Merged PR 7: v1.1.0

v1.1.0
2023-04-06 10:07:40 +00:00
parent 5063e221f2 73004f9bf9
commit 3aec6e5a96
23 changed files with 2349 additions and 176 deletions
--- a/PRIMAITE/Main.py
+++ b/PRIMAITE/Main.py
@@ -58,41 +58,61 @@ def run_stable_baselines3_ppo():
    Run against a stable_baselines3 PPO agent
    """ 
-    #if check_env(env, warn=TRUE):
+    if config_values.load_agent == True:
-    #    print("Environment is NOT OpenAI Gym Compliant")
+        try:
-    #else:
+            agent = PPO.load(config_values.agent_load_file, env, verbose=0, n_steps=config_values.num_steps)
-    #    print("Environment is OpenAI Gym Compliant")
+        except:
            print("ERROR: Could not load agent at location: " + config_values.agent_load_file)
            logging.error("Could not load agent")
            logging.error("Exception occured", exc_info=True)
    else:
        agent = PPO(PPOMlp, env, verbose=0, n_steps=config_values.num_steps)
-    agent = PPO(PPOMlp, env, verbose=0, n_steps=config_values.num_steps)
+    if config_values.session_type == "TRAINING":
-
+        # We're in a training session
-    for episode in range(0, config_values.num_episodes):
+        print("Starting training session...")
-
+        logging.info("Starting training session...")
-        agent.learn(total_timesteps=1)      
+        for episode in range(0, config_values.num_episodes):
            agent.learn(total_timesteps=1)     
        save_agent(agent)
    else:
        # Default to being in an evaluation session
        print("Starting evaluation session...")
        logging.info("Starting evaluation session...")
        evaluate_policy(agent, env, n_eval_episodes=config_values.num_episodes)
    env.close()
    save_agent(agent)
 def run_stable_baselines3_a2c():
    """
    Run against a stable_baselines3 A2C agent
    """
-    #if check_env(env, warn=TRUE):
+    if config_values.load_agent == True:
-    #    print("Environment is NOT OpenAI Gym Compliant")
+        try:
-    #else:
+            agent = A2C.load(config_values.agent_load_file, env, verbose=0, n_steps=config_values.num_steps)
-    #    print("Environment is OpenAI Gym Compliant")
+        except:
            print("ERROR: Could not load agent at location: " + config_values.agent_load_file)
            logging.error("Could not load agent")
            logging.error("Exception occured", exc_info=True)
    else:
        agent = A2C("MlpPolicy", env, verbose=0, n_steps=config_values.num_steps)
-    agent = A2C("MlpPolicy", env, verbose=0, n_steps=config_values.num_steps)
+    if config_values.session_type == "TRAINING":
-
+        # We're in a training session
-    for episode in range(0, config_values.num_episodes):
+        print("Starting training session...")
-
+        logging.info("Starting training session...")
-        agent.learn(total_timesteps=1)      
+        for episode in range(0, config_values.num_episodes):
            agent.learn(total_timesteps=1)     
        save_agent(agent)
    else:
        # Default to being in an evaluation session
        print("Starting evaluation session...")
        logging.info("Starting evaluation session...")
        evaluate_policy(agent, env, n_eval_episodes=config_values.num_episodes)   
    env.close()
    save_agent(agent)
 def save_agent(_agent):
    """
    Persist an agent (only works for stable baselines3 agents at present)
@@ -140,7 +160,10 @@ def load_config_values():
        config_values.agent_identifier = config_data['agentIdentifier']           
        config_values.num_episodes = int(config_data['numEpisodes'])                                
        config_values.time_delay = int(config_data['timeDelay'])                  
-        config_values.config_filename_use_case = config_data['configFilename']    
+        config_values.config_filename_use_case = config_data['configFilename']   
        config_values.session_type = config_data['sessionType']
        config_values.load_agent = bool(config_data['loadAgent'])
        config_values.agent_load_file = config_data['agentLoadFile']
        # Environment
        config_values.observation_space_high_value = int(config_data['observationSpaceHighValue'])
        # Reward values
@@ -153,6 +176,7 @@ def load_config_values():
        config_values.on_should_be_resetting = int(config_data['onShouldBeResetting'])
        config_values.resetting_should_be_on = int(config_data['resettingShouldBeOn'])
        config_values.resetting_should_be_off = int(config_data['resettingShouldBeOff']) 
        config_values.resetting = int(config_data['resetting'])
        # Node O/S or Service State
        config_values.good_should_be_patching = int(config_data['goodShouldBePatching'])
        config_values.good_should_be_compromised = int(config_data['goodShouldBeCompromised'])
@@ -160,6 +184,7 @@ def load_config_values():
        config_values.patching_should_be_good = int(config_data['patchingShouldBeGood'])
        config_values.patching_should_be_compromised = int(config_data['patchingShouldBeCompromised'])
        config_values.patching_should_be_overwhelmed = int(config_data['patchingShouldBeOverwhelmed'])
        config_values.patching = int(config_data['patching'])
        config_values.compromised_should_be_good = int(config_data['compromisedShouldBeGood'])
        config_values.compromised_should_be_patching = int(config_data['compromisedShouldBePatching'])
        config_values.compromised_should_be_overwhelmed = int(config_data['compromisedShouldBeOverwhelmed'])
@@ -168,13 +193,42 @@ def load_config_values():
        config_values.overwhelmed_should_be_patching = int(config_data['overwhelmedShouldBePatching'])
        config_values.overwhelmed_should_be_compromised = int(config_data['overwhelmedShouldBeCompromised'])
        config_values.overwhelmed = int(config_data['overwhelmed'])
        # Node File System State
        config_values.good_should_be_repairing = int(config_data['goodShouldBeRepairing'])
        config_values.good_should_be_restoring = int(config_data['goodShouldBeRestoring'])
        config_values.good_should_be_corrupt = int(config_data['goodShouldBeCorrupt'])
        config_values.good_should_be_destroyed = int(config_data['goodShouldBeDestroyed'])
        config_values.repairing_should_be_good = int(config_data['repairingShouldBeGood'])
        config_values.repairing_should_be_restoring = int(config_data['repairingShouldBeRestoring'])
        config_values.repairing_should_be_corrupt = int(config_data['repairingShouldBeCorrupt'])
        config_values.repairing_should_be_destroyed = int(config_data['repairingShouldBeDestroyed'])   
        config_values.repairing = int(config_data['repairing'])
        config_values.restoring_should_be_good = int(config_data['restoringShouldBeGood'])
        config_values.restoring_should_be_repairing = int(config_data['restoringShouldBeRepairing'])
        config_values.restoring_should_be_corrupt = int(config_data['restoringShouldBeCorrupt'])     
        config_values.restoring_should_be_destroyed = int(config_data['restoringShouldBeDestroyed'])
        config_values.restoring = int(config_data['restoring'])
        config_values.corrupt_should_be_good = int(config_data['corruptShouldBeGood'])
        config_values.corrupt_should_be_repairing = int(config_data['corruptShouldBeRepairing'])
        config_values.corrupt_should_be_restoring = int(config_data['corruptShouldBeRestoring'])
        config_values.corrupt_should_be_destroyed = int(config_data['corruptShouldBeDestroyed'])
        config_values.corrupt = int(config_data['corrupt'])
        config_values.destroyed_should_be_good = int(config_data['destroyedShouldBeGood'])
        config_values.destroyed_should_be_repairing = int(config_data['destroyedShouldBeRepairing'])
        config_values.destroyed_should_be_restoring = int(config_data['destroyedShouldBeRestoring'])
        config_values.destroyed_should_be_corrupt = int(config_data['destroyedShouldBeCorrupt'])
        config_values.destroyed = int(config_data['destroyed'])
        config_values.scanning = int(config_data['scanning'])
        # IER status
        config_values.red_ier_running = int(config_data['redIerRunning'])
        config_values.green_ier_blocked = int(config_data['greenIerBlocked'])
        # Patching / Reset durations
        config_values.os_patching_duration = int(config_data['osPatchingDuration'])                         
        config_values.node_reset_duration = int(config_data['nodeResetDuration'])                           
-        config_values.service_patching_duration = int(config_data['servicePatchingDuration'])   
+        config_values.service_patching_duration = int(config_data['servicePatchingDuration']) 
        config_values.file_system_repairing_limit = int(config_data['fileSystemRepairingLimit']) 
        config_values.file_system_restoring_limit = int(config_data['fileSystemRestoringLimit']) 
        config_values.file_system_scanning_limit = int(config_data['fileSystemScanningLimit']) 
        logging.info("Training agent: " + config_values.agent_identifier)
        logging.info("Training environment config: " + config_values.config_filename_use_case)
@@ -228,9 +282,6 @@ except Exception as e:
 # Get the number of steps (which is stored in the child config file)
 config_values.num_steps = env.episode_steps
 print("Starting training...")
 logging.info("Training started...")
 # Run environment against an agent
 if config_values.agent_identifier == "GENERIC":
    run_generic()
@@ -239,8 +290,8 @@ elif config_values.agent_identifier == "STABLE_BASELINES3_PPO":
 elif config_values.agent_identifier == "STABLE_BASELINES3_A2C":
    run_stable_baselines3_a2c()
-print("Finished training")
+print("Session finished")
-logging.info("Training complete")
+logging.info("Session finished")
 print("Saving transaction logs...")
 logging.info("Saving transaction logs...")
