclopedia started with F1 (but it works if started from Campaign Player).  This one movie used to have a Microsoft digital signature problem, but rebuild of movies fixed that - go back to standard way of playing this movie.
• Link Encryptor scenario lab manual question about when link encryptors fail on when used over the Internet is not clear.  Rephrase to make clear what  it is that is failing.
• When saving and loading games, don’t display directories that have the name 'log' or that start with 'saved_', the latter being holders for scenario attributes such as asset content.
• In response to player double click on vpn gateway, move vpn display invocation to gameshell loop to avoid invoking Java from CheckObject loops.
• Checkpoint location calculation sometimes depended on zone information instead of workspace information.
• Add staff 'fire' event to replay log processing.  And give the player a choice to reset zone guard-dependent selections when a guard is fired.
• If zone break-in is aided by zone ID equipment that lacks policy or guard/key lock, report that in attack logs.
• Zone settings for 'Scan Visitors' and 'Log All Entry' had negative value.
• Yes-No dialogs display broken when button text is long - repack components. Iterating through devices and computers can cause crash after scrapping a component.
• Change automatically saved SDF names to scenario-specific names.
• Saving game with small military base as offsite leads to crash on reload.
• Café scenario: incorrect feedback if player chooses to use the
• USB to store pictures, but not to access hardened browser.
• Closing game load/save dialog without choice can lead to lost log files.
• Save Game Trigger change to allow symbolic substitution of the scenario name so that sdf names are unique across scenarios within the same project.
• Check for duplicate component names at startup.
• Not completely saving pki goal state for email senders and receivers.

• Key Types scenario fails to attack vulnerable assets via wiretaps.   Also reports need for PKI setup twice.

• First draft of Identity Database scenario. 
• Introduction of asset content viewing and inference condition.  
• Campaign Analyzer: Have the tool consume any zip files it finds in the game folder so instructors don’t have to unzip and differences in zip tools won’t affect the folder hierarchy.

• Event log viewer not completely including background check changes, also include background checks as replay log function.
• Targeted malware attacks should corrupt data from a subverted goal source computer if the goal’s user has modify access to the asset.
• Make FlipStrip O/S compatible with bitflipper router for hardened routers.
• In SDT, during clone operation, don’t report 'existing directory' unless the directory contains something.
• SDT: delete temp files on exit.
• Filters should not protect assets if open ports leads to an unprotected service and the attacker has access to the asset (e.g., no remote authentication required).
• Alter exception handling to give graphics exceptions a chance to display.
• In directX and java check function of installation, handle strings from the batch file (e.g., to report 64 bit platform java requirements.)
• Alter runplayer.bat to check for 64-bit platform and java.exe in the x86 system directory.
• When assessing server-side applications for transport and higher encryption, only consider filtered software types.
• Hide groups until they are used (e.g., some user appears who belongs to the group).
• Random occurrence of virus when designer specifies only Trojan horse, and vice versa.
• SDT would run old SDF if recent build/run operation resulted in validation error.

• Neglected to distriubte texture files for  new cafe scenario signs.

• Initial relase of "Identity Aggregation" scenario, "cafe".
• Add QuestionUser trigger so that players can revisit questions concerning behavior of characters.  Indicate 'good' answers that are intended to let the scenario play forward, thus breaking the link to the question.  While links remain, user goals will fail and the player can revisit the question via a right click on the user.
• Add ObjectTexture trigger to change the tga used for a dynamic object.  This trigger must occur before the first show-object trigger.

• Recent change to 'findZone' logic to not depend on zone ordering resulted in incorrect selection of largest zone when other zones were given a higher index number.
• ParaZog scenario lab manual not loaded  in scenario file.
• ParaZog scenario not hiding unused assets. 
• ParaZog, 'Survey Targets' asset gets attacked in later phase if game is reloaded even though the asset was protected.  (Save and restore indication that a goal’s asset is protected via PKI.)
• If lose trigger fires with blank debriefing text, use text from latest attack log entry.
• Add AssetVulnerable condition to determine if an asset would be compromised.
• Stop user animations when dragging user.
• ParaZog scenario, don’t describe carbon credit attack until it is visible to the player. 
• Change MoveUser trigger to optionally not move the character - just re-assign workspace.
• Question and multiple choice dialog text areas should not be editable.
• Add game switch (-J) to set and display windows arrow cursor.  Intended for use when screen capturing demo movies, otherwise an hourglass is captured.
• Revise height offsets of 'smoking' characters.
• Smooth camera rotations
• Limit previous character path walking adjustment to cases where X position is increasing.
• Database selection function in IdM scenarios cause crash.
• Reload of scenario with DNA scanner caused crash.
• Purchase of computer while game running and user walking can cause user to freeze.
• SDT user manual missing some triggers and condition.  Also, clean up the computer configuration and procedural setting values in the 'AssignedComputerHas' condition.

• Database selection function in IdM scenarios cause crash.

• Users no longer walk through chairs when sitting down and getting up.
• Encyclopedia 'troubleshooting' entry goes to update page instead of support page.
• Moving a user to a workspace lacking a computer caused crash if user’s old computer was then deleted.
• Sitting female users sunk a bit before standing up.
• Camera control: restore limits to camera panning to prevent camera getting lost. 
• Right button down dragging for rotate and height adjust.  When panning, if cursor leaves office area, keep panning in that direction as long as the left button stays down.
• update SDT log viewer to 'find' scenario element related to double-clicked log entry (e.g., specific trigger).
• Permit email encryption without signing.
• ParaZog scenario: increase penalty if Molly can’t receive derivative database email.
• Pending loan amounts not zeroed when buying staff or physical security.  
• Calculation to determine if player has enough money to buy item with the load fails to account for current cash.
• Attempt to hire guard without enough money results in no guard, but the hire screen reflects the guard is hired.
• When determining potential email clients for users, include only workstations that explicitly have an account for the user (or via auth server) excluding 'public' access to workstations.  And when displaying email configuration dialogs, display the USER name.
• Email client logic not incorporating authentication servers

• New "ParaZog" scenario to illustate use of smartcard-enabled email clients to encrypt and sign emails.
• Add semantics to 'SelfAdminister' for servers - implies all locally known users have admin and can see all data.
• Alter wiretap attack logic to include an encryption assurance that simply reflects the algorithm.  Attacks on keys and mechanisms occur in attacks other than wiretaps.
• Add MoveUser trigger to move users offsite
• Add AddZoneAccess trigger to add user to zone access list (e.g., to simulate insider getting access via some other means.)
• Add smartcard media data exfiltration as an attack type.  Such an attack may succeed if a single user has two email goals each being satisfied via smartcard encryption and/or authentication.  Such a situation can result in 'computer as a gateway' topologies whereby one workstation links to another workstation via the smartcard.
• Add UserSetClearance trigger to set/change a user’s clearance.  And don’t display unused clearances.
• Add RemoveAsset trigger

