- The paper introduces a hybrid maritime cyber wargame combining physical board elements with analytical simulation to enhance decision-making.
- It details an adjudication methodology where player actions are mapped through the SERDUX-MARCIM model to quantify cyber risk across four levels.
- Empirical validation demonstrates that structured resource allocation can maintain service levels above 80% and significantly boost cyber situational awareness.
MARCIM-WG: Hybrid Maritime Cyberdefense Wargaming with Analytical Adjudication
Context and Motivation
The digitization of maritime operations escalates systemic risk, demanding advanced training for leaders to navigate cyber crises that propagate rapidly across interconnected maritime networks. Traditional approaches to cyber wargaming frequently lack rigorous validation, consistent contextualization, and traceable relationships between player decisions and evolving cyber incidents. MARCIM-WG provides a domain-grounded, learning-oriented wargame framework for strategic actors, explicitly designed to cultivate Cyber Situational Awareness (CSA) encompassing perception, comprehension, and projection. Its methodology integrates NATO wargaming principles and leverages the SERDUX-MARCIM mathematical model for analytical adjudication.
Design Architecture and Operational Dynamics
MARCIM-WG implements a hybrid environment: physical board elements facilitate tactile interaction and collaborative sensemaking, while analytically-assisted adjudication is mediated by computational simulation. Player decisions, resource allocations, and use of scenario-specific assets are encoded, translated into model parameters, and processed by a NetLogo-adapted SERDUX-MARCIM engine. Quantitative outputs dynamically update the game state, closing the decision-adjudication-feedback loop. This structure establishes measurable decision-consequence cycles, crucial for effective CSA development.
Figure 1: MARCIM-WG interaction loop model between players, game board, and the analytically-assisted adjudication system.
The physical gameboard supports the visualization of resource flows, network state evolution, and strategic allocations linked to cyber crisis dynamics.
Figure 2: Physical MARCIM-WG gameboard used for gameplay, enabling resource allocation and state updates across adjudication cycles.
The adjudication software operationalizes the SERDUX-MARCIM model, mapping player decisions onto cyber risk variable hierarchies and simulating node-state transitions under variable attack conditions.
Figure 3: MARCIM-WG adjudication software interface for encoding decisions and processing simulation outputs.
The game architecture is formalized through High-Level Design (HLD) and Low-Level Design (LLD) specifications. The HLD defines purpose, roles, and design elements following NATO guidelines: decisions, friction, consequences, and narrative. The LLD translates these into explicit game mechanics, scenario phases, operational constraints, and learning-outcome mapping. CSA competency assessment is integrated via a structured instrument, linking gameplay directly to measurable outcomes.
Analytical Model Integration and Adjudication Mechanism
MARCIM-WG’s adjudication process incorporates the compartmental epidemiological-inspired SERDUX-MARCIM model, capable of simulating dynamic cyberattack propagation on complex maritime networks. The model operationalizes cyber risk via hierarchical variables:
- Level 0: global cyber risk severity
- Level 1: likelihood and impact
- Level 2: attacker and target-specific likelihood, impact reduction, attack degree
- Level 3: granular attacker factors, defensive controls, target characteristics
Player actions modify Level 3 variables, influencing simulation parameters such as attacker proficiency, defensive posture, and resource sustainability. The facilitator encodes these decisions, triggers simulation cycles, and interprets quantitative feedback, ensuring traceability from strategic action to systemic effect. This approach avoids reliance on static scripts or subjective expert adjudication, providing consistency and measurable learning impact.
Scenario Application and Decision-Sensitive Dynamics
MARCIM-WG is instantiated in a fictional but structurally valid maritime cyber crisis scenario. Decision cycles enable escalation through resource allocation, special card activation, and iterative state updates under increasing adversarial sophistication. The scenario incorporates friction and uncertainty inherent to real-world maritime cyberdefense, ensuring operational relevance and contributing to participant engagement.
Validation: Scenario-Based and CSA Competency Outcomes
Two validation layers were conducted:
1. Conceptual Validation (Operational Sensitivity): Three scenario configurations (pessimistic, neutral, optimistic) were executed to verify whether adjudication responses matched strategic decisions.
2. CSA Competency Validation (Learning Outcomes): A post-test-only design compared military officer cohorts (control vs. MARCIM-WG intervention) via a structured CSA assessment instrument.
Implications and Future Directions
MARCIM-WG directly addresses gaps in prior cyber wargaming: explicit CSA operationalization, analytical adjudication underpinning, and competency-based validation. The approach demonstrates strong increases in CSA learning outcomes, predominantly in comprehension and perception of cyber crises. Encapsulating model complexity within adjudication software supports reproducible training and is adaptable for broader cyberdefense applications.
Limitations include modest cohort size and post-test-only validation. Future research should incorporate repeated measures for retention, larger samples, and refined mechanisms for anticipatory, projection-based reasoning. Further expansions may generalize MARCIM-WG for other critical infrastructure domains by reconfiguring scenario assets and model hierarchies.
Conclusion
MARCIM-WG establishes a reproducible, analytically-driven wargaming environment for maritime cyberdefense, operationalizing CSA as a central competency and verifying transferable learning gains through structured assessment. The methodology—hybrid tabletop interaction, traceable computational adjudication, and scenario-driven adaptation—presents a scalable template for strategic cyberdefense education and assessment. Continued development should focus on augmenting projection learning, empirical validation with larger groups, and cross-domain adaptation of adjudication logic.