--- a/PRIMAITE/common/config_values_main.py
+++ b/PRIMAITE/common/config_values_main.py
@@ -19,6 +19,7 @@ class config_values_main(object):
        self.num_steps = 0                          # number of steps in an episode
        self.time_delay = 0                         # delay between steps (ms) - applies to generic agents only
        self.config_filename_use_case = ""          # the filename for the Use Case config file
        self.session_type = ""                      # the session type to run (TRAINING or EVALUATION)
        # Environment
        self.observation_space_high_value = 0       # The high value for the observation space
@@ -33,6 +34,7 @@ class config_values_main(object):
        self.on_should_be_resetting = 0
        self.resetting_should_be_on = 0
        self.resetting_should_be_off = 0 
        self.resetting = 0
        # Node O/S or Service State
        self.good_should_be_patching = 0
        self.good_should_be_compromised = 0
@@ -40,6 +42,7 @@ class config_values_main(object):
        self.patching_should_be_good = 0
        self.patching_should_be_compromised = 0
        self.patching_should_be_overwhelmed = 0
        self.patching = 0
        self.compromised_should_be_good = 0
        self.compromised_should_be_patching = 0
        self.compromised_should_be_overwhelmed = 0
@@ -48,6 +51,32 @@ class config_values_main(object):
        self.overwhelmed_should_be_patching = 0
        self.overwhelmed_should_be_compromised = 0
        self.overwhelmed = 0
        # Node File System State
        self.good_should_be_repairing = 0
        self.good_should_be_restoring = 0
        self.good_should_be_corrupt = 0
        self.good_should_be_destroyed = 0
        self.repairing_should_be_good = 0
        self.repairing_should_be_restoring = 0
        self.repairing_should_be_corrupt = 0
        self.repairing_should_be_destroyed = 0   # Repairing does not fix destroyed state - you need to restore
        self.repairing = 0
        self.restoring_should_be_good = 0
        self.restoring_should_be_repairing = 0
        self.restoring_should_be_corrupt = 0     # Not the optimal method (as repair will fix corruption)
        self.restoring_should_be_destroyed = 0
        self.restoring = 0
        self.corrupt_should_be_good = 0
        self.corrupt_should_be_repairing = 0
        self.corrupt_should_be_restoring = 0
        self.corrupt_should_be_destroyed = 0
        self.corrupt = 0
        self.destroyed_should_be_good = 0
        self.destroyed_should_be_repairing = 0
        self.destroyed_should_be_restoring = 0
        self.destroyed_should_be_corrupt = 0
        self.destroyed = 0
        self.scanning = 0
        # IER status
        self.red_ier_running = 0
        self.green_ier_blocked = 0
@@ -55,5 +84,8 @@ class config_values_main(object):
        # Patching / Reset
        self.os_patching_duration = 0                         # The time taken to patch the OS
        self.node_reset_duration = 0                          # The time taken to reset a node (hardware)
-        self.service_patching_duration = 0                    # The time taken to patch a service
+        self.service_patching_duration = 0                    # The time taken to patch a service   
        self.file_system_repairing_limit = 0				  # The time take to repair a file
        self.file_system_restoring_limit = 0				  # The time take to restore a file
        self.file_system_scanning_limit = 0                   # The time taken to scan the file system
--- a/PRIMAITE/common/enums.py
+++ b/PRIMAITE/common/enums.py
@@ -59,6 +59,16 @@ class NODE_POL_TYPE(Enum):
    OPERATING = 1
    OS = 2
    SERVICE = 3
    FILE = 4
 class NODE_POL_INITIATOR(Enum):
    """
    Node Pattern of Life initiator enumeration
    """
    DIRECT = 1
    IER = 2
    SERVICE = 3
 class PROTOCOL(Enum):
    """
@@ -82,3 +92,13 @@ class ACTION_TYPE(Enum):
    NODE = 0
    ACL = 1
 class FILE_SYSTEM_STATE(Enum):
    """
    File System State
    """
    GOOD = 1
    CORRUPT = 2
    DESTROYED = 3
    REPAIRING = 4
    RESTORING = 5
--- a/PRIMAITE/config/config_1_DDOS_BASIC.yaml
+++ b/PRIMAITE/config/config_1_DDOS_BASIC.yaml
@@ -0,0 +1,169 @@
 - itemType: ACTIONS
  type: NODE
 - itemType: STEPS
  steps: 128
 - itemType: PORTS
  portsList:
  - port: '80'
 - itemType: SERVICES
  serviceList:
  - name: TCP
 - itemType: NODE
  id: '1'
  name: PC1
  baseType: SERVICE
  nodeType: COMPUTER
  priority: P5
  hardwareState: 'ON'
  ipAddress: 192.168.1.2
  softwareState: GOOD
  fileSystemState: GOOD
  services:
  - name: TCP
    port: '80'
    state: GOOD
 - itemType: NODE
  id: '2'
  name: SERVER
  baseType: SERVICE
  nodeType: SERVER
  priority: P5
  hardwareState: 'ON'
  ipAddress: 192.168.1.3
  softwareState: GOOD
  fileSystemState: GOOD
  services:
  - name: TCP
    port: '80'
    state: GOOD
 - itemType: NODE
  id: '3'
  name: PC2
  baseType: SERVICE
  nodeType: COMPUTER
  priority: P5
  hardwareState: 'ON'
  ipAddress: 192.168.1.4
  softwareState: GOOD
  fileSystemState: GOOD
  services:
  - name: TCP
    port: '80'
    state: GOOD
 - itemType: NODE
  id: '4'
  name: SWITCH1
  baseType: ACTIVE
  nodeType: SWITCH
  priority: P2
  hardwareState: 'ON'
  ipAddress: 192.168.1.5
  softwareState: GOOD
  fileSystemState: GOOD
 - itemType: NODE
  id: '5'
  name: SWITCH2
  baseType: ACTIVE
  nodeType: SWITCH
  priority: P2
  hardwareState: 'ON'
  ipAddress: 192.168.1.6
  softwareState: GOOD
  fileSystemState: GOOD
 - itemType: NODE
  id: '6'
  name: SWITCH3
  baseType: ACTIVE
  nodeType: SWITCH
  priority: P2
  hardwareState: 'ON'
  ipAddress: 192.168.1.7
  softwareState: GOOD
  fileSystemState: GOOD
 - itemType: LINK
  id: '7'
  name: link1
  bandwidth: 1000000000
  source: '1'
  destination: '4'
 - itemType: LINK
  id: '8'
  name: link2
  bandwidth: 1000000000
  source: '4'
  destination: '2'
 - itemType: LINK
  id: '9'
  name: link3
  bandwidth: 1000000000
  source: '2'
  destination: '5'
 - itemType: LINK
  id: '10'
  name: link4
  bandwidth: 1000000000
  source: '2'
  destination: '6'
 - itemType: LINK
  id: '11'
  name: link5
  bandwidth: 1000000000
  source: '5'
  destination: '3'
 - itemType: LINK
  id: '12'
  name: link6
  bandwidth: 1000000000
  source: '6'
  destination: '3'
 - itemType: GREEN_IER
  id: '13'
  startStep: 1
  endStep: 128
  load: 100000
  protocol: TCP
  port: '80'
  source: '3'
  destination: '2'
  missionCriticality: 5
 - itemType: RED_POL
  id: '14'
  startStep: 50
  endStep: 50
  targetNodeId: '1'
  initiator: DIRECT
  type: SERVICE
  protocol: TCP
  state: COMPROMISED
  sourceNodeId: NA
  sourceNodeService: NA
  sourceNodeServiceState: NA
 - itemType: RED_IER
  id: '15'
  startStep: 60
  endStep: 100
  load: 1000000
  protocol: TCP
  port: '80'
  source: '1'
  destination: '2'
  missionCriticality: 0
 - itemType: RED_POL
  id: '16'
  startStep: 80
  endStep: 80
  targetNodeId: '2'
  initiator: IER
  type: SERVICE
  protocol: TCP
  state: COMPROMISED
  sourceNodeId: NA
  sourceNodeService: NA
  sourceNodeServiceState: NA
 - itemType: ACL_RULE
  id: '17'
  permission: ALLOW
  source: ANY
  destination: ANY
  protocol: ANY
  port: ANY
--- a/PRIMAITE/config/config_2_DDOS_BASIC.yaml
+++ b/PRIMAITE/config/config_2_DDOS_BASIC.yaml
@@ -1,5 +1,5 @@
 - itemType: ACTIONS
-  type: ACL
+  type: NODE
 - itemType: STEPS
  steps: 128
 - itemType: PORTS
@@ -17,6 +17,7 @@
  hardwareState: 'ON'
  ipAddress: 192.168.10.11
  softwareState: GOOD
  fileSystemState: GOOD
  services:
  - name: TCP
    port: '80'
@@ -30,6 +31,7 @@
  hardwareState: 'ON'
  ipAddress: 192.168.10.12
  softwareState: GOOD
  fileSystemState: GOOD
  services:
  - name: TCP
    port: '80'
@@ -43,6 +45,7 @@
  hardwareState: 'ON'
  ipAddress: 192.168.10.13
  softwareState: GOOD
  fileSystemState: GOOD
  services:
  - name: TCP
    port: '80'
@@ -56,6 +59,7 @@
  hardwareState: 'ON'
  ipAddress: 192.168.20.14
  softwareState: GOOD
  fileSystemState: GOOD
  services:
  - name: TCP
    port: '80'
@@ -69,6 +73,7 @@
  hardwareState: 'ON'
  ipAddress: 192.168.1.2
  softwareState: GOOD
  fileSystemState: GOOD
 - itemType: NODE
  id: '6'
  name: IDS
@@ -78,6 +83,7 @@
  hardwareState: 'ON'
  ipAddress: 192.168.1.4
  softwareState: GOOD
  fileSystemState: GOOD
  services:
  - name: TCP
    port: '80'
@@ -91,6 +97,7 @@
  hardwareState: 'ON'
  ipAddress: 192.168.1.3
  softwareState: GOOD
  fileSystemState: GOOD
 - itemType: NODE
  id: '8'
  name: LOP1
@@ -100,6 +107,7 @@
  hardwareState: 'ON'
  ipAddress: 192.168.1.12
  softwareState: GOOD
  fileSystemState: GOOD
  services:
  - name: TCP
    port: '80'
@@ -113,6 +121,7 @@
  hardwareState: 'ON'
  ipAddress: 192.168.10.14
  softwareState: GOOD
  fileSystemState: GOOD
  services:
  - name: TCP
    port: '80'
@@ -126,6 +135,7 @@
  hardwareState: 'ON'
  ipAddress: 192.168.20.15
  softwareState: GOOD
  fileSystemState: GOOD
  services:
  - name: TCP
    port: '80'
@@ -260,52 +270,65 @@
  port: 80
 - itemType: ACL_RULE
  id: '29'
  permission: ALLOW
  source: 192.168.10.14
  destination: 192.168.10.13
  protocol: TCP
  port: 80
 - itemType: ACL_RULE
  id: '30'
  permission: DENY
  source: 192.168.10.11
  destination: 192.168.20.15
  protocol: TCP
  port: 80
 - itemType: ACL_RULE
-  id: '30'
+  id: '31'
  permission: DENY
  source: 192.168.10.12
  destination: 192.168.20.15
  protocol: TCP
  port: 80
 - itemType: ACL_RULE
-  id: '31'
+  id: '32'
  permission: DENY
  source: 192.168.10.13
  destination: 192.168.20.15
  protocol: TCP
  port: 80
 - itemType: ACL_RULE
-  id: '32'
+  id: '33'
  permission: DENY
  source: 192.168.20.14
  destination: 192.168.10.14
  protocol: TCP
  port: 80
 - itemType: RED_POL
  id: '33'
  startStep: 20
  endStep: 20
  node: '1'
  type: SERVICE
  protocol: TCP
  state: COMPROMISED
  isEntryNode: true
 - itemType: RED_POL
  id: '34'
  startStep: 20