• SDT VPN form buttons have wrong labels after 'Add' operation.
• Failed to call 'setFrame' when new set element selected, leading to failure to open VPN set elements.
• With respect to achieving goals, users cannot leave the site that they are currently assigned.
• Set email and VPN client forms such that myCA values are not editable so players cannot issue certificates across domains (other than pay-per-cert).
• In the zone screen, display zones in order prescribed by designer.
• Attacker direct access to computer results in subverted boot if motive > 50 and assurance less than 400.
• Add FlipStrip O/S as compatable with IdM devices.
• Phase description and objectives for VPN Intro scenario have artifacts from VPN Advanced scenario, remove the last phase and change the Win debriefing.
• Untrustworthy insider does not accidently install malware if training >= 95
• When tabbing viewpoints, skip those that fall within a hidden zone.
• GetTrojanOnMachine logic - begin to rework.  Only look at the given computer, deal with remote TH access to assets elsewhere.
• Components self administered by hostile insiders being missed via red herring password policies.
• SDT tabs truncates set names that include periods.
• When displaying user clearances, hide those for which there currently exists no visible assests.
• SDT trigger form 'slaved to' convenience listing missed the third slave of a trigger.
• In the runPlayer.bat script, detect 64-bit OS when java is missing and tell user to install both 64 and 32-bit versions of java.
• A little bit easier to select a user for dragging.
• When dragging and moving users (via trigger), orient the user per the target workspace.
• Revise 'findZone' logic to not depend on zone ordering so that designers are free to order zones in list as needed.
• Incomplete dereferencing of email goals when computer deleted led to crash.
• Permit scrap of ID devices
• Zone screen physical security selection corrupted by help tip buffer overflow.
• Extend loan logic to hiring guards who cost at startup.
• Erase goal failure tickers when goal is met.
• Display Costs and Budget as per/hr values.
• Don’t advance User Identification scenario until player provides individual accountability.
• In Filters scenario, restart internet attacks after  phase two so player can’t just open all ports.
• Refine automated camera rotation to get further from walls if possible.
• When buying: if you cancel a workspace buy, the subsequent computer placement can lead to a crash.
• Alter trigger processing such that '-1' as a trigger frequency means the trigger conditions will be evaluated subsequent to each asset compromise. 
• This is intended for attack feedback triggers to reduce the window of time between a player’s change to a configuration and the display of feedback from a compromise that occurred prior to the change made by the player.
• Ampersand (&) in logs confused xml processing.
• In Filters scenario, reduce motive on research data so all firewalls are strong enough to defeat attacks.
• Game save logic was saving computer rights vice explicit access lists. 
• Only appeared to be a problem if 'local authentication' was not set on component.
• Some speaks were not appearing when in replay log processing.  When in replay, change infinite speaks to short duration speaks.
• Change remaining message dialogs to use java dialogs.
• Link encryptors scenario was saving phase state before phase transitioned.
• Key types scenario adjustment so that selection of PKI crypto after third user shows up results in consistent player feedback.
• Revise loan logic to let player take loan that is smaller than triggered amount if the triggered amount exceeds total losses less loans-to-date.
• Error in vpn connection profiles when source computer explicitly named in unprotected connection

• Initial release of the "Hard Rain" email encryption scenario.
• List email protections on Assets screen.
• Add an EmailProtected condition.
• Add emailInstallRoot trigger to cause a root cert to be installed into some vendor’s email client.
• Add semantics to 'SelfAdminister' for servers -- implies all locally known users have admin and can see all data.

• Renaming log files failed due to race conditions?  (more likely antivirus opening files).
• Malware warning log entries missing component identification.
• User thoughts: if failed all goal and startIndex = posIndex, think 'I have no place to work.'.   If failed all goals and no computer,'would be nice to have a computer.'
• When creating missing assets - let virtual users create assets on static computers.  And do not let malware introduction into static servers.
• Happiness adjust trigger should affect displayed happiness, AND base happiness.
• SDT manual description of CompareTriggers condition had triggers reversed.
• Check java version during setup installation and launch.
• Game crash iterating between non-existent components.
• Smoother camera motion when following a user.
• Reset workspace lighting (highlighting workspace of wandering, selected user) when user sits down.
• In DescribeAttacks speaks, change text to first person.
• Logic to limit assessment of assetAttacked conditions within triggers to once per attack failed when condition only appeared with a trigger condition parameter.
• In computer screen, don’t display hidden users in access list.
• Hidden zones can cause crash when going to network screen.
• Alter camera auto-rotate logic to start with the current angle, sweep in one direction half the arc, and then the other. 
• Don’t rename static computers when assigned users become active.
• When determining whether an asset failure is new, distinguish between failure to access and failure to create.
• When conducting indirect attacks, try computers in all accessible zones prior to using your own computer.
• Don’t display user’s membership in the 'public' group.
• Sequence insider attacks such that they first try using computers that they have goal claims upon.
• When in Network Screen, don’t display zones that lack components.
• Not returning to correct screen after going to software screen from computer screen.
• Run the getdxver.exe if java not found in runplayer.bat to remind user they are missing java.
• OnScreen conditions reflecting office screen during startup for short window of time - the condition value should be the briefing screen. 
•  Buying network device after buying computer caused player to be charged the computer price rather than the device price.

• Identity theft scenario hints for connecting to internet after connection is made if protections set on user’s asset.  Change condition on hints to only consider connectivity.
• Make user speaks and help tip triangles translucent.
• Opening encyclopedia from a java dialog and then ending the game hung the campaign player until the encyclopedia is closed. 
• Stop the game clock (but don’t pause the game) if the game loses focus to something like the encyclopedia.  Restart the clock as soon as focus returns. 
• Make hand scanner and iris scanner exclusive in zone policy screens.
• Buy screen items scroll off the screen.
• Use of <esc> key when in network screen and filters or link encryptor dialogs corrupts the screen.
• Configure from network screen leads to crash.
• Selecting one-time-password moves camera to non-existent user if done early.
• Enforce no-loans on zone security and permit loans per existing logic.
• Introduction scenario help tips on physical security appear even when enough security is selected.
• Change network services logic such that if remote authentication is required, attackers must compromise web service (or any other network service) to access accets having non-public intended access regardless of their ACL. 
• Setup scripts for updates failing to over-write some files.  Change update create process to ensure each update contains at most onecopy of each file

• Crash in IdM Who Are You scenario due to error in vector data type handling.
• Crashes resulting from some game re-loads due to errors saving users and computers

• Add clearRegister trigger to clear registers in cases where conditions other than the answers determine the feedback to the player.

• Identity management changes not included in previous update, stronger router to avoid some internet attacks, fix conditions for quiz responses.
• Game crash in some Identity Device conditions
• Let player escape out of java dialogs (sometimes java hangs without drawing buttons)
  

• Extend Advanced VPN scenario to include a need for cross certification.
• Add VPN_XCERT_CA trigger to sign some CA’s cert, intended for use with external remote parties (e.g., suppliers)
• Rework right-click component menus to support submenus.  Allow network connection / disconnection via these menus.
• Add 'HideSite' trigger to hide or show a site and its components and users.
• Add a fourth offsite zone
• Add 'LimitVPNs' trigger to limit the number of VPN mechanisms the player can deploy at a site - thereby forcing the player to establish certificate polices rather than deploying parallel VPNs.
• Extended game engine to support encrypted and signed email using PKI -- no scenario yet and not fully tested, but try it out.  See descriptions in the Encyclopedia and the SDT User's Guide.
• Add attack properties reflecting use of computer as a gateway and attacker allowed into the zone.

• VPN connection test dialog did not expand properly when remote gateway selected - lack of java ui pack function.
• Log entry for component scan events included null values.
• Error check for no internet connection to a computer coming out of the SDT.
• Attack profile grew larger than 32 - extend to 64 (long long).
• Catch designer error condition where more offsite zones are defined than are expressed within the Scenario Form’s office type definition.
• When user has no department, don’t display 'Dept:' labels.
• Revise user thoughts when goals fail to be more descriptive.
• When workstation availability goes down and user thinks  about it - identify the workstation.
• In SDT, create copies of xml files (e.g., for vpn definitions) when designer does save as or add functions.
• Alter loan logic such that players can only take out loans against losses incurred.  Thus, if the designer provides enough money for a limited set of equipment, and the player loses money, the player
• can still purchase the limited equipment via a loan - but the player cannot take loans beyond the intended capitalization.
• AssetToNetwork condition was not accounting for wiretaps.
• Add diagnostics messages when JVM cannot be found by the game engine.
• Change trigger system such that the slaves of selected trigger classes will not fire if the trigger does not 'succeed'.  First instance is the VPNXCertCA trigger (for cross certifying certificates).
• VPN connection test not accounting for no selection of encrypted network.  Also, permit connection test for simple scenarios.
• Network screen did not select component when player uses Internet cloud as network button.  Also did not display 'cannot alter' message when player selected static network component.  And stop using helpId to identify components.
• Reflect user goal failure penalties as $/hour in user screen.
• When player scraps a component, tell the player how much refund will be within the dialog.
• Extend menus for buying and help.
• Saved SDFs should store names of visited users and computers rather than numeric IDs.  Also, when saving and SDF, store the users in the order in which they appeared in the original SDF.
• Save and restore camera selections.
• Dragging user when other user was selected in info panel sometimes lead to user’s occupying the same space.
• Condition classes measured for 'greater than' as condition parameters should include the 'Company_Has_X' conditions.
• Error in handling hidden assets lead to crashes.
• Handle static components in vpn dialogs - don’t let player update static components.
• Replay function not recording correct cost of components.
• Save game not correctly writing trigger condition properties (bit masks)
• Alter Campaign Player batch file to find java in the registry rather than relying on it being in the system path.
• Distinguish between virus and Trojan horse in log entries.
• Replay function must assign same name to bought components as was done in original play.  Also, log and replay player initiated component renaming.
• Not withdrawing availability tickers when game engine sees staffing as not 100%.
• Save and restore computer malware descriptions.
• Seed the random number generator.
• Catch and report more errors initializing 3d acceleration.
• Logic removing user thought types failed to remove all thoughts of the given type.
• Uninitialized string in netview.
• Right click on component in list to see menu.
• When selecting ID devices, display whether it is associated with a workstation and limit menu options based on its use.
• In the ID device pull down menus, if the ID device does not have a potential external ID database or activity log, don’t include a configure option in the menu.  If it does, display the option as 'Select ID Database or Log'.
• Database selection values for ID devices not correctly initialized.
• In Filters scenario, detect use of computer as a gateway and distinguish ticker message to not suggest Mary has Internet access.

