A security sheaf describes the security measures in place on a host or grid as well as how the host/grid reacts to intruders. Quite simply, a sheaf consists of a list of trigger steps.

These steps represent security tally thresholds. As a decker’s security tally reaches each trigger step, the system activates one or more IC programs. Trigger steps also activate the various alert levels in a system. The alert status of the system, in turn, affects the types of IC programs the system activates.

The security code of the host/grid determines the frequency of trigger steps in a system, and the game-master determines the events activated by each trigger step.

Game-masters may use their own discretion or random generation to determine these events.