  endStep: 20
-  node: '2'
+  targetNodeId: '1'
  initiator: DIRECT
  type: SERVICE
  protocol: TCP
  state: COMPROMISED
-  isEntryNode: true
+  sourceNodeId: NA
- itemType: RED_IER
+  sourceNodeService: NA
  sourceNodeServiceState: NA
 - itemType: RED_POL
  id: '35'
  startStep: 20
  endStep: 20
  targetNodeId: '2'
  initiator: DIRECT
  type: SERVICE
  protocol: TCP
  state: COMPROMISED
  sourceNodeId: NA
  sourceNodeService: NA
  sourceNodeServiceState: NA
 - itemType: RED_IER
  id: '36'
  startStep: 30
  endStep: 128
  load: 440000000
@@ -315,7 +338,7 @@
  destination: '9'
  missionCriticality: 0
 - itemType: RED_IER
-  id: '36'
+  id: '37'
  startStep: 30
  endStep: 128
  load: 440000000
@@ -325,11 +348,14 @@
  destination: '9'
  missionCriticality: 0
 - itemType: RED_POL
-  id: '37'
+  id: '38'
  startStep: 30
  endStep: 30
-  node: '9'
+  targetNodeId: '9'
  initiator: IER
  type: SERVICE
  protocol: TCP
  state: OVERWHELMED
-  isEntryNode: false
+  sourceNodeId: NA
  sourceNodeService: NA
  sourceNodeServiceState: NA
--- a/PRIMAITE/config/config_3_DOS_VERY_BASIC.yaml
+++ b/PRIMAITE/config/config_3_DOS_VERY_BASIC.yaml
@@ -0,0 +1,165 @@
 - itemType: ACTIONS
  type: NODE
 - itemType: STEPS
  steps: 256
 - itemType: PORTS
  portsList:
  - port: '80'
 - itemType: SERVICES
  serviceList:
  - name: TCP
 - itemType: NODE
  id: '1'
  name: PC1
  baseType: SERVICE
  nodeType: COMPUTER
  priority: P5
  hardwareState: 'ON'
  ipAddress: 192.168.1.2
  softwareState: GOOD
  fileSystemState: GOOD
  services:
  - name: TCP
    port: '80'
    state: GOOD
 - itemType: NODE
  id: '2'
  name: PC2
  baseType: SERVICE
  nodeType: COMPUTER
  priority: P5
  hardwareState: 'ON'
  ipAddress: 192.168.1.3
  softwareState: GOOD
  fileSystemState: GOOD
  services:
  - name: TCP
    port: '80'
    state: GOOD
 - itemType: NODE
  id: '3'
  name: SWITCH1
  baseType: ACTIVE
  nodeType: SWITCH
  priority: P2
  hardwareState: 'ON'
  ipAddress: 192.168.1.1
  softwareState: GOOD
  fileSystemState: GOOD
 - itemType: NODE
  id: '4'
  name: SERVER1
  baseType: SERVICE
  nodeType: SERVER
  priority: P5
  hardwareState: 'ON'
  ipAddress: 192.168.1.4
  softwareState: GOOD
  fileSystemState: GOOD
  services:
  - name: TCP
    port: '80'
    state: GOOD
 - itemType: LINK
  id: '5'
  name: link1
  bandwidth: 1000000000
  source: '1'
  destination: '3'
 - itemType: LINK
  id: '6'
  name: link2
  bandwidth: 1000000000
  source: '2'
  destination: '3'
 - itemType: LINK
  id: '7'
  name: link3
  bandwidth: 1000000000
  source: '3'
  destination: '4'
 - itemType: GREEN_IER
  id: '8'
  startStep: 1
  endStep: 256
  load: 10000
  protocol: TCP
  port: '80'
  source: '1'
  destination: '4'
  missionCriticality: 1
 - itemType: GREEN_IER
  id: '9'
  startStep: 1
  endStep: 256
  load: 10000
  protocol: TCP
  port: '80'
  source: '2'
  destination: '4'
  missionCriticality: 1
 - itemType: GREEN_IER
  id: '10'
  startStep: 1
  endStep: 256
  load: 10000
  protocol: TCP
  port: '80'
  source: '4'
  destination: '2'
  missionCriticality: 5
 - itemType: ACL_RULE
  id: '11'
  permission: ALLOW
  source: 192.168.1.2
  destination: 192.168.1.4
  protocol: TCP
  port: 80
 - itemType: ACL_RULE
  id: '12'
  permission: ALLOW
  source: 192.168.1.3
  destination: 192.168.1.4
  protocol: TCP
  port: 80
 - itemType: ACL_RULE
  id: '13'
  permission: ALLOW
  source: 192.168.1.4
  destination: 192.168.1.3
  protocol: TCP
  port: 80
 - itemType: RED_POL
  id: '14'
  startStep: 20
  endStep: 20
  targetNodeId: '1'
  initiator: DIRECT
  type: SERVICE
  protocol: TCP
  state: COMPROMISED
  sourceNodeId: NA
  sourceNodeService: NA
  sourceNodeServiceState: NA
 - itemType: RED_IER
  id: '15'
  startStep: 30
  endStep: 256
  load: 10000000
  protocol: TCP
  port: '80'
  source: '1'
  destination: '4'
  missionCriticality: 0
 - itemType: RED_POL
  id: '16'
  startStep: 40
  endStep: 40
  targetNodeId: '4'
  initiator: IER
  type: SERVICE
  protocol: TCP
  state: OVERWHELMED
  sourceNodeId: NA
  sourceNodeService: NA
  sourceNodeServiceState: NA
--- a/PRIMAITE/config/config_5_DATA_MANIPULATION.yaml
+++ b/PRIMAITE/config/config_5_DATA_MANIPULATION.yaml
@@ -0,0 +1,533 @@
 - itemType: ACTIONS
  type: NODE
 - itemType: STEPS
  steps: 256
 - itemType: PORTS
  portsList:
  - port: '80'
  - port: '1433'
  - port: '53'
 - itemType: SERVICES
  serviceList:
  - name: TCP
  - name: TCP_SQL
  - name: UDP
 - itemType: NODE
  id: '1'
  name: CLIENT_1
  baseType: SERVICE
  nodeType: COMPUTER
  priority: P5
  hardwareState: 'ON'
  ipAddress: 192.168.10.11
  softwareState: GOOD
  fileSystemState: GOOD
  services:
  - name: TCP
    port: '80'
    state: GOOD
  - name: UDP
    port: '53'
    state: GOOD
 - itemType: NODE
  id: '2'
  name: CLIENT_2
  baseType: SERVICE
  nodeType: COMPUTER
  priority: P5
  hardwareState: 'ON'
  ipAddress: 192.168.10.12
  softwareState: GOOD
  fileSystemState: GOOD
  services:
  - name: TCP
    port: '80'
    state: GOOD
 - itemType: NODE
  id: '3'
  name: SWITCH_1
  baseType: ACTIVE
  nodeType: SWITCH
  priority: P2
  hardwareState: 'ON'
  ipAddress: 192.168.10.1
  softwareState: GOOD
  fileSystemState: GOOD
 - itemType: NODE
  id: '4'
  name: SECURITY_SUITE
  baseType: SERVICE
  nodeType: SERVER
  priority: P5
  hardwareState: 'ON'
  ipAddress: 192.168.1.10
  softwareState: GOOD
  fileSystemState: GOOD
  services:
  - name: TCP
    port: '80'
    state: GOOD
  - name: UDP
    port: '53'
    state: GOOD
 - itemType: NODE
  id: '5'
  name: MANAGEMENT_CONSOLE
  baseType: SERVICE
  nodeType: SERVER
  priority: P5
  hardwareState: 'ON'
  ipAddress: 192.168.1.12
  softwareState: GOOD
  fileSystemState: GOOD
  services:
  - name: TCP
    port: '80'
    state: GOOD
  - name: UDP
    port: '53'
    state: GOOD
 - itemType: NODE
  id: '6'
  name: SWITCH_2
  baseType: ACTIVE
  nodeType: SWITCH
  priority: P2
  hardwareState: 'ON'
  ipAddress: 192.168.2.1
  softwareState: GOOD
  fileSystemState: GOOD
 - itemType: NODE
  id: '7'
  name: WEB_SERVER
  baseType: SERVICE
  nodeType: SERVER
  priority: P5
  hardwareState: 'ON'
  ipAddress: 192.168.2.10
  softwareState: GOOD
  fileSystemState: GOOD
  services:
  - name: TCP
    port: '80'
    state: GOOD
  - name: TCP_SQL
    port: '1433'
    state: GOOD
 - itemType: NODE
  id: '8'
  name: DATABASE_SERVER
  baseType: SERVICE
  nodeType: SERVER
  priority: P5
  hardwareState: 'ON'
  ipAddress: 192.168.2.14
  softwareState: GOOD
  fileSystemState: GOOD
  services:
  - name: TCP
    port: '80'
    state: GOOD
  - name: TCP_SQL
    port: '1433'
    state: GOOD
  - name: UDP
    port: '53'
    state: GOOD
 - itemType: NODE
  id: '9'
  name: BACKUP_SERVER
  baseType: SERVICE
  nodeType: SERVER
  priority: P5
  hardwareState: 'ON'
  ipAddress: 192.168.2.16
  softwareState: GOOD
  fileSystemState: GOOD
  services:
  - name: TCP
    port: '80'
    state: GOOD
 - itemType: LINK
  id: '10'
  name: LINK_1
  bandwidth: 1000000000
  source: '1'
  destination: '3'
 - itemType: LINK
  id: '11'
  name: LINK_2
  bandwidth: 1000000000
  source: '2'
  destination: '3'
 - itemType: LINK
  id: '12'
  name: LINK_3
  bandwidth: 1000000000
  source: '3'
  destination: '4'
 - itemType: LINK
  id: '13'
  name: LINK_4
  bandwidth: 1000000000
  source: '3'
  destination: '5'
 - itemType: LINK
  id: '14'
  name: LINK_5
  bandwidth: 1000000000
  source: '4'
  destination: '6'
 - itemType: LINK
  id: '15'
  name: LINK_6
  bandwidth: 1000000000
  source: '5'
  destination: '6'
 - itemType: LINK
  id: '16'
  name: LINK_7
  bandwidth: 1000000000
  source: '6'
  destination: '7'
 - itemType: LINK
  id: '17'
  name: LINK_8
  bandwidth: 1000000000
  source: '6'
  destination: '8'
 - itemType: LINK
  id: '18'
  name: LINK_9
  bandwidth: 1000000000
  source: '6'
  destination: '9'
 - itemType: GREEN_IER
  id: '19'
  startStep: 1
  endStep: 256
  load: 10000
  protocol: TCP
  port: '80'
  source: '1'
  destination: '7'
  missionCriticality: 5
 - itemType: GREEN_IER
  id: '20'
  startStep: 1
  endStep: 256
  load: 10000
  protocol: TCP
  port: '80'
  source: '7'
  destination: '1'
  missionCriticality: 5
 - itemType: GREEN_IER
  id: '21'
  startStep: 1
  endStep: 256
  load: 10000
  protocol: TCP
  port: '80'
  source: '2'
  destination: '7'
  missionCriticality: 5
 - itemType: GREEN_IER
  id: '22'
  startStep: 1
  endStep: 256
  load: 10000
  protocol: TCP
  port: '80'
  source: '7'
  destination: '2'
  missionCriticality: 5
 - itemType: GREEN_IER
  id: '23'
  startStep: 1
  endStep: 256
  load: 5000
  protocol: TCP_SQL
  port: '1433'
  source: '7'
  destination: '8'
  missionCriticality: 5
 - itemType: GREEN_IER
  id: '24'
  startStep: 1
  endStep: 256
  load: 100000
  protocol: TCP_SQL
  port: '1433'
  source: '8'
  destination: '7'
  missionCriticality: 5
 - itemType: GREEN_IER
  id: '25'
  startStep: 1
  endStep: 256
  load: 50000
  protocol: TCP
  port: '80'
  source: '1'
  destination: '9'
  missionCriticality: 2
 - itemType: GREEN_IER
  id: '26'
  startStep: 1
  endStep: 256
  load: 50000
  protocol: TCP
  port: '80'
  source: '2'
  destination: '9'
  missionCriticality: 2
 - itemType: GREEN_IER
  id: '27'
  startStep: 1
  endStep: 256
  load: 5000
  protocol: TCP
  port: '80'
  source: '5'
  destination: '7'
  missionCriticality: 1
 - itemType: GREEN_IER
  id: '28'
  startStep: 1
  endStep: 256
  load: 5000
  protocol: TCP
  port: '80'
  source: '7'
  destination: '5'
  missionCriticality: 1
 - itemType: GREEN_IER
  id: '29'
  startStep: 1
  endStep: 256
  load: 5000
  protocol: TCP
  port: '80'
  source: '5'
  destination: '8'
  missionCriticality: 1
 - itemType: GREEN_IER
  id: '30'
  startStep: 1
  endStep: 256
  load: 5000
  protocol: TCP
  port: '80'
  source: '8'
  destination: '5'
  missionCriticality: 1
 - itemType: GREEN_IER
  id: '31'
  startStep: 1
  endStep: 256
  load: 5000
  protocol: TCP