• New tutorial movie on Public Key Infrastructure and some of its vulnerabilities.
• Feature to zip the folders that contain log files and place the zip on the user’s desktop. 

• Don’t select user for following / emotion icons unless player clicks on theuser and the user is already selected.  (Logic was lost as side effect of previouscamera logic change.)
• In the SDT, don’t delete software from components just because scenario lacksit - unless designer has selected a new O/S.
• When selecting computer upon which users will create assets, was not accountingfor filtered software types when assets had labels.
• SDT 'New Scenario' failed because file not created (new scenarios typically donevia 'save as' to inherit zone, workspace and other basic files.
• Prior to first unpause of game, some goals have ambiguous status untilit is determined if user can create assets on the topology provided by theplayer.  Display a 'unpause to see' message under the user’s'failed goals' in such cases.

• PKI additions to VPN mechanisms and identity devices.
• Each gateway and client (including ID devices) can be configured by the player for either symmetric or public key encryption.  A scenario switch can force 'simple' vpns that hide key management decisions.
• Symmetric keys require key management by selecting keys named A-Z in the connection profiles.
• Public keys require purchase of a CA or selection of Cert-for-Fee certs.
• Each component is configured with one or more Root CA.  This could be a locally purchased CA, or a cert-for-fee CA. 
• Function for one CA to sign another’s cert. 
• Certification Authorities occur when that software type appears on a computer. 
• Add diagnostic type function to VPN dialog to test connectivity with remote component.
• Add trigger (VPN_CA) that will cause an indirectly named CA to issue a certificate for a named VPN mechanism.  The CA is named in terms of an user’s access to a given asset, i.e., 'whatever CA facilitates the data side of Joe’s access to the Roadmap.'  Intended for use with VPN mechanisms controlled by rogue users within an enterprise

• Playing saved scenarios failed out of the campaign player
• Remove SDT 'Import' function - it is no longer supported or used.
• Don’t list internal mechanism 'zone users' under users allowed in zone
• Expand multiple choice to A-F and provide multiple guess option (checklists of answers)
• When user selects a group name, display the background check dialog.
• User speaks flicker distractingly while users walk, alternating between triangle coming from side of text box and bottom.
• Extend computer diagnostics function to devices, and support diagnostics in the Network screen.
• Alter menu handling so that unused items are simply not shown, and item indexes are fixed regardless of context.
• During initialization, don’t assign user to workspace unless the user has an asset goal utilization.
• Improve automatic camera rotation when following  a user, e.g., if user going through a door,  wait until the user completes that before trying to rotate the camera.
• Clean up java error handling, terminate game shell on JVM errors.
• Remove remoteFromMyComputerSet from user data structure (and related unused relics).
• Double click on vpn gateway brings up both the vpn dialog and the filters dialog.
• Disable scene mousing when dialogs are up.
• Remove attempts to display hourglass when cursor leaves java dialogs, leave it as a hand for now.
• Permit alternate syntax to express trigger condition parameters as 2^n (i.e., for attack properties).
• Extend AssetAttacked attack profiles to wiretap attacks.
• Fix paragraph handling for second trigger text fields.
• Attacks on VPNs with symmetric keys via rogue components with same key should only occur if attacker has access to physical network (e.g., Internet). 
• For now, motives above 80 lead to these attacks regardless of physical network access.
• When dumping condition values, display AssetAttacked evaluated answers as powers of two, e.g, [4][12]
• Expand condition structure to include attack profile for use in AssetAttacked and other conditions that have attack profiles (which are unsigned longs treated as large sets).
• SDT attempts to open empty set folders should not report 'corrupt file', it should be ignored.
• Adding virus via SOFT_SelectRandomSWofType failed.
• Remove 'Instantiated' flag from SDT asset definitions.
• Don’t copy subversion directories when cloning projects
• Virus software types were being ignored in the software lists.
• Add duration to computer burn triggers
• When resetting wandering users, use the relocation logic to more reliably return them to their desks.
• Allow designer to select an offsite office without defining the zone (at least prevent crashes).
• Withdraw component 'abnormal access'-type tickers if problem is fixed.
• Don’t add zero-cost attacks to the attack log unless/until the asset is named in a lose trigger that fires.
• Replace the briefing text with the debriefing description after a loss.
• In SDT, don’t create a new set if there is already a set with that name.
• Add an 'interesting square' to the server rack to that IT staff reliably visit computers in racks.
• If help tip triangles line up with bottom of the box, the triangle does not display.
• Allow 'Bad Policy' attack triggers to be limited to Trojan horses or viruses based on overloading the motive field, which is otherwise unused for these attack types.
• Select of 'apply patches as released' failed to prevent attacks in Patches scenario.
• Revise SDT tutorial base scenario (Start Office) and correct the instructions.
• Fix virus propagation logic to not distribute other malware strains.
• When proving the player with a loan, take it back if the player cancels the purchase.
• Prevent speaks when not in office screen.
• Replay loans.
• Clear server/user/device info window when tabbing around. 
• Change SDT project clone function to retain original file dates.

• Associate a set of assets with each zone ID device.  The set is madeup of assets from each active zone goal that has a filtered softwaretype defined in the goal.  This set is then used to list assets in apopup screen for configuring the ID device.  If there is a singleasset, then that asset will be selected by default.  And if thereis one asset that is an activity log that asset will also be selected. Otherwise, the player must select which assets will be accessed bythe zone ID device.  Zone goals will not be attempted (i.e., theywill just appear as failed) unless the corresponding assets are selected.
• Add an "AssetAttackCount" condition to simplify changes in user feedbackbased on attacks.
• Alter CheckpointFail condition to permit specifying any user.
• Add CompanyHasDevices condition to go along with CompanyHasComputers condition.
• Add AttackCount that measures the number of attacks on an asset. Have it reference an AssetAttacked condition as the specificationfor which asset and which attack type.
• When buying or moving, hide walls.
• Rework integrity abstractions to reflect the mechanisms via which highintegrity assets are read by users who rely on high integrity.  Addan integrity value to user goals to reflect the amount of integrity thatthat user expects when reading the associated assets.  (As always weassume the scenario designer has not created inconsistent cases suchas where goals require integrity not found in the corresponding assets.)   This 'reference integrity' will include a cost to the enterprise and amotive, just like an asset.  Wiretap attack logic will change such thatwhen read-only goals put assets on the wire, the asset motive formodification will be set to the reference integrity motive.  Otherwise, a read-only goal puts no modification motive on the wire. And wiretap logic for modify goals need not change since the assetitself could be corrupted. 
• In the network screen, treat the Internet Icons the same as if the player clicksthe Internet button.

