The key driving force behind any capture-the-flag competition is the scoring algorithm; the Cyber Grand Challenge (CGC) was no different.
The scoring algorithm design for both the CGC Qualifier Event (CQE) and the CGC Final Event (CFE) focused heavily on encouraging development of automated reasoning about software and its inputs, discouraging collusion and cheating, and representing real-world constraints to ensure resulting solutions developed by CGC competitors were well-positioned for adoption outside the Cyber Grand Challenge competition.
In “House Rules: Designing the Scoring Algorithm for Cyber Grand Challenge,” which appears in the March/April 2018 issue of IEEE Security & Privacy, the authors describe design considerations for CQE and CFE scoring algorithms, how these algorithms intended to incentivize competitors to achieve these goals, and effects these decisions had on the resulting gameplay in CGC. (Login may be required for full text.)
About Lori Cameron
Lori Cameron is a Senior Writer for the IEEE Computer Society and currently writes regular features for Computer magazine, Computing Edge, and the Computing Now and Magazine Roundup websites. Contact her at l.cameron@computer.org. Follow her on LinkedIn.