  port: '80'
  source: '5'
  destination: '9'
  missionCriticality: 1
 - itemType: GREEN_IER
  id: '32'
  startStep: 1
  endStep: 256
  load: 5000
  protocol: TCP
  port: '80'
  source: '9'
  destination: '5'
  missionCriticality: 1
 - itemType: ACL_RULE
  id: '33'
  permission: ALLOW
  source: 192.168.10.11
  destination: 192.168.2.10
  protocol: ANY
  port: ANY
 - itemType: ACL_RULE
  id: '34'
  permission: ALLOW
  source: 192.168.10.11
  destination: 192.168.2.14
  protocol: ANY
  port: ANY
 - itemType: ACL_RULE
  id: '35'
  permission: ALLOW
  source: 192.168.10.12
  destination: 192.168.2.14
  protocol: ANY
  port: ANY
 - itemType: ACL_RULE
  id: '36'
  permission: ALLOW
  source: 192.168.10.12
  destination: 192.168.2.10
  protocol: ANY
  port: ANY
 - itemType: ACL_RULE
  id: '37'
  permission: ALLOW
  source: 192.168.2.10
  destination: 192.168.10.11
  protocol: ANY
  port: ANY
 - itemType: ACL_RULE
  id: '38'
  permission: ALLOW
  source: 192.168.2.10
  destination: 192.168.10.12
  protocol: ANY
  port: ANY
 - itemType: ACL_RULE
  id: '39'
  permission: ALLOW
  source: 192.168.2.10
  destination: 192.168.2.14
  protocol: ANY
  port: ANY
 - itemType: ACL_RULE
  id: '40'
  permission: ALLOW
  source: 192.168.2.14
  destination: 192.168.2.10
  protocol: ANY
  port: ANY
 - itemType: ACL_RULE
  id: '41'
  permission: ALLOW
  source: 192.168.10.11
  destination: 192.168.2.16
  protocol: ANY
  port: ANY
 - itemType: ACL_RULE
  id: '42'
  permission: ALLOW
  source: 192.168.10.12
  destination: 192.168.2.16
  protocol: ANY
  port: ANY
 - itemType: ACL_RULE
  id: '43'
  permission: ALLOW
  source: 192.168.1.12
  destination: 192.168.2.10
  protocol: ANY
  port: ANY
 - itemType: ACL_RULE
  id: '44'
  permission: ALLOW
  source: 192.168.1.12
  destination: 192.168.2.14
  protocol: ANY
  port: ANY
 - itemType: ACL_RULE
  id: '45'
  permission: ALLOW
  source: 192.168.1.12
  destination: 192.168.2.16
  protocol: ANY
  port: ANY
 - itemType: ACL_RULE
  id: '46'
  permission: ALLOW
  source: 192.168.2.10
  destination: 192.168.1.12
  protocol: ANY
  port: ANY
 - itemType: ACL_RULE
  id: '47'
  permission: ALLOW
  source: 192.168.2.14
  destination: 192.168.1.12
  protocol: ANY
  port: ANY
 - itemType: ACL_RULE
  id: '48'
  permission: ALLOW
  source: 192.168.2.16
  destination: 192.168.1.12
  protocol: ANY
  port: ANY
 - itemType: ACL_RULE
  id: '49'
  permission: DENY
  source: ANY
  destination: ANY
  protocol: ANY
  port: ANY
 - itemType: RED_POL
  id: '50'
  startStep: 50
  endStep: 50
  targetNodeId: '1'
  initiator: DIRECT
  type: SERVICE
  protocol: UDP
  state: COMPROMISED
  sourceNodeId: NA
  sourceNodeService: NA
  sourceNodeServiceState: NA
 - itemType: RED_IER
  id: '51'
  startStep: 75
  endStep: 105
  load: 10000
  protocol: UDP
  port: '53'
  source: '1'
  destination: '8'
  missionCriticality: 0
 - itemType: RED_POL
  id: '52'
  startStep: 100
  endStep: 100
  targetNodeId: '8'
  initiator: IER
  type: SERVICE
  protocol: UDP
  state: COMPROMISED
  sourceNodeId: NA
  sourceNodeService: NA
  sourceNodeServiceState: NA
 - itemType: RED_POL
  id: '53'
  startStep: 105
  endStep: 105
  targetNodeId: '8'
  initiator: SERVICE
  type: FILE
  protocol: NA
  state: CORRUPT
  sourceNodeId: '8'
  sourceNodeService: UDP
  sourceNodeServiceState: COMPROMISED
 - itemType: RED_POL
  id: '54'
  startStep: 105
  endStep: 105
  targetNodeId: '8'
  initiator: SERVICE
  type: SERVICE
  protocol: TCP_SQL
  state: COMPROMISED
  sourceNodeId: '8'
  sourceNodeService: UDP
  sourceNodeServiceState: COMPROMISED
 - itemType: RED_POL
  id: '55'
  startStep: 125
  endStep: 125
  targetNodeId: '7'
  initiator: SERVICE
  type: SERVICE
  protocol: TCP
  state: OVERWHELMED
  sourceNodeId: '8'
  sourceNodeService: TCP_SQL 
  sourceNodeServiceState: COMPROMISED
--- a/PRIMAITE/config/config_UNIT_TEST.yaml
+++ b/PRIMAITE/config/config_UNIT_TEST.yaml
@@ -0,0 +1,533 @@
 - itemType: ACTIONS
  type: NODE
 - itemType: STEPS
  steps: 256
 - itemType: PORTS
  portsList:
  - port: '80'
  - port: '1433'
  - port: '53'
 - itemType: SERVICES
  serviceList:
  - name: TCP
  - name: TCP_SQL
  - name: UDP
 - itemType: NODE
  id: '1'
  name: CLIENT_1
  baseType: SERVICE
  nodeType: COMPUTER
  priority: P5
  hardwareState: 'ON'
  ipAddress: 192.168.10.11
  softwareState: GOOD
  fileSystemState: GOOD
  services:
  - name: TCP
    port: '80'
    state: GOOD
  - name: UDP
    port: '53'
    state: GOOD
 - itemType: NODE
  id: '2'
  name: CLIENT_2
  baseType: SERVICE
  nodeType: COMPUTER
  priority: P5
  hardwareState: 'ON'
  ipAddress: 192.168.10.12
  softwareState: GOOD
  fileSystemState: GOOD
  services:
  - name: TCP
    port: '80'
    state: GOOD
 - itemType: NODE
  id: '3'
  name: SWITCH_1
  baseType: ACTIVE
  nodeType: SWITCH
  priority: P2
  hardwareState: 'ON'
  ipAddress: 192.168.10.1
  softwareState: GOOD
  fileSystemState: GOOD
 - itemType: NODE
  id: '4'
  name: SECURITY_SUITE
  baseType: SERVICE
  nodeType: SERVER
  priority: P5
  hardwareState: 'ON'
  ipAddress: 192.168.1.10
  softwareState: GOOD
  fileSystemState: GOOD
  services:
  - name: TCP
    port: '80'
    state: GOOD
  - name: UDP
    port: '53'
    state: GOOD
 - itemType: NODE
  id: '5'
  name: MANAGEMENT_CONSOLE
  baseType: SERVICE
  nodeType: SERVER
  priority: P5
  hardwareState: 'ON'
  ipAddress: 192.168.1.12
  softwareState: GOOD
  fileSystemState: GOOD
  services:
  - name: TCP
    port: '80'
    state: GOOD
  - name: UDP
    port: '53'
    state: GOOD
 - itemType: NODE
  id: '6'
  name: SWITCH_2
  baseType: ACTIVE
  nodeType: SWITCH
  priority: P2
  hardwareState: 'ON'
  ipAddress: 192.168.2.1
  softwareState: GOOD
  fileSystemState: GOOD
 - itemType: NODE
  id: '7'
  name: WEB_SERVER
  baseType: SERVICE
  nodeType: SERVER
  priority: P5
  hardwareState: 'ON'
  ipAddress: 192.168.2.10
  softwareState: GOOD
  fileSystemState: GOOD
  services:
  - name: TCP
    port: '80'
    state: GOOD
  - name: TCP_SQL
    port: '1433'
    state: GOOD
 - itemType: NODE
  id: '8'
  name: DATABASE_SERVER
  baseType: SERVICE
  nodeType: SERVER
  priority: P5
  hardwareState: 'ON'
  ipAddress: 192.168.2.14
  softwareState: GOOD
  fileSystemState: GOOD
  services:
  - name: TCP
    port: '80'
    state: GOOD
  - name: TCP_SQL
    port: '1433'
    state: GOOD
  - name: UDP
    port: '53'
    state: GOOD
 - itemType: NODE
  id: '9'
  name: BACKUP_SERVER
  baseType: SERVICE
  nodeType: SERVER
  priority: P5
  hardwareState: 'ON'
  ipAddress: 192.168.2.16
  softwareState: GOOD
  fileSystemState: GOOD
  services:
  - name: TCP
    port: '80'
    state: GOOD
 - itemType: LINK
  id: '10'
  name: LINK_1
  bandwidth: 1000000000
  source: '1'
  destination: '3'
 - itemType: LINK
  id: '11'
  name: LINK_2
  bandwidth: 1000000000
  source: '2'
  destination: '3'
 - itemType: LINK
  id: '12'
  name: LINK_3
  bandwidth: 1000000000
  source: '3'
  destination: '4'
 - itemType: LINK
  id: '13'
  name: LINK_4
  bandwidth: 1000000000
  source: '3'
  destination: '5'
 - itemType: LINK
  id: '14'
  name: LINK_5
  bandwidth: 1000000000
  source: '4'
  destination: '6'
 - itemType: LINK
  id: '15'
  name: LINK_6
  bandwidth: 1000000000
  source: '5'
  destination: '6'
 - itemType: LINK
  id: '16'
  name: LINK_7
  bandwidth: 1000000000
  source: '6'
  destination: '7'
 - itemType: LINK
  id: '17'
  name: LINK_8
  bandwidth: 1000000000
  source: '6'
  destination: '8'
 - itemType: LINK
  id: '18'
  name: LINK_9
  bandwidth: 1000000000
  source: '6'
  destination: '9'
 - itemType: GREEN_IER
  id: '19'
  startStep: 1
  endStep: 256
  load: 10000
  protocol: TCP
  port: '80'
  source: '1'
  destination: '7'
  missionCriticality: 5
 - itemType: GREEN_IER
  id: '20'
  startStep: 1
  endStep: 256
  load: 10000
  protocol: TCP
  port: '80'
  source: '7'
  destination: '1'
  missionCriticality: 5
 - itemType: GREEN_IER
  id: '21'
  startStep: 1
  endStep: 256
  load: 10000
  protocol: TCP
  port: '80'
  source: '2'
  destination: '7'
  missionCriticality: 5
 - itemType: GREEN_IER
  id: '22'
  startStep: 1
  endStep: 256
  load: 10000
  protocol: TCP
  port: '80'
  source: '7'
  destination: '2'
  missionCriticality: 5
 - itemType: GREEN_IER
  id: '23'
  startStep: 1
  endStep: 256
  load: 5000
  protocol: TCP_SQL
  port: '1433'
  source: '7'
  destination: '8'
  missionCriticality: 5
 - itemType: GREEN_IER
  id: '24'
  startStep: 1
  endStep: 256
  load: 100000
  protocol: TCP_SQL
  port: '1433'
  source: '8'
  destination: '7'
  missionCriticality: 5
 - itemType: GREEN_IER
  id: '25'
  startStep: 1
  endStep: 256
  load: 50000
  protocol: TCP
  port: '80'
  source: '1'
  destination: '9'
  missionCriticality: 2
 - itemType: GREEN_IER
  id: '26'
  startStep: 1
  endStep: 256
  load: 50000
  protocol: TCP
  port: '80'
  source: '2'
  destination: '9'
  missionCriticality: 2
 - itemType: GREEN_IER
  id: '27'
  startStep: 1
  endStep: 256
  load: 5000
  protocol: TCP
  port: '80'
  source: '5'
  destination: '7'
  missionCriticality: 1
 - itemType: GREEN_IER
  id: '28'
  startStep: 1
  endStep: 256
  load: 5000
  protocol: TCP
  port: '80'
  source: '7'
  destination: '5'
  missionCriticality: 1
 - itemType: GREEN_IER
  id: '29'
  startStep: 1
  endStep: 256
  load: 5000
  protocol: TCP
  port: '80'
  source: '5'
  destination: '8'
  missionCriticality: 1
 - itemType: GREEN_IER
  id: '30'
  startStep: 1
  endStep: 256
  load: 5000
  protocol: TCP
  port: '80'
  source: '8'
  destination: '5'
  missionCriticality: 1
 - itemType: GREEN_IER
  id: '31'
  startStep: 1
  endStep: 256
  load: 5000
  protocol: TCP
  port: '80'
  source: '5'
  destination: '9'
  missionCriticality: 1
 - itemType: GREEN_IER
  id: '32'
  startStep: 1
  endStep: 256
  load: 5000
  protocol: TCP
  port: '80'
  source: '9'
  destination: '5'
  missionCriticality: 1
 - itemType: ACL_RULE
  id: '33'