• Zone goals for IdM scenarios were not saved.
• Change 'Badges Required' to 'Photo ID Badge'.
• Rework RandomValue condition such that random values are only assignedvia triggers and each ready dependent trigger has an opportunity toobserve the previous random value before it changes.
• Add attack profile for subverted operating system.
• Attack log buffer not cleared in some situations.
• Set hourglass cursor when SDT is busy.
• Event log should not be modal in context of the SDT - let developer browsescenario elements while looking at the log.
• SDT scenario class overrode java’s 'isValid' method, causing the scenarioform to not display.
• Training and Awareness scenario has broken camera settings.
• Default intrinsic trigger condition parameter values to zero so whendesigners forget to fill it in, there is at least a value.
• Don’t delete speaks on mouse click unless the click is on the speak. And, for speaks without time expirations, delete them when player unpausesthe game (the speak pauses the game).
• Split up user thoughts so they can be expanded without having to recompilethe entire code base.
• Don’t log goal failures that occur when testing asset creation.
• Add BurnHere trigger to start a fire in a specified location.
• In network screen, popup help does not appear when hovering over networkdevices - only when hovering over computer devices.
• When in network screen, if player selects network, display help on how to connect.
• Add confirmation to 'Scrap' operations
• Outsider breakin attacks not occurring in phase 2 of Authentication Scenario.
• Loaded saved game asset attack times should ignore attack types whosecount is zero.
• Don’t sleep during java dialog display so that animations continue.
• Shorten mouse hover pop-up time by about half a second, maybe less. Compare to browser hover times.
• wasd keys have 'a' and 's' reversed.
• When cursor moves over a selectable office object, turn cursor to a hand.
• In Filters scenario, make it clear to the player that the Gov’t regulatoris authorized to access the data AND management has determined that SSHis a suitable mechanism for this purpose. 
• esc key in any other screen should return to the office screen
• Rework attack engine to remove redundant logic paths such that trackingthe cause of attacks is simplified.  This includes tracking the sourceof malicious software (e.g., user downloads unauthorized software.)
• Utilize new attack management logic to simplify conditions controllingattacks within the VPN scenario.
• Double click a vpn in the office screen should open vpn dialog.
• Add a 'Block' protection value to VPN connection profiles to keepsubsequent wildcard entries from affecting selected connections.
• Computer diagnostics pop-up speaks did not handle computers inserver racks.
• Rework Java dialogs (e.g., message popups and VPN configurations) managementso that the game screen continues to be refreshed while the dialog isdisplayed.
• If trigger delay is longer than the frequency, ignore the frequency.
• Clear speaks balloons when displaying filters dialog.
• Remove ticker warnings of attempted malware installations - they are confusing.
• In filters scenario, remove inactive workspaces to keep playerfrom dropping routers on the floor behind walls.
• TriggerGoneOff processing was setting the condition timestamp incorrectly. 
• Also, Event Sequence condition conditions were not being evaluated if theydid not also so up explicitly in trigger conditions.
• When setting condition mins and maxes for intrinsic conditions, set the minto 1 so that it becomes true if at least one.  Explicit valueswithin intrinsic conditions are now used in event sequence condition processing.
• Game could crash when workspace overlapped with outside the building andcomputer placed in that workspace.
• In network screen help, change popup help depending on whether component isselected, and whether the component can connect to networks.
• Stop tickers when player leaves OFFICE screen.
• GameState condition not setting evaluated value.
• Error in reading workspaces caused duplicate workspace entries for last entry,sometimes causing computers to be placed beneath a user’s desk.
• Sometimes briefing text is truncated - add extra line feeds at the end.
• When closing tooltips upon mouse exit, only delete those that are closeto the mouse so that triggered help tips persist.
• When VPN client island hoping is possible, mask the subverted vpn attack property.
• Remove "Joe lacks browser" type tickers if Joe has no computer assigned.
• Withdraw the "understaffed" ticker when staffing brought back up.
• Let player move VPN configuration screens.

• Training and awareness scenario had broken camera management causing scene to go off camera.

• Expand User Identification scenario to illustrate individual accountability and access control (ACLs) as uses for user identity.
• Add a UserAnimation condition to measure current user animation sequence. Initial intended use is help time events, e.g., delay attacks until user is sitting.
• The AttackTrigger now includes a mechanism by which attacks are suppressed for some period subsequent to a successful asset compromise. 
• Alter AttackAsset triggers to let designer cause attack cycle to end if an asset is successfully compromised.
• Add software costs to designer-defined applications and allow designer to specify that applications cannot be purchased or removed.
• Add "No OS Protection" attack property.
• Allow "UnaccountableWSAccess" to apply to all assigned workstations.
• Add diagnostic message if invalid display configuration found (attempt to detect bad drivers or insufficient video support.)

• Increase width of trigger conditions list in SDT form.
• AssetOnWire error - don’t put asset on the wire when testing asset creation.  It will get there are part of normal goal achievement.
• Change assetToInternetNoVPN to AssetToNetworkNoVPN since VPN’s are not limited to Internet traffic.
• Computer diagnostic speaks should be deleted when player presses <esc> or clicks nothing.
• Workstation usage broken by recent change such that too many users can use the same workstation to achieve their goals.  Alter method of recording workstation claims.
• Change syntax of ComputerCopyACLtoAssetRights to not redundantly pass in the computer.
• Don’t require remote authentication for access to publicly accessible assets that are part of a web server goal.
• Log replays of ACL changes.
• Tie ACL dialog "help" button to encyclopedia description of ACLs.
• In buy screen, if no items of a particular type are offered, display that message to the player.
• In the SDT trigger form, error check for blanks before ) and after (.

• Add VPN client functions to workstations.  Introduce "connection profiles" as a mechanism for controlling the computers that can be reached through VPNs.
• VPN gateways can now connect to any network as the encrypted network.
• Add network domains to the game for use in connection profiles.
• Add "measured boot" configuration to workstations and allow player to tie VPN client key use to the measured boot to reduce risks of subverted VPN clients.
• Revise VPN attack engine logic for split tunnel and island hopping scenarios.
• Add pop-up menus for components and devices to allow player to selectfunctions such as configure, scrap and VPN configurations.
• Automatic camera rotations so the player can see components and users insteadof walls.
• Add "ComputersAreConnected" condition to measure physical connections independent offilters, VPNs and such.
• Add an offsite office that is just a floor and a sign reading "World Wide Web,"intended for use in depicting simple static web resources.
• Add scan for malicious software menu item to component menus.
• Add moderate assurance operating system for use in VPN gateways.
• Create a set of functions that allow computers and devices to uses speaks toexpress problems they are having.  Start with measured boot problems.
• Add function to allow player to take a loan when cash is not sufficient to
  purchase necessary equipment.  Loans are subtracted from cash at the end of the game.
  

• Bad workspace x,y values should result in some kind of warning message from game engine.
• When selecting screen objects, distinguish between sitting users and standing users so that selection of working user’s computers is easier.
• When running replay logs, don’t automatically close the attack logs or the vpn dialogs.
• Add error checking for bad phase names
• Put the attack route into the attack log.
• Change event log type to a class so strings can be easily initialized.
• Move attack logic into its own source file, create VPN open tunnel class.
• Replay dialog logic bug in control of when to automatically close dialogs
• Remove x3dview for now.
• Change "validation profile" to "authentication profile".
• Precalculate sw assurance prior to attacks so that network traversal logic is not interfered with.
• At start of game engine, verify all existing assets are on a computer.
• Record the attack property as the evaluated condition value for assetAttacked conditions.
• Add option to erase a triggered speak if game conditions that led to the speak become false.
• Insider attacks not properly foiled by "Remote Authentication" setting.
• Redo trigger processing after user goal processing to immediately catch changed goal state. 
• Preprocess authentication server connectivity so it does not interfere with attack traversals (after changing logic to use attack traversals rather than old network connectivity logic.)
• Add "Software" button to the component screen.  Add VPN Client button to networks window bottom.
• If user authenticates to workstation using ID Device and authorization profile, then user is also authenticated to servers that use the same authentication server as the workstation.
• GUIMaker bitmap file management would not reload revised bitmap files because it tested for unchanged filenames. 
• Now files are reloaded each time the properties dialog is closed.
• Initialize intrinsic TriggerGoneOff conditions such that zero or more firings of the named trigger take the condition to true.
• Use keybindings to catch F1 key in the in-game java dialogs
• Improve support for reporting on attacks by recording per-component attack properties (e.g., subverted).
• Add shortcut to execute off CD in the event autorun is disabled
• Handle <shift> F10 as a right click.   
• Allow operating systems that have no compatible software, e.g., for appliances.
• Use of ID Device with a workstation (e.g., for authorization profiles) should not require that the workstation be configured to require ID Devices.
• Compute Internet access for each workstation once per attack cycle (i.e., to determine if computer potentially receives external email) as an optimization.
• Withdrawing tickers could lead to missed ticker messages.   Also, withdrawing any one ticker should withdraw all tickers from that same trigger.
• Only check user goals in Office Screen and User screen.
• When an authentication server has been used, unset each password and related policy in the gui to avoid confusing the player.
• Key types scenario asset cost lists should only include disclosure costs.
• Remove the user move button - confusing in that there is no corresponding computer move button.  Later perhaps add it back with computer move buttons or menu option.
• Save and load character angles so characters don’t start saved scenario facing backwards in a seat.
• Stop animation and hide speaks when software buy screen is displayed.
• Hide speaks when buy screen is displayed.
• When malware corrupts asset as part of a user’s goal, don’t print an attack route (it is not valid).
• Unlabeled network connections on MAC machines should not be usable to go out to a network.
• Memory leak in text box processing.
• Reduce logging of goal failures through use of game state tracking.
• Change camera management in forced camera scenarios to restore either fixed camera points or selected items (e.g., computers).
• Gamecore process whenever GAME screen or USER screen is selected to ensure latest user goals
  are reflected immediately.
• Tie AssetToNetwork condition processing to game state to avoid unnecessary attack route
  calculations.
• If in the debugger, create a dump of computers, etc. with game IDs for easy reference.
  