  permission: ALLOW
  source: 192.168.10.11
  destination: 192.168.2.10
  protocol: ANY
  port: ANY
 - itemType: ACL_RULE
  id: '34'
  permission: ALLOW
  source: 192.168.10.11
  destination: 192.168.2.14
  protocol: ANY
  port: ANY
 - itemType: ACL_RULE
  id: '35'
  permission: ALLOW
  source: 192.168.10.12
  destination: 192.168.2.14
  protocol: ANY
  port: ANY
 - itemType: ACL_RULE
  id: '36'
  permission: ALLOW
  source: 192.168.10.12
  destination: 192.168.2.10
  protocol: ANY
  port: ANY
 - itemType: ACL_RULE
  id: '37'
  permission: ALLOW
  source: 192.168.2.10
  destination: 192.168.10.11
  protocol: ANY
  port: ANY
 - itemType: ACL_RULE
  id: '38'
  permission: ALLOW
  source: 192.168.2.10
  destination: 192.168.10.12
  protocol: ANY
  port: ANY
 - itemType: ACL_RULE
  id: '39'
  permission: ALLOW
  source: 192.168.2.10
  destination: 192.168.2.14
  protocol: ANY
  port: ANY
 - itemType: ACL_RULE
  id: '40'
  permission: ALLOW
  source: 192.168.2.14
  destination: 192.168.2.10
  protocol: ANY
  port: ANY
 - itemType: ACL_RULE
  id: '41'
  permission: ALLOW
  source: 192.168.10.11
  destination: 192.168.2.16
  protocol: ANY
  port: ANY
 - itemType: ACL_RULE
  id: '42'
  permission: ALLOW
  source: 192.168.10.12
  destination: 192.168.2.16
  protocol: ANY
  port: ANY
 - itemType: ACL_RULE
  id: '43'
  permission: ALLOW
  source: 192.168.1.12
  destination: 192.168.2.10
  protocol: ANY
  port: ANY
 - itemType: ACL_RULE
  id: '44'
  permission: ALLOW
  source: 192.168.1.12
  destination: 192.168.2.14
  protocol: ANY
  port: ANY
 - itemType: ACL_RULE
  id: '45'
  permission: ALLOW
  source: 192.168.1.12
  destination: 192.168.2.16
  protocol: ANY
  port: ANY
 - itemType: ACL_RULE
  id: '46'
  permission: ALLOW
  source: 192.168.2.10
  destination: 192.168.1.12
  protocol: ANY
  port: ANY
 - itemType: ACL_RULE
  id: '47'
  permission: ALLOW
  source: 192.168.2.14
  destination: 192.168.1.12
  protocol: ANY
  port: ANY
 - itemType: ACL_RULE
  id: '48'
  permission: ALLOW
  source: 192.168.2.16
  destination: 192.168.1.12
  protocol: ANY
  port: ANY
 - itemType: ACL_RULE
  id: '49'
  permission: DENY
  source: ANY
  destination: ANY
  protocol: ANY
  port: ANY
 - itemType: RED_POL
  id: '50'
  startStep: 50
  endStep: 50
  targetNodeId: '1'
  initiator: DIRECT
  type: SERVICE
  protocol: UDP
  state: COMPROMISED
  sourceNodeId: NA
  sourceNodeService: NA
  sourceNodeServiceState: NA
 - itemType: RED_IER
  id: '51'
  startStep: 75
  endStep: 105
  load: 10000
  protocol: UDP
  port: '53'
  source: '1'
  destination: '8'
  missionCriticality: 0
 - itemType: RED_POL
  id: '52'
  startStep: 100
  endStep: 100
  targetNodeId: '8'
  initiator: IER
  type: SERVICE
  protocol: UDP
  state: COMPROMISED
  sourceNodeId: NA
  sourceNodeService: NA
  sourceNodeServiceState: NA
 - itemType: RED_POL
  id: '53'
  startStep: 105
  endStep: 105
  targetNodeId: '8'
  initiator: SERVICE
  type: FILE
  protocol: NA
  state: CORRUPT
  sourceNodeId: '8'
  sourceNodeService: UDP
  sourceNodeServiceState: COMPROMISED
 - itemType: RED_POL
  id: '54'
  startStep: 105
  endStep: 105
  targetNodeId: '8'
  initiator: SERVICE
  type: SERVICE
  protocol: TCP_SQL
  state: COMPROMISED
  sourceNodeId: '8'
  sourceNodeService: UDP
  sourceNodeServiceState: COMPROMISED
 - itemType: RED_POL
  id: '55'
  startStep: 125
  endStep: 125
  targetNodeId: '7'
  initiator: SERVICE
  type: SERVICE
  protocol: TCP
  state: OVERWHELMED
  sourceNodeId: '8'
  sourceNodeService: TCP_SQL 
  sourceNodeServiceState: COMPROMISED
--- a/PRIMAITE/config/config_main.yaml
+++ b/PRIMAITE/config/config_main.yaml
@@ -5,13 +5,19 @@
 # "STABLE_BASELINES3_PPO"
 # "STABLE_BASELINES3_A2C"
 # "GENERIC"
-agentIdentifier: STABLE_BASELINES3_PPO
+agentIdentifier: STABLE_BASELINES3_A2C
-# Maximum number of episodes to run per training session
+# Number of episodes to run per session
 numEpisodes: 10
 # Time delay between steps (for generic agents)
 timeDelay: 10
 # Filename of the scenario / laydown
-configFilename: config_2_DDOS_BASIC.yaml
+configFilename: config_5_DATA_MANIPULATION.yaml
 # Type of session to be run (TRAINING or EVALUATION)
 sessionType: TRAINING
 # Determine whether to load an agent from file
 loadAgent: False
 # File path and file name of agent if you're loading one in
 agentLoadFile: C:\[Path]\[agent_saved_filename.zip]
 # Environment config values
 # The high value for the observation space
@@ -27,6 +33,7 @@ onShouldBeOff: -2
 onShouldBeResetting: -5
 resettingShouldBeOn: -5
 resettingShouldBeOff: -2 
 resetting: -3
 # Node O/S or Service State
 goodShouldBePatching: 2
 goodShouldBeCompromised: 5
@@ -34,6 +41,7 @@ goodShouldBeOverwhelmed: 5
 patchingShouldBeGood: -5
 patchingShouldBeCompromised: 2
 patchingShouldBeOverwhelmed: 2
 patching: -3
 compromisedShouldBeGood: -20
 compromisedShouldBePatching: -20
 compromisedShouldBeOverwhelmed: -20
@@ -42,11 +50,40 @@ overwhelmedShouldBeGood: -20
 overwhelmedShouldBePatching: -20
 overwhelmedShouldBeCompromised: -20
 overwhelmed: -20
 # Node File System State
 goodShouldBeRepairing: 2
 goodShouldBeRestoring: 2
 goodShouldBeCorrupt: 5
 goodShouldBeDestroyed: 10
 repairingShouldBeGood: -5
 repairingShouldBeRestoring: 2
 repairingShouldBeCorrupt: 2
 repairingShouldBeDestroyed: 0
 repairing: -3
 restoringShouldBeGood: -10
 restoringShouldBeRepairing: -2
 restoringShouldBeCorrupt: 1     
 restoringShouldBeDestroyed: 2
 restoring: -6
 corruptShouldBeGood: -10
 corruptShouldBeRepairing: -10
 corruptShouldBeRestoring: -10
 corruptShouldBeDestroyed: 2
 corrupt: -10
 destroyedShouldBeGood: -20
 destroyedShouldBeRepairing: -20
 destroyedShouldBeRestoring: -20
 destroyedShouldBeCorrupt: -20
 destroyed: -20
 scanning: -2
 # IER status
 redIerRunning: -5
 greenIerBlocked: -10
 # Patching / Reset durations
-osPatchingDuration: 5                         # The time taken to patch the OS
+osPatchingDuration: 5            # The time taken to patch the OS
-nodeResetDuration: 5                          # The time taken to reset a node (hardware)
+nodeResetDuration: 5             # The time taken to reset a node (hardware)
-servicePatchingDuration: 5                    # The time taken to patch a service
+servicePatchingDuration: 5       # The time taken to patch a service
 fileSystemRepairingLimit: 5      # The time take to repair the file system
 fileSystemRestoringLimit: 5      # The time take to restore the file system
 fileSystemScanningLimit: 5       # The time taken to scan the file system
--- a/PRIMAITE/docs/source/about.rst
+++ b/PRIMAITE/docs/source/about.rst
@@ -1,4 +1,4 @@
-.. _about:
+.. _about:
 About PrimAITE
 ==============
@@ -11,7 +11,7 @@ PrimAITE provides the following features:
 * A flexible network / system laydown based on the Python networkx framework
 * Nodes and links (edges) host Python classes in order to present attributes and methods (and hence, a more representative model of a platform / system)
 * A ‘green agent’ Information Exchange Requirement (IER) function allows the representation of traffic (protocols and loading) on any / all links. Application of IERs is based on the status of node operating systems and services
-* A ‘green agent’ node Pattern-of-Life (PoL) function allows the representation of core behaviours on nodes (e.g. Operating state, Operating System state, Service state)
+* A ‘green agent’ node Pattern-of-Life (PoL) function allows the representation of core behaviours on nodes (e.g. Operating state, Operating System state, Service state, File System state)
 * An Access Control List (ACL) function, mimicking the behaviour of a network firewall, is applied across the model, following standard ACL rule format (e.g. DENY/ALLOW, source IP, destination IP, protocol and port). Application of IERs adheres to any ACL restrictions
 * Presents an OpenAI Gym interface to the environment, allowing integration with any OpenAI Gym compliant defensive agents 
 * Red agent activity based on ‘red’ IERs and ‘red’ PoL
@@ -37,6 +37,7 @@ Active Nodes also have the following attributes (Class: Active Node):
 * IP Address
 * Operating System State (GOOD, PATCHING, COMPROMISED - enumeration)
 * File System State (GOOD, CORRUPT, DESTROYED, REPAIRING, RESTORING - enumeration)
 Service Nodes also have the following attributes (Class: Service Node):
@@ -114,6 +115,14 @@ The status changes that can be made to a node are as follows:
      * PATCHING - when a status of patching is entered, the node will automatically exit this state after a number of steps (as defined by the osPatchingDuration configuration item) after which it returns to a GOOD state
      * COMPROMISED
   * File System State:
      * GOOD
      * CORRUPT (can be resolved by repair or restore)
      * DESTROYED (can be resolved by restore only)
      * REPAIRING - when a status of repairing is entered, the node will automatically exit this state after a number of steps (as defined by the fileSystemRepairingLimit configuration item) after which it returns to a GOOD state
      * RESTORING - when a status of repairing is entered, the node will automatically exit this state after a number of steps (as defined by the fileSystemRestoringLimit configuration item) after which it returns to a GOOD state
 * Service Nodes only:
   * Service State (for any associated service):
@@ -123,6 +132,20 @@ The status changes that can be made to a node are as follows:
      * COMPROMISED
      * OVERWHELMED
 Red agent pattern-of-life has an additional feature not found in the green pattern-of-life. This is the ability to influence the state of the attributes of a node via a number of different conditions:
   * DIRECT:
   The pattern-of-life described by the configuration file item will be applied regardless of any other conditions in the network. This is particularly useful for direct red agent entry into the network.