• VPN Intro scenario not playable because remote site is “static” thereby preventing players from reconnecting networks on remote computers.

• Create Identity Management campaign containing "Who Are You" and User Identifiication scenarios.
• Alter EvalUserMachinePolicy & EvalUserWsHasIdDevice to also accept workstation names rather  than a user name.  Add 'no scrap' attribute to physical components that will also prevent the component from being moved or have its name changed.
• Add 'Attack Log'  button that presents a log of asset compromises.
• Add 'UserCheckPointAnim' condition to test if user is approaching a checkpoint having particular ID Devices.
• Extend intrinsic trigger condition (TriggerGoneOff) to test for that trigger having gone off within a given number of real-time seconds.  The intent is to keep two triggers from firing too close together (e.g., a popup stepping on a speaks.) and to keep a trigger from firing too long after some other trigger.
• Add condition dump to attack log to simplify scenario debugging.
• Support up to three Offsite offices at one time such that remote computers and devices are not as easily confused (e.g., the difference between a web server on the internet and a protected remote database.)
• Add navigation buttons for moving between buildings, zooming and raising/lowering the camera to simplify player navigation so player can better focus on the scenario.  Add help button.
• Add EventSequence condition to determine whether one event has occurred since the most recent occurrence of some other event.  Events are named by conditions, and include TriggerGoneOff, CheckpointFailure and AssetAttack conditions.
• Add initial time compression value to SDF and make IdM scenario x2
• Add help tip for placing components and users

• Log zone access additions only via UI actions and replays.
• Buying computer into server rack leaves 'Cancel' button instead of changing back into buy button. 
• Should not be able to buy components in static zones.
• The 1.9i release introduced bug where some network topologies would cause the game to lock up.
• Add second offsite office to the filters scenario to avoid confusion.
• Character in filters scenario says 'SSL' instead of 'SSH'.
• Remove description of 'contribution' from User encyclopedia entry.
• Display internet connections as connections to a network cloud in the NETWORK screen.
• When moving between screens, list items are reset to entry zero (e.g., which zone is displayed).  Keep track of the latest displayed item so returning to that screen will again display the previously selected item.
• Bound camera height based on zoom factor to reduce confusing camera positions.
• Restart of game caused crash if computer selected prior to game restart.
• Reduce motive on supporting assets in Stop Worms scenario to prevent spurious attacks.
• In the trigger system, update assetAttacked condition values when the asset is compromised.
• When processing wiretaps, just report the highest cost compromise for each cycle.
• Buy screen in some scenarios displayed wrong items due to bug in 'CatalogueExists' trigger.
• Bug in initCameratoUser caused crash of some scenarios.
• Add height and zoom to 'CameraToUser' trigger.
• Replace trigger timing logic with something closely tied to game time and real time instead of timer tickers that get out of whack due to side-effect invocations of trigger processing.
• Clean up memory allocation in buy screen logic.
• Tickers stopped when game screen loses focus.  Nothing else stops, so let tickers run.
• Repaint screen while waiting for replies to java popups.
• Allow user balloon speaks to continue after player changes screens.
• SDT bug resulted in lab manual entries for scenarios that lack lab manuals.
• Introduction scenario catalog components mixed up, all components should be part of the same element set.
• Don’t display user balloon speech if user location can’t be found.
• Save zone queue locations when game saved.
• Save user animation information when game saved
• Don’t check user goals when on component or zone screens.
• Limit network screen topology to 2 rows of components.
• Delayed response to game state change when buying software
  
  

• Associate ID Devices with workstations
• Add conditions: AssetWsHasIdDevice and UserWsHasIdDevice that assess to    same device type as ZoneHasEquip condition.
•  Remove: Accept PKI Certs, Use Biometrics, Use Client PKI Certs,
•  Use Token PKI Certs and add: Require Biometrics and Require Smart Card
•  When configuration requires biometric or smartcard, benefit of added  strength not realized unless equipment is there.  Also, user can’t login   without it.
•  Allow visitors to have goals.  Similar to authorized visitors at checkpoints.
•  Add validation profiles to eliminate need for individual identification  information storage on componnents.  Profiles enable workstation access if  workstation has ID Device and user conforms to profile.
•  Profiles deny workstation access if workstation uses authentication server   and workstation has a profile that user fails to conform to.
•  Validation profiles on authentication servers are only used for ID Device  based accesses to workstations.
•  Add "Profile" button to component User and Group Identity.  And add "Profile"   alongside "clients" button in Authentication Server popup.
•  Visitors only sit at computers if they can achieve goals there, and if the computer is not assigned to some other user.
•  Show visitors in user screen, highlight that they are visitors
•  Extend Authentication scenario to illustrate ID Devices and profiles.
• Add UnaccountableAssetAccess condition to test whether a user accesses an asset without being identified (e.g., public acl, etc.)  Intended for use in determining if individual accountability is maintained.  Extend authentication server scenario to include feedback if player sets public access to assets.