   * IER:
   The pattern-of-life described by the configuration file item will be applied to the service on the node, only if there is an IER of the same protocol / service type incoming at the specified timestep.
   * SERVICE:
   The pattern-of-life described by the configuration file item will be applied to the node based on the state of a service. The service can either be on the same node, or a different node within the network.
 Access Control List modelling
 *****************************
@@ -162,19 +185,20 @@ Observation Spaces
 The OpenAI Gym observation space provides the status of all nodes and links across the whole system:
-* Nodes (in terms of operating state, operating system state, and services state) 
+* Nodes (in terms of operating state, operating system state, file system state and services state) 
 * Links (in terms of current loading for each service/protocol)
 An example observation space is provided below:
 .. list-table:: Observation Space example
-   :widths: 25 25 25 25 25 25
+   :widths: 25 25 25 25 25 25 25
   :header-rows: 1
   * - 
     - ID
     - Operating State
     - O/S State
     - File System State
     - Service / Protocol A
     - Service / Protocol B
   * - Node A
@@ -183,38 +207,44 @@ An example observation space is provided below:
     - 1
     - 1
     - 1
     - 1
   * - Node B
     - 2
     - 1
     - 3
     - 1
     - 1
     - 1
   * - Node C
     - 3
     - 2
     - 1
     - 1
     - 3
     - 2
   * - Link 1
     - 5
-     - 1
+     - 0
-     - 1
+     - 0
     - 0
     - 0
     - 10000
   * - Link 2
     - 6
-     - 1
+     - 0
-     - 1
+     - 0
     - 0
     - 0
     - 10000
   * - Link 3
     - 7
     - 1
     - 1
     - 0
     - 0
     - 0
     - 5000
     - 0
-The observation space is a 6 x 5 Box type (OpenAI Gym Space) in this example. This is made up from the node and link information detailed below.
+The observation space is a 6 x 6 Box type (OpenAI Gym Space) in this example. This is made up from the node and link information detailed below.
 For the nodes, the following values are represented:
@@ -238,6 +268,14 @@ For the nodes, the following values are represented:
    * 3 = COMPROMISED
    * 4 = OVERWHELMED
 * File System State:
    * 1 = GOOD
    * 2 = CORRUPT
    * 3 = DESTROYED
    * 4 = REPAIRING
    * 5 = RESTORING
 (Note that each service available in the network is provided as a column, although not all nodes may utilise all services)
 For the links, the following statuses are represented:
@@ -262,8 +300,8 @@ The choice of action space used during a training session is determined in the c
 The agent is able to influence the status of nodes by switching them off, resetting, or patching operating systems and services. In this instance, the action space is an OpenAI Gym multidiscrete type, as follows:
 * [0, num nodes] - Node ID (0 = nothing, node ID)
- * [0, 3] - What property it's acting on (0 = nothing, 1 = state, 2 = O/S state, 3 = service state)
+ * [0, 4] - What property it's acting on (0 = nothing, 1 = state, 2 = O/S state, 3 = service state, 4 = file system state)
- * [0, 3] - Action on property (0 = nothing, 1 = on, 2 = off, 3 = reset / patch)
+ * [0, 3] - Action on property (0 = nothing, 1 = on / scan, 2 = off / repair, 3 = reset / patch / restore)
 * [0, num services] - Resolves to service ID (0 = nothing, resolves to service)
 **Access Control List**
@@ -305,4 +343,3 @@ The PrimAITE project has an ambition to include the following enhancements in fu
 * Integration with a suitable standardised framework to allow multi-agent integration
 * Integration with external threat emulation tools, either using off-line data, or integrating at runtime
 * Provision of data such that agents can construct alternative observation spaces (as an alternative to the default PrimAITE observation space)
 * Introduction of a testing phase (post training) to evaluate the effectiveness of the training
--- a/PRIMAITE/docs/source/config.rst
+++ b/PRIMAITE/docs/source/config.rst
@@ -5,8 +5,8 @@ The Config Files Explained
 PrimAITE uses two configuration files for its operation:
-* config_main.yaml - used to define the top-level settings of the PrimAITE environment, and the training session that is to be run.
+* config_main.yaml - used to define the top-level settings of the PrimAITE environment, and the session that is to be run.
-* config_[name].yaml - used to define the low-level settings of a training session, including the network laydown, green / red agent information exchange requirements (IERSs), Access Control Rules, Action Space type, and the number of steps in each episode.
+* config_[name].yaml - used to define the low-level settings of a session, including the network laydown, green / red agent information exchange requirements (IERSs), Access Control Rules, Action Space type, and the number of steps in each episode.
 config_main.yaml:
 *****************
@@ -17,7 +17,7 @@ The config_main.yaml file consists of the following attributes:
 * **agentIdentifier** [enum]
-   This identifies the agent to use for the training session. Select from one of the following:
+   This identifies the agent to use for the session. Select from one of the following:
   * GENERIC - Where a user developed agent is to be used
   * STABLE_BASELINES3_PPO - Use a SB3 PPO agent
@@ -25,15 +25,27 @@ The config_main.yaml file consists of the following attributes:
 * **numEpisodes** [int]
-   This defines the number of episodes that the agent will train over. Each episode consists of a number of steps (with step number defined in the config_[name].yaml file)
+   This defines the number of episodes that the agent will train or be evaluated over. Each episode consists of a number of steps (with step number defined in the config_[name].yaml file)
 * **timeDelay** [int]
-   The time delay (in milliseconds) to take between each step when training a GENERIC agent
+   The time delay (in milliseconds) to take between each step when running a GENERIC agent session
 * **configFilename** [filename]
-   The name of the config_[name].yaml file to use for this training session
+   The name of the config_[name].yaml file to use for this session
 * **sessionType** [text]
   Type of session to be run (TRAINING or EVALUATION)
 * **loadAgent** [bool]
   Determine whether to load an agent from file
 * **agentLoadFile** [text]
   File path and file name of agent if you're loading one in
 * **observationSpaceHighValue** [int]
@@ -69,6 +81,10 @@ The config_main.yaml file consists of the following attributes:
   The score to give when the node should be off, but is resetting
 * **Node Operating State [resetting]** [int]
   The score to give when the node is resetting
 * **Node Operating System or Service State [goodShouldBePatching]** [int]
   The score to give when the state should be patching, but is good
@@ -93,6 +109,10 @@ The config_main.yaml file consists of the following attributes:
   The score to give when the state should be overwhelmed, but is patching
 * **Node Operating System or Service State [patching]** [int]
   The score to give when the state is patching
 * **Node Operating System or Service State [compromisedShouldBeGood]** [int]
   The score to give when the state should be good, but is compromised
@@ -125,6 +145,106 @@ The config_main.yaml file consists of the following attributes:
   The score to give when the state is overwhelmed
 * **Node File System State [goodShouldBeRepairing]** [int]
    The score to give when the state should be repairing, but is good
 * **Node File System State [goodShouldBeRestoring]** [int]
    The score to give when the state should be restoring, but is good
 * **Node File System State [goodShouldBeCorrupt]** [int]
    The score to give when the state should be corrupt, but is good
 * **Node File System State [goodShouldBeDestroyed]** [int]
    The score to give when the state should be destroyed, but is good
 * **Node File System State [repairingShouldBeGood]** [int]
    The score to give when the state should be good, but is repairing
 * **Node File System State [repairingShouldBeRestoring]** [int]
    The score to give when the state should be restoring, but is repairing
 * **Node File System State [repairingShouldBeCorrupt]** [int]
    The score to give when the state should be corrupt, but is repairing
 * **Node File System State [repairingShouldBeDestroyed]** [int]
    The score to give when the state should be destroyed, but is repairing
 * **Node File System State [repairing]** [int]
    The score to give when the state is repairing
 * **Node File System State [restoringShouldBeGood]** [int]
    The score to give when the state should be good, but is restoring
 * **Node File System State [restoringShouldBeRepairing]** [int]
    The score to give when the state should be repairing, but is restoring
 * **Node File System State [restoringShouldBeCorrupt]** [int]
    The score to give when the state should be corrupt, but is restoring
 * **Node File System State [restoringShouldBeDestroyed]** [int]
    The score to give when the state should be destroyed, but is restoring
 * **Node File System State [restoring]** [int]
    The score to give when the state is restoring
 * **Node File System State [corruptShouldBeGood]** [int]
    The score to give when the state should be good, but is corrupt
 * **Node File System State [corruptShouldBeRepairing]** [int]
    The score to give when the state should be repairing, but is corrupt
 * **Node File System State [corruptShouldBeRestoring]** [int]
    The score to give when the state should be restoring, but is corrupt
 * **Node File System State [corruptShouldBeDestroyed]** [int]
    The score to give when the state should be destroyed, but is corrupt
 * **Node File System State [corrupt]** [int]
    The score to give when the state is corrupt
 * **Node File System State [destroyedShouldBeGood]** [int]
    The score to give when the state should be good, but is destroyed
 * **Node File System State [destroyedShouldBeRepairing]** [int]
    The score to give when the state should be repairing, but is destroyed
 * **Node File System State [destroyedShouldBeRestoring]** [int]
    The score to give when the state should be restoring, but is destroyed
 * **Node File System State [destroyedShouldBeCorrupt]** [int]
    The score to give when the state should be corrupt, but is destroyed
 * **Node File System State [destroyed]** [int]
    The score to give when the state is destroyed
 * **Node File System State [scanning]** [int]
    The score to give when the state is scanning
 * **IER Status [redIerRunning]** [int]
   The score to give when a red agent IER is permitted to run
@@ -147,6 +267,18 @@ The config_main.yaml file consists of the following attributes:
   The number of steps to take when patching a service
 * **fileSystemRepairingLimit** [int]: 
   The number of steps to take when repairing the file system
 * **fileSystemRestoringLimit** [int]
   The number of steps to take when restoring the file system
 * **fileSystemScanningLimit** [int]
   The number of steps to take when scanning the file system
 config_[name].yaml:
 *******************
@@ -154,19 +286,19 @@ The config_[name].yaml file consists of the following attributes:
 * **itemType: ACTIONS** [enum]
-   Determines whether a NODE or ACL action space format is adopted for the training session
+   Determines whether a NODE or ACL action space format is adopted for the session
 * **itemType: STEPS** [int]
-   Determines the number of steps to run in each episode of the training session
+   Determines the number of steps to run in each episode of the session
 * **itemType: PORTS** [int]
-   Provides a list of ports modelled in this training session
+   Provides a list of ports modelled in this session
 * **itemType: SERVICES** [freetext]
-   Provides a list of services modelled in this training session
+   Provides a list of services modelled in this session
 * **itemType: NODE**
@@ -180,6 +312,7 @@ The config_[name].yaml file consists of the following attributes:
     * **hardwareState** [enum]: The initial hardware state of the node. Can be one of ON, OFF or RESETTING
     * **ipAddress** [IP address]: The IP address of the component in format xxx.xxx.xxx.xxx
     * **softwareState** [enum]: The intial state of the node operating system. Can be GOOD, PATCHING or COMPROMISED
     * **fileSystemState** [enum]: The initial state of the node file system. Can be GOOD, CORRUPT, DESTROYED, REPAIRING or RESTORING
     * **services**: For each service associated with the node:
        * **name** [freetext]: Free-text name of the service, but must match one of the services defined for the system in the services list
@@ -231,7 +364,7 @@ The config_[name].yaml file consists of the following attributes:
      * **id** [int]: Unique ID for this YAML item
      * **startStep** [int]: The start step (in the episode) for this PoL to begin
      * **endStep** [int]: Not currently used. Default to same as start step
-      * **node** [int]: The ID of the node to apply the PoL to
+      * **nodeId** [int]: The ID of the node to apply the PoL to
      * **type** [enum]: The type of PoL to apply. Can be one of OPERATING, OS or SERVICE
      * **protocol** [freetext]: The protocol to be affected if SERVICE type is chosen. Must match a value in the services list
      * **state** [enuum]: The state to apply to the node (which represents the PoL change). Can be one of ON, OFF or RESETTING (for node state) or GOOD, PATCHING or COMPROMISED (for operating system state) or GOOD, PATCHING, COMPROMISED or OVERWHELMED (for service state)
@@ -243,11 +376,14 @@ The config_[name].yaml file consists of the following attributes:
      * **id** [int]: Unique ID for this YAML item
      * **startStep** [int]: The start step (in the episode) for this PoL to begin
      * **endStep** [int]: Not currently used. Default to same as start step
-      * **node** [int]: The ID of the node to apply the PoL to
+      * **targetNodeId** [int]: The ID of the node to apply the PoL to
      * **initiator** [enum]: What initiates the PoL. Can be DIRECT, IER or SERVICE
      * **type** [enum]: The type of PoL to apply. Can be one of OPERATING, OS or SERVICE
      * **protocol** [freetext]: The protocol to be affected if SERVICE type is chosen. Must match a value in the services list
-      * **state** [enum]: The state to apply to the node (which represents the PoL change). Can be one of ON, OFF or RESETTING (for node state) or GOOD, PATCHING or COMPROMISED (for operating system state) or GOOD, PATCHING, COMPROMISED or OVERWHELMED (for service state)
+      * **state** [enum]: The state to apply to the node (which represents the PoL change). Can be one of ON, OFF or RESETTING (for node state) or GOOD, PATCHING or COMPROMISED (for operating system state) or GOOD, PATCHING, COMPROMISED or OVERWHELMED (for service state) or GOOD, CORRUPT, DESTROYED, REPAIRING or RESTORING (for file system state)
-      * **isEntryNode** [bool]: Defines whether the node affected is an entry node to the system
+      * **sourceNodeId** [int] The ID of the source node containing the service to check (used for SERVICE initiator)
      * **sourceNodeService** [freetext]: The service on the source node to check (used for SERVICE initiator). Must match a value in the services list for this node
      * **sourceNodeServiceState** [enum]: The state of the source node service to check (used for SERVICE initiator). Can be one of GOOD, PATCHING, COMPROMISED or OVERWHELMED
 * **itemType: ACL_RULE**
--- a/PRIMAITE/docs/source/index.rst
+++ b/PRIMAITE/docs/source/index.rst
@@ -12,7 +12,7 @@ What is PrimAITE?
 PrimAITE (Primary-level AI Training Environment) is a simulation environment for training AI under the ARCD programme. It incorporates the functionality required of a Primary-level environment, as specified in the Dstl ARCD Training Environment Matrix document:
 * The ability to model a relevant platform / system context; 
-* The ability to model key characteristics of a platform / system by representing connections, IP addresses, ports, traffic loading, operating systems, services and processes; 
+* The ability to model key characteristics of a platform / system by representing connections, IP addresses, ports, traffic loading, operating systems, file system, services and processes; 
 * Operates at machine-speed to enable fast training cycles. 
 PrimAITE aims to evolve into an ARCD environment that could be used as the follow-on from Reception level approaches (e.g. YAWNING TITAN), and help bridge the Sim-to-Real gap into Secondary level environments (e.g. IMAGINARY YAK).
@@ -38,5 +38,5 @@ The best place to start is :ref:`about`
   about
   dependencies
   config
-   training
+   session
   results
--- a/PRIMAITE/docs/source/results.rst
+++ b/PRIMAITE/docs/source/results.rst
@@ -16,9 +16,9 @@ Logging can be found in the *[Install Directory]\\PRIMAITE\\PRIMAITE\\logs* dire
 **Outputs - Results**
-PrimAITE automatically creates two sets of results from each training session, and stores them in the *Results* folder:
+PrimAITE automatically creates two sets of results from each session, and stores them in the *Results* folder:
-* Average reward per episode - a csv file listing the average reward for each episode of the training session. This provides an indication of the change, over a training session, of the reward value
+* Average reward per episode - a csv file listing the average reward for each episode of the session. This provides, for example, an indication of the change over a training session of the reward value
 * All transactions - a csv file listing the following values for every step of every episode:
 	* Timestamp
@@ -31,11 +31,11 @@ PrimAITE automatically creates two sets of results from each training session, a
 **Outputs - Diagrams**
-For each training run, PrimAITE automatically creates a visual of the system / network laydown configuration, and stores it in the *Diagrams* folder.
+For each session, PrimAITE automatically creates a visualisation of the system / network laydown configuration, and stores it in the *Diagrams* folder.
 **Outputs - Saved agents**
-For each training run, assuming the agent being trained implements the *save()* function and this function is called by the code, PrimAITE automatically saves the agent state and stores it in the *agents* folder.
+For each training session, assuming the agent being trained implements the *save()* function and this function is called by the code, PrimAITE automatically saves the agent state and stores it in the *agents* folder.