• Garbled video images using Intel graphics chips now fixed.
• Some systems could not find msvcr71 dll.
• ComputerLoader logic included 'ConfigUpdateAntivirus' rather than 'UpdateAntivirus'. Caused crash.  Alter policy effect logic to permit unused entries.
• Transition to event driven engine rather than polling.  Start with user goal assessment done only after potential state changes.
• Buy computer, don’t place, click zone tab crashes game.
• Happiness adjust trigger should affect displayed happiness, not base happiness, otherwise update does not occur until goals checked.
• Instant availability fix when IT staff hired to remove confusion on whether hire has affect.
• Link encryptor logic allowed software keyed devices to communicate with manually keyed devices.
• Remove "howto" movie.  It is out of date and hard to see.  Replace with text in "Getting
• Started" and eventually with mini movies such as "how to buy a component".
• Modify start office catalogue to have lower maintenance cost so IT not needed right away.
• Add Time window to AssetAttacked condition to keep condition value true for some number of game seconds.
• Don’t withdraw tickers unless designer specifies 'erase'.  Otherwise, tickers due to assetAttacked and zoneEntry get withdrawn, leaving partial messages.
• In the SDK, when doing  a 'build all' for testing, exit on first invalid scenario.
• No player modifications to static zones (e.g., user lists).
• Remove 'vpn client' option and all such software from scenarios until vpn clients are supported.
• In VPNIntro, clarify briefing by replacing 'deploy vpn gateways' to 'purchase and configure VPN gateways.'.  And increase money in that scenario.
• Change GUIMAKER to not require hard-coded pathnames for texture files - at least look at ../inputArt under the current working directory.  This requires execution from location relative to input art, but is preferable to changing every pathname or forcing all guimaker to be under an specific path.
• Log of triggers not including condition parameters in other than first condition.
• Show internet links in network screen and modify arrangement so routers on right in main office and on left in offsite (at least for small numbers of components.)
• Always prevent users from directly accessing workstations that are at a different site to achieve goals.
• Security scenario breaks when "expensive iris scanner" selected.
• In password scenario, add an 'objective'.
• Expand explanation in encyclopedia about the effect of guard-dependent zone security choices if there is no guard.
• Update encyclopedia scenario list to include authentication scenario and passwords scenario.
• After game load, buy screen button caused crash.
• Network trace drawing went off track on Authentication scenario - temporary fix by always drawing network segments from left to right.
• Network traces disappear if one end scrolls off the screen (depending on which terminal point is the 'location' of the widget.  Create new widget constructor that always draws the widget regardless of whether it thinks it is on the screen.
• Network screen zone ordering in some scenarios put offsite between other zones. 
• Add quiescent mouse detection so that camera or user movement does not result in object selection (e.g., prevent popups if player has not moved the mouse.)
• Interrupt wandering user if goal becomes achieved.
• Public had access to home in identity theft scenario.
• Identity theft asset lacked dac protection
• SDT saveas function confused placement of form tabs,  now just add new tab to end as if newly opened.
• Logging was missing asset ACL changes, and add to replay.
• Transition all checks of asset 'rights' to real-time acl, account and connectivity checks.  Currently, there is no semantics to 'execute' or 'control' access, so ignore them in the logic until a clear game abstraction is established.
• Game engine error check on missing asset (bad SDF).
• Zone access based on labels incorrect when secrecy and integrity combined.  Require user to dominate at least one of each if each are present.
• Remove unneeded zones from Stop Worms and Life With Macros scenarios.
• When asset removed from computer, reset intended rights along with actual rights.
• Cryptography for network authentication movie would not play due to MS digital signature bugs.
• IM scenario has Navy ranks and Marine uniforms.
• Add explicit 'visitor' attribute to goals and a new 'activity log' attribute.  The former replaces the overloading of 'promiscuous', and the latter is tied to the 'log all entry' zone parameter. 
• Gateway network expansion is broken - only takes first gateway found on network attached to the computer. (Avoid problem with new attack logic).
• Player should not be able to assign asset to static component.
• Logic controlling creation of missing assets did not consider alternate computers after best candidate failed to provide necessary access.
• Removed logic where untrained user creates asset on random machine.  Replace after context is provided to players in scenarios.
• Suppress physical security tickers if scenario has zone access equipment.
• Gamecore process after Internet up/down triggers.
• Remove need for 'ResetAssetAttacked' and 'ResetCheckpointFailure' triggers by employing counters to ensure that any given attack or checkpoint failure is counted only once per trigger, i.e., to prevent a single trigger from going off multiple times due to a single asset compromise or checkpoint failure (and other triggers as they are developed.) 
• In save files, write workspaces after zones to avoid checkpoint crashes.
• SDT not reflecting invalid scenario in scenario file when missing descriptors.
• Better attack management and reporting for keytypes scenario.
• Don’t clear user balloon speaks when resuming play

• Physical security scenario failed if hand scanners were selected.

• Card reader in "Who Are You?" scenario disappears

• Add Passwords scenario to the training campaign.
• Give designer control over selection of optional workspace items (e.g., trash cans) so large items don’t block preset camera angles.
• Add intrinsic "TriggerGoneOff" condition for use in trigger condition assessments.  If text in brackets is found in condition list, the text is assumed to be the name of a trigger, and the condition parameter compared to the number of times that trigger has gone off when assessing the truth of condition.
• Change the RandomValue condition and the SetRandom trigger such that triggered random values do not repeat until each value in a specified range is used once.  This will only be true for RandomValues that are triggered.

• SDT not reflecting invalid scenario in scenario file when missing descriptors.
• Better attack management and reporting for keytypes scenario.
• Increase font size on tooltips and speaks.
• When selecting entities for dragging, entity would move toward back based on height of selection.  Change logic to move entities only relative to motion of  "SaveMouseHit" after that has settled out after entity selection.
• When dragging entities, determine target workspace based on entity position, not the computed mouse position in 3d space (which is based on ray heuristics).
• When zoomed 'very close', object selection experienced many dead zones.
• IT Guy character’s head 3D model normals were reversed.
• Change IT Guy frame rate from 30 to 24, leaving keys in place to speed up
• walking a bit.
• Alter tgaglue tool to expect '_animated' as suffix to image files that are
• to be stitched.
• Text wrapping in user description broke words in two.
• In policy screen, change 'Allow writing passwords' to 'Allow passwords on post-its' to remove implication that writing down passwords is always bad.
• Computer don’t quite sit on the desks.
• Identity Theft scenario: allow use of 'automatic' antivirus setting.
• Modify wiretap attacks to not engage in hacking -- they should only look at bits on the wire, or place bits on the wire.
• Pretty much eliminate all use of 'SEC_TargetAsset' and such.  Just always cycle through every asset.  Looking for 'interest cones' is a waste of time.
• Logic tracking flow of assets over networks based on user goals penalized software assurance and crypto capability based on pool of starting components rather than just the starting component used to achieve the goal.
• User training of greater than 95 causes good password policy for that user regardless of procedural settings.
• If the cost entry is specific to the user, the user has no trust (per designer's intent.  If cost entry is for a group that is not public, then user's trust is the base trust. Otherwise the user's trust is full -- based on background checks and base.
• Add a 'Never Hide' switch to Assets to over-ride the 'Hide Unused Assets' global scenario switch.  Default to false.
• Add LanPWHash scenario switch to reflect installations required to deploy password management mechanism that put clear pw hashes on the network.Release left button when dragging floor off game surface causes button to'stick' down.
• Close zoom selection of users sometimes fails, (when going thru windows?).    Also, permit selection of computers through windows.
• selecting user in viewport should not move camera.
• adjust emotion bubbles for sitting users.
• Clipping of the tickers causes font-foo whenever a tool tip displays.  Don’t clip.
• SDT Asset cost list selection of user broken - filling in group to " " caused user to be set to "*".
• Revise Speak Trigger to select user in info panel if camera index is provided and duration is negative.
• In condition forms, if a blank parameter value is followed by a non-blank value, the blank parameter was skipped.
• Add campaign descriptions to the campaign player

• Add initial user position that may be independent of workspace
• Force users through physical control points to enter zone - may be guard,may be biometric or card reader.  Control points are only in main officeto inner zones or to main office (currently only in MS3B military site.

•      Zone guard position are used to identify zone choke points
•      Same positions can appear in workspace file with type "C" if
•     there is to be peripherals (e.g., iris scanner)
•      Add global switch that would require zone settings (e.g., iris scanner)
•     to have corresponding components deployed to get the effect.
•      Define device attributes reflecting scanner / card reader, etc.
•     - just different hardware bases, need that anyway to select
•     different artwork.  - define new type "ID_DEVICE" that is created as
•     a computer.
•      new conditions:
•          ZoneHasEquip - if zone has equipment of given type as access
•         control
•          CheckPointFail - if given user blocked from entering given zone.
•       Add a CheckPointReset trigger modeled on resetAssetAttack
•      Add SetZoneBlocked Trigger to block access to a zone by a given user. 
•     Trigger includes optional user ID (-2 applies to all users).
•      Add LogAllEntry setting on zone security
•      Add UserInZone condition to measure user’s current physical location.
•      Add user animations for checkpoint actions (e.g., eye scanner).
•      Expand buy screen to include "ID Devices".

• Add ResetUser trigger to put user back to initial location and initial state.
• Add "special" VISITOR department - game will not list these users in group
• lists (e.g., in zone access or ACLs).  But player can still select user to see thoughts, etc.
• Add a ZoneGoal abstraction to test if zone access equipment is able to reach specified assets.  Will behave just like a user asset goal, however they will be used by hidden users associated with each zone - i.e., "zone users".
• Condition to compare two TriggersGoneOff conditions.
• Add BurnComputerAsset and BurnComputerUser triggers
• Add ShowObject trigger to display an arbitrary 3d object at a given location.
• Add "skipTab" switch to camera viewpoints.  Intended for skipping selected viewpoints when player tabs through views.  Skipped viewpoints might include those that are used to show a transient 3d object (via ShowObject trigger).
• Add "replay" function to game engine that consumes a selected log file to redo the player choices.  Intent is to aid testing longer scenarios.
• Add "hardware base" attributes to goal such that user-interface computer must be in a specified set of allowed hardware bases (e.g., hardware must be combination scanner and card reader.)
• Add "InternetDown" trigger to cause the Internet to fail as a delivery network. Should only (mostly) effect user goals rather than attacks.
• Extend user definition to include parameter to dictate a specific game character (e.g., to avoid random selection of different textures, etc.)
• Add new character textures including khaki officer and enlisted female.  And add new animations for idle sequences.
• Add log filter for attack triggers.
• If installed via an administrator account, two cyberciege icons appear on the desktop.
• Password length logic failed to remove none when other choice selected in some situations.
• Log asset allocation player choices.

• Filter logging not accurately reflecting flow direction.
• Logging of user addition to computer broken by change in user account management.
• Zone access based on user clearance broken when categories used.
• VPN's auto connected to internet, don't log it or replay chokes
• A type of VPN not recognized because of inconsistent hardware ordering.
• Include trigger condition values in each trigger log entry.
• Missing assets being created by users in situations where they can’t properly access the asset anyway.  Add game logic to temporarily create the asset in order to test the full asset goal logic.
• Restore 'computer in undefined zone' error and explicitly treat guard shack as part of the main zone for ms3b base.
• Female users’s feet don’t quite reach the floor - and thus don’t properly interact with checkpoint devices.
• Incomplete logic to stop game action when player leaves the OFFICE screen.
• Revise user selection logic:
•     user not in infoPanel -> select user in info panel
•     user in infoPanel && not bubbleSelect -> bubble select & camera select
•     user bubbleselect -> unselect bubble and unselect camera
•     user camera select && not bubble select, bubble select
• Java dialogs lost focus and thus F1 would not be caught. 
• Game reload from saved files caused crash due to uninitialized info panel data.
• UI widget logic failed to set drawOrder, resulting in objectives phase tabs being hidden.  Moved phase bar back to proper location.
• Alter zone ordering such that designer can specify "-1" for offsite zone, thereby always forcing it to the far right in  the network screen.
• Don’t pause game if loss of focus is due to java dialog
• Don’t change ws name or accounts on ws move if user already assigned to the ws
• On game reload, initialize state variables from the "CheckObject" functions -- was causing crashes.
• Network label assignment gui (in policyScreen) did not properly find network rights when showing popup -- but since those were last, the code worked.
• Scenario switch "Default WS accounts" should default to true, and not be included in the SDF if true.
• Game loader did not handle blanks in user names.
• Detect overlapping user speaks and attempt to adjust display of speaks so they don’t overlap.
• Include "reasons" for goal failure log entries.
• Help links from java dialogs not properly set.
• User’s lacking clearance caused crash if MAC components used.
• For unassigned computers, base training on "claims" by other users, otherwise set to 100.
• For unassigned computers, set base user trust to 100.  (Someday expand to reflect other users who utilize the computer.)
• Info panel null values caused crash on game reloads.
• Link to intro movie broken.
•  Move untested and incomplete scenarios to "Extras" campaign
• Add campaign description to player campaign selectoin dialog
  
• Several scenario introductions informed player to press "e" rather than F1.

• Shorten campaign player so play button is more visible on some screens.
  
• Setup file discrepancies left out User Identity scenario and student
  thesis campaigns

• Authentication server changes broke the filters and GenesRus scenarios.
• User trust logic change broke Introduction scenario
  
• Correct direct internet attack logic to not depend on malicious software.
• Corrections to attack logic exposed error in MAC network assessments

• Running game from CD could not play saved games;
• Corrected keyboard shortcut help
• Restored student thesis scenarios to campaign player

• Add "User Identification" scenario to illustrate federated user identity management (Authentication Servers) and challenges when identifying remote users.
• Simplified Campaign Player, collapsed into single player with control over which campaigns and scenarios the player can start based on past achievement. Include "Advanced" menu to enable all campaigns and scenarios and to suppress the initial flash video.
• Modify "Component Access List" logic and interface.  Change title to "Identification and Authentication".  Add SERVER button next to local.  Remove remote button.  Server will display the authentication server (if any). Remove Delete button.  The abstraction is now the user identity information known to this component, which may be explicit local lists, or may be by reference to one authentication server.  Add local authentication configuration value to components.  By default, user login is only allowed at workstations, and then only by users whom the workstation can identify (unless local authentication is not checked.)  Remote access for servers is public, but setting ACL’s requires that the server have access to user identity information, i.e., either explicitly locally managed, or via authentication server.  (UI will prevent player from defining local and authentication server.) If ACL is set with a user or group, and that group is not known to the component, the entry will be ignored but need condition to prod user. 
• Change ACL management such that changes to ACLs are only reflected in a
• component-local database (or shadow of rights db on asset).  These are then applied (wholesale) to the asset whenever the ACL is closed, or the identity information for the component changes.  Remote access to all components is public unless remote authentication is selected.  This then only allows access to identified users.
• Modify button class to support tooltip rollover and right button.
• Game switch to prevent users from being automatically added to workstation I&A databases.
• Add user thought reflecting inability to login to assigned workstation.
• Add AssetMissingUser and AssetMissingGroup conditions to reflect component ACL contains IDs not known to the component.
• User thoughts confuse asset and asset goals; define both.
• Add user thought if component containing goal’s asset does not know of the user.
• Tracking IT support requirements.  Simplify these and make them per-zone.
• Add actual ACL to SDF Asset form
• Add DescribeAttack trigger that causes the attacker to speak a description of the attack.
• Use of public computer to access remote asset requiring authentication can lead to password sniffing unless one-time passwords are required.
• When assessing component policies, define some policies as being managed by the authentication server (if any).  Examples are password length, one-time passwords, etc.
• Add LOGIN_AS_USER attack type to reflect attacker getting user password and thus getting user’s rights to assets.
• Add web server ssl software type
• Add help tip function support to buttons.
• Change keyboard navigation to 'WASD' for up, down, left, right.  QE for rotate ccw, cw.  ZX for zoom in and out.  RT for raise lower. And CV for compress, uncompress time.
• Add switch to control if asset creation announced via ticker
• Change zone and component screens to make procedural and configuration lists longer.  Reduce asset allocation information to two buttons.
• Expand time condition to include minutes

• Perform gamecore processes when new user is shown.
• If SDT defined component has a description, include that in the COMPONENT screen summary of the component.
• Change "No Software" to "No Applications" to reduce confusion when component has no software other than the O/S.
• Static computers should not inherit user names, or get assigned to users who happen to appear at their workspace.
• Start of game goal logic:  If user fails goal that does not include a missing asset, then the failure is reported and reflected in user’s status. 
• If goal includes a missing asset, then the failure will not be noted until the game is taken off of pause and the engine has at least once chance to create the asset (as if a user were creating it).  In all cases, report a user’s failure to login to his own workstation.
• Procedural setting of "no external software" affects whether malware is introduced, alter this to exempt user’s whose base trust is >= 95
• log parsing failed if log numbers not contiguous starting at 1.
• Recovery of availability after malware removed from computers.
• Hide cursor when java popups appear
• VPN handling logic confused by stray routers on Internet.
• SDT string search failed, assumed a leading blank.
• Some attacks succeeded if motive equals protection.  Motive must exceed protection for the attack to succeed.
• Phase tabs randomly disappear - caused by assigning phase windows incorrect parent window ID -- changed parent to phase bar.
• Enforcement of password policy controlled by authentication server

• Close background command window on game exit.
• Release right button outside game window causes game miss button release
• Crash.txt location not propertly communicated to user
  

• Crash on shared systems where user did not have write access to game/exec directory.  Move netview output files to log directories.
• Eliminate copies of EventLog.dtd file, use file from campaign directory.
• Fix objectives help tip on training and awareness scenario

• Add navigation buttons to game interface.  Remove panning via moving cursor
  off screen. unless dragging something, or right mouse button down.
• Make "Objectives" a tab and remove the button.  Update scenario help
  tips accordingly.  
• Double click on log assetAttacked entry opens window with description
  of (some) attacks. 
• Add UserAssignedZone condition to assess if user’s assigned computer is
  in the given zone

• Physical security scenario help tip to move user after the user had
  already been moved.
• Log file errors caused game crash due to Java bug.
• Use shortcuts with absolute paths for standard installs, and use
  relative paths for distribution CD's.  Absolute paths allow player to
  copy shortcuts.

• Restructure to permit running CyberCIEGE from a CD without
  installing the program

• Remove "cost change" from asset cost list -- crashes game if used.
• Ticker area cut off on 1024x768 displays.  Start window with top
  edge cut off instead.
• Change minimum video RAM requirement to 64MB.
• Fix some encyclopedia links.
• Fix confusing directx version number dialog on installation. 
  Only display it if needed.

• Add help menu to  Campaign Player
• Bad link to multilevel component movie from tutorial help

• Could not play saved games from campaign player
• Could not invoke encyclopedia while message dialog displayed

• Add InstallMalware trigger to place malware on a specified computer,
  unconditionally (beyond usual trigger conditions).
• Add CameraToUser trigger.
• Add WalkToUser, WalkToComputer Stay, triggers and UserMeetsUser condition
• Switch to mask nighttime and all its side effects
• Revise camera management to save scripted state (per scenario switch)
  and return to that view when play is resumed.  Player initiated pan or
  rotate will pause the game (if switch is set).
• Allow some thoughts to depend on whether user is typing

• When in NETWORK screen, double click component should take you to
  component screen.
• Attack logic for assets on wires should account for insiders as well as
  external attackers.  
• Track assurance as well as (goal-driven) assets on wires.
• Campaign Player script failed when run via a share.
• Problem closing all SDT files when switching projects.
• Reduce jitter in speaks bubbles when users are walking.
• Add descriptions of causes to attack events.
• Use Java messages instead of game engine messages so we can control placement.
• Create dead zone around pause button to avoid accidental camera movement.
• Highlight paused state in title bar.
• Manage workspace files with SDF files.  CampaignManager will copy upon release.
• Buy device without enough funds left device in limbo. Make sure it is deleted.

• Don't require administrator privilege and install into user's my documents directory 
• Revised encyclopedia tutorials and educator's section.
  

• Scrap computer led to crash

• Add VirusPresentAsset condition to measure virus presence on the
  computer hosting the specific asset.
• Add 'HoverComputerAsset" and "HoverComputerUser" triggers to display images when player hovers mouse over selected computers.  Include "duration" parameter that if non-zero is the amount of time
  the image flashes on the screen initially.  Always is hoverable until undone by another parameter.
  Modify 'set camera to user' to show user’s back.

• SDT should validate that group names do not include blanks.
• Remove large blank spaces from workspace form in SDT.
• Frequency of runs-while-paused triggers breaks while game is
  not paused.  Fix to clock.
• Dragging floor sometimes does not stop when mouse button released.
• Technical User Training Scenario missing workspace file.
• Connectivity conditions cause sluggish game response.  Introduce
  global game state to limit assessment of these conditions to
  situations where the state has changed.
• Add a game engine error message when SDT has a computer that
  is not in a defined zone

• Drag the floor as a way to pan the camera.
• Add search function to SDT with automatic open of scenario element when selected from results panel.  
• Expand user idle thoughts.
• Standardize SDT error messages, enabling auto-open of invalid set element
• Save SDT scenario validation state so invalid scenarios continue to be validated.
• Moved SDT into a separate SDK distribution
  

• Add SDT check of all text fields to prevent use of ":", which confuses SDT and game engine since it is a delimiter.  Someday handle an escape character.
• Remove separate SDT validate step.  Always part of build.
• Previous fix introduced bug that keeps users from achieving shared goals using remote access

• Introduced bug to real-time triggers caused intro scenario to immediately exit.

• List authentication servers in computer summary.
• Popup user thoughts when cursor hovers over user.
• Add function to dump network view.
• Extend keytype scenario to include phase on cracking passwords based on hashes sniffed from the network.

• Initialize the goal "use assigned" attribute to false so users won’t use other user’s computers to achive goals if directed in the sdf.
• When checking user’s local access to software for a goal, consider whether the user can reasonably use that workstation.
• Introduction movie narration slips out of synch.
• Read sdf version field in SDT scenario loader for future use.
• Add game index information to Campaign Analyzer to distinguish between multiple game logs for the same player.
• Zone screen password length buttons cause game crash.
• If component has an authentication server, don’t add local accounts.
• SDT policy list missing "EnforcePasswordPolicy"
• When users appear or are assigned to workspaces, update the local computer settings to change the computer name if needed.
• Reset lighted workspace when player presses <esc>

• Convert movies to flash.
• Add Software to SDT to override defaults.
• Introduce compatible software type.  All users in shared goal must use same application if the goal includes a software type that has the compatible attribute. 
• Introduce crypto attribute for applications.  Access that causes flow over wire does not yield wiretap if asset motive less than application assurance.  Intended only for low-motive environments.
• Add "GoalSW" condition that is true if the named goal is being met using a specific application.  Only meaningful for shared goals requiring compatible applications.
• Add software type that reflects an intended use of exchanging messages such as instant messaging software (and possibly email).  When this software type is required for a shared asset goal, remote users need not have access to the component that contains the asset.  They only need some form of connectivity.  Note that a separate goal must be defined to assess whether the "originating" user has access to the asset in the first place.  The shared goal cannot be used because it does not measure initial access.
• Extend triggers to include an optional list of slave triggers that are executed following the execution of the master trigger.  Conditions on slaves are ignored.
• Add user attribute to not display user if it has no current goals.
• Introduce an "exclusive" software type attribute.  Installation of application of this type automatically removes existing application of same type. 
• When withdrawing tickers, don’t erase displayed ticker based on new ticker trigger field.
• Internet wiretaps don’t account for modification motives.
• Extend AssetToNetworkByFilterType to include a Boolean reflecting whether the assessment is to measure a user’s goal, or an attack.  The latter can use computers as gateways.
• AssetGetMotive function did not properly account for read/write access, thereby sometimes missing high read motives.

• Filter scenario did not clear objectives upon win.
• Triggers that "run while paused" sometimes have delay in execution, i.e., do not follow other non-pause triggers that have identical conditions.
• Use of software type in asset goal caused crash if no network devices on path.
• Software types are either local or server.  If local, then goals require that the user have local access to a workstation (or future thin client connected to server) that has that software.
• Add software requirements to the user asset summary.
• Wiretap attacks did not include insiders.
• Use hover-help to display entire software description (had been truncated).
• Cost list entries were generating motives even when user had intended access.  "Public" worked ok, but other groups and users did not.  There should be no motive if user has access.
• If software is free, lack of player cash should not matter.
• Add SDF version to each file to control engine processing for compatibility.
• Trigger frequency for runs-while-paused triggers adjusted so frequency of "999" means "only once".
• If error due to fonts or sound card, pop up a message to the player.
• End failed experiment with active x in encyclopedia; remove hyperlinks from lab manuals
• due to difficulty in managing relative links from different execution environments.
• Log entry for zone events don’t include zone name.
• debounce left click so more than one user speaks is not cleared.
• Play with logic that compares camera to user location when deciding whether to move camera for a user speaks.  Still misses somtimes.
• Don’t display user emotion bubble unless player clicks on the user.  Camera selection resulting from speaks and "u" should not display this bubble.
• Logic to keep users from wandering into forbidden zones had exception for m3a office  -- remove.
• pressing "p" should clear tool tips.
• Revise condition test logic to always check player-directed state changes such as AWAIT_CLICK; otherwise time windows result in inconsistent messages to the player.
• Add malware attack to filters scenario to handle topologies for which direct attacks are not yet tuned.
• Viewpoint height and zoom not saved, so reloaded scenarios had jumpy panning from tabbed viewpoints.