 **Logging**
--- a/PRIMAITE/docs/source/training.rst
+++ b/PRIMAITE/docs/source/training.rst
@@ -1,11 +1,11 @@
-.. _training:
+.. _session:
-Running a PrimAITE Training Session
+Running a PrimAITE Training or Evaluation Session
-===================================
+=================================================
-A PrimAITE training session will usually be associated with a "Training Use Case Profile". This document will present:
+The application will determine whether a Training or Evaluation session is being executed via the 'sessionType' value in the config_mail.yaml file. A PrimAITE session will usually be associated with a "Use Case Profile"; this document will present:
-* The Use Case name, default number of steps in a training episode and default number of episodes in a training session. The number of steps and episodes can be modified in the configuration files
+* The Use Case name, default number of steps in an episode and default number of episodes in a session. The number of steps and episodes can be modified in the configuration files
 * The system laydown being modelled
 * The objectives of the session (steady-state), the red agent and the blue agent (in a defensive role)
 * The green agent pattern-of-life profile
@@ -40,7 +40,7 @@ Where:
 * *MyAgent* is the user created agent
 * *environment* is the PrimAITE environment
 * *max_steps* is the number of steps in an episode, as defined in the config_[name].yaml file
-* *num_episodes* is the number of episodes in the training session, as defined in the config_main.yaml file
+* *num_episodes* is the number of episodes in the session, as defined in the config_main.yaml file
 * the *.learn()* function should be defined in the user created agent
 * the *env.close()* function is defined within PrimAITE
 * the *save_agent()* assumes that a *save()* function has been defined in the user created agent. If not, this line can be ommitted (although it is encouraged, since it will allow the agent to be saved and ported)
@@ -76,13 +76,13 @@ environment is reset between episodes. Note that the example below should not be
        if done == True:
            break
-**Running the training session**
+**Running the session**
-In order to execute a training session, carry out the following steps:
+In order to execute a session, carry out the following steps:
 1. Navigate to "[Install directory]\\PRIMAITE\\PRIMAITE\\” 
 2. Start a console window (type “CMD” in path window, or start a console window first and navigate to “[Install Directory]\\PRIMAITE\\PRIMAITE\\”) 
 3. Type “python main.py” 
-4. Training will start with an output indicating the current episode, and average reward value for the episode 
+4. The session will start with an output indicating the current episode, and average reward value for the episode 
--- a/PRIMAITE/environment/primaite.py
+++ b/PRIMAITE/environment/primaite.py
@@ -18,7 +18,8 @@ from datetime import datetime
 from common.enums import *
 from links.link import Link
 from pol.ier import IER
-from nodes.node_state_instruction import NodeStateInstruction
+from nodes.node_state_instruction_green import NodeStateInstructionGreen
 from nodes.node_state_instruction_red import NodeStateInstructionRed
 from pol.green_pol import apply_iers, apply_node_pol
 from pol.red_agent_pol import apply_red_agent_iers, apply_red_agent_node_pol
 from nodes.active_node import ActiveNode
@@ -35,8 +36,8 @@ class PRIMAITE(Env):
    """
    # Observation / Action Space contants
-    OBSERVATION_SPACE_FIXED_PARAMETERS = 3
+    OBSERVATION_SPACE_FIXED_PARAMETERS = 4
-    ACTION_SPACE_NODE_PROPERTY_VALUES = 4
+    ACTION_SPACE_NODE_PROPERTY_VALUES = 5
    ACTION_SPACE_NODE_ACTION_VALUES = 4
    ACTION_SPACE_ACL_ACTION_VALUES = 3
    ACTION_SPACE_ACL_PERMISSION_VALUES = 2
@@ -184,6 +185,7 @@ class PRIMAITE(Env):
        # - node ID                  |      link ID
        # - operating state          |      N/A
        # - operating system state   |      N/A
        # - file system state        |      N/A
        # - service A state          |      service A loading
        # - service B state          |      service B loading
        # - service C state          |      service C loading
@@ -194,7 +196,7 @@ class PRIMAITE(Env):
        # Calculate the number of items that need to be included in the observation space
        num_items = self.num_links + self.num_nodes
-        # Set the number of observation parameters, being # of services plus id, operating sytem system and O/S state (i.e. 3)
+        # Set the number of observation parameters, being # of services plus id, operating state, file system state and O/S state (i.e. 4)
        self.num_observation_parameters = self.num_services + self.OBSERVATION_SPACE_FIXED_PARAMETERS
        # Define the observation shape
        self.observation_shape = (num_items, self.num_observation_parameters)
@@ -211,8 +213,8 @@ class PRIMAITE(Env):
            logging.info("Action space type NODE selected")
            # Terms (for node action space):
            # [0, num nodes] - node ID (0 = nothing, node ID)
-            # [0, 3] - what property it's acting on (0 = nothing, state, o/s state, service state)
+            # [0, 4] - what property it's acting on (0 = nothing, state, o/s state, service state, file system state)
-            # [0, 3] - action on property (0 = nothing, On, Off, Reset / Patch)
+            # [0, 3] - action on property (0 = nothing, On / Scan, Off / Repair, Reset / Patch / Restore)
            # [0, num services] - resolves to service ID (0 = nothing, resolves to service)
            self.action_space = spaces.MultiDiscrete([self.num_nodes, self.ACTION_SPACE_NODE_PROPERTY_VALUES, self.ACTION_SPACE_NODE_ACTION_VALUES, self.num_services])
        else:
@@ -225,7 +227,7 @@ class PRIMAITE(Env):
            # [0, num services] - Protocol (0 = any, then 1 -> x resolving to protocol)
            # [0, num ports] - Port (0 = any, then 1 -> x resolving to port)
            self.action_space = spaces.MultiDiscrete([self.ACTION_SPACE_ACL_ACTION_VALUES, self.ACTION_SPACE_ACL_PERMISSION_VALUES, self.num_nodes + 1, self.num_nodes + 1, self.num_services + 1, self.num_ports + 1])
-
+            
        # Set up a csv to store the results of the training
        try:
            now = datetime.now() # current date and time
@@ -314,13 +316,13 @@ class PRIMAITE(Env):
        self.apply_time_based_updates()
        # 2. Apply PoL
-        apply_node_pol(self.nodes, self.node_pol, self.step_count)                                  # Node PoL
+        apply_node_pol(self.nodes, self.node_pol, self.step_count)                                          # Node PoL
-        apply_iers(self.network, self.nodes, self.links, self.green_iers, self.acl, self.step_count)     # Network PoL  
+        apply_iers(self.network, self.nodes, self.links, self.green_iers, self.acl, self.step_count)        # Network PoL  
        # Take snapshots of nodes and links
        self.nodes_post_pol = copy.deepcopy(self.nodes)
        self.links_post_pol = copy.deepcopy(self.links) 
        # Reference
-        apply_node_pol(self.nodes_reference, self.node_pol, self.step_count)                                                       # Node PoL
+        apply_node_pol(self.nodes_reference, self.node_pol, self.step_count)                                                            # Node PoL
        apply_iers(self.network_reference, self.nodes_reference, self.links_reference, self.green_iers, self.acl, self.step_count)      # Network PoL  
        # 3. Implement Red Action      
@@ -349,6 +351,9 @@ class PRIMAITE(Env):
        self.total_reward += reward
        if self.step_count == self.episode_steps:
            self.average_reward = self.total_reward / self.step_count
            if self.config_values.session_type == "EVALUATION":
                # For evaluation, need to trigger the done value = True when step count is reached in order to prevent neverending episode
                done = True
            print("Average reward: " + str(self.average_reward)) 
        # Load the reward into the transaction
        transaction.set_reward(reward)
@@ -471,6 +476,26 @@ class PRIMAITE(Env):
            else:
                # Node is not of Service Type
                return
        elif node_property == 4:
            # This is an action on a node file system state
            if isinstance(node, ActiveNode):
                if property_action == 0:
                    # Do nothing
                    return
                elif property_action == 1:
                    # Scan
                    node.start_file_system_scan()
                elif property_action == 2:
                    # Repair
                    # You cannot repair a destroyed file system - it needs restoring
                    if node.get_file_system_state_actual() != FILE_SYSTEM_STATE.DESTROYED:
                        node.set_file_system_state(FILE_SYSTEM_STATE.REPAIRING)
                elif property_action == 3:
                    # Restore
                    node.set_file_system_state(FILE_SYSTEM_STATE.RESTORING)
            else:
                # Node is not of Active Type
                return
        else:
            return
@@ -549,6 +574,7 @@ class PRIMAITE(Env):
            else:
                pass
            if isinstance(node, ActiveNode) or isinstance(node, ServiceNode):
                node.update_file_system_state()
                if node.get_os_state() == SOFTWARE_STATE.PATCHING:
                    node.update_os_patching_status()
                else:
@@ -566,6 +592,7 @@ class PRIMAITE(Env):
            else:
                pass
            if isinstance(node, ActiveNode) or isinstance(node, ServiceNode):
                node.update_file_system_state()
                if node.get_os_state() == SOFTWARE_STATE.PATCHING:
                    node.update_os_patching_status()
                else:
@@ -590,9 +617,11 @@ class PRIMAITE(Env):
            self.env_obs[item_index][1] = node.get_state().value
            if isinstance(node, ActiveNode) or isinstance(node, ServiceNode):
                self.env_obs[item_index][2] = node.get_os_state().value
                self.env_obs[item_index][3] = node.get_file_system_state_observed().value
            else:
                self.env_obs[item_index][2] = 0
-            service_index = 3
+                self.env_obs[item_index][3] = 0                
            service_index = 4
            if isinstance(node, ServiceNode):              
                for service in self.services_list:
                    if node.has_service(service):
@@ -612,10 +641,11 @@ class PRIMAITE(Env):
            self.env_obs[item_index][0] = int(link.get_id())
            self.env_obs[item_index][1] = 0
            self.env_obs[item_index][2] = 0
            self.env_obs[item_index][3] = 0
            protocol_list = link.get_protocol_list()
            protocol_index = 0
            for protocol in protocol_list:
-                self.env_obs[item_index][protocol_index + 3] = protocol.get_load()
+                self.env_obs[item_index][protocol_index + 4] = protocol.get_load()
                protocol_index += 1
            item_index += 1
@@ -684,15 +714,17 @@ class PRIMAITE(Env):
        if node_base_type == "PASSIVE":
            node = PassiveNode(node_id, node_name, node_type, node_priority, node_hardware_state, self.config_values)
        elif node_base_type == "ACTIVE":
-            # Active nodes have IP address and operating system state
+            # Active nodes have IP address, operating system state and file system state
            node_ip_address = item["ipAddress"]
            node_software_state = SOFTWARE_STATE[item["softwareState"]]
-            node = ActiveNode(node_id, node_name, node_type, node_priority, node_hardware_state, node_ip_address, node_software_state, self.config_values)
+            node_file_system_state = FILE_SYSTEM_STATE[item["fileSystemState"]]
            node = ActiveNode(node_id, node_name, node_type, node_priority, node_hardware_state, node_ip_address, node_software_state, node_file_system_state, self.config_values)
        elif node_base_type == "SERVICE":
-            # Service nodes have IP address, operating system state and list of services
+            # Service nodes have IP address, operating system state, file system state and list of services
            node_ip_address = item["ipAddress"]
            node_software_state = SOFTWARE_STATE[item["softwareState"]]
-            node = ServiceNode(node_id, node_name, node_type, node_priority, node_hardware_state, node_ip_address, node_software_state, self.config_values)
+            node_file_system_state = FILE_SYSTEM_STATE[item["fileSystemState"]]
            node = ServiceNode(node_id, node_name, node_type, node_priority, node_hardware_state, node_ip_address, node_software_state, node_file_system_state, self.config_values)
            node_services = item["services"]
            for service in node_services:
                service_protocol = service["name"]
@@ -804,17 +836,21 @@ class PRIMAITE(Env):
        pol_id = item["id"]
        pol_start_step = item["startStep"]
        pol_end_step = item["endStep"]
-        pol_node = item["node"]
+        pol_node = item["nodeId"]
-        pol_type = NODE_POL_TYPE[item["type"]]
+        pol_type = NODE_POL_TYPE[item["type"]]  
        pol_protocol = item["protocol"]
-        # State depends on whether this is Operating, O/S or Service PoL type
+        # State depends on whether this is Operating, O/S, file system or Service PoL type
        if pol_type == NODE_POL_TYPE.OPERATING:
            pol_state = HARDWARE_STATE[item["state"]]
            pol_protocol = ""
        elif pol_type == NODE_POL_TYPE.FILE:
            pol_state = FILE_SYSTEM_STATE[item["state"]]
            pol_protocol = ""
        else:
            pol_protocol = item["protocol"]
            pol_state = SOFTWARE_STATE[item["state"]]
-        self.node_pol[pol_id] = NodeStateInstruction(pol_id, pol_start_step, pol_end_step, pol_node, pol_type, pol_protocol, pol_state)
+        self.node_pol[pol_id] = NodeStateInstructionGreen(pol_id, pol_start_step, pol_end_step, pol_node, pol_type, pol_protocol, pol_state)
    def create_red_pol(self, item):
        """
@@ -827,19 +863,24 @@ class PRIMAITE(Env):
        pol_id = item["id"]
        pol_start_step = item["startStep"]
        pol_end_step = item["endStep"]
-        pol_node = item["node"]
+        pol_target_node_id = item["targetNodeId"]
        pol_initiator = NODE_POL_INITIATOR[item["initiator"]]
        pol_type = NODE_POL_TYPE[item["type"]]
        pol_protocol = item["protocol"]
-        # State depends on whether this is Operating, O/S or Service PoL type
+        # State depends on whether this is Operating, O/S, file system or Service PoL type
        if pol_type == NODE_POL_TYPE.OPERATING:
            pol_state = HARDWARE_STATE[item["state"]]
        elif pol_type == NODE_POL_TYPE.FILE:
            pol_state = FILE_SYSTEM_STATE[item["state"]]
        else:
            pol_state = SOFTWARE_STATE[item["state"]]
-        pol_is_entry_node = item["isEntryNode"]
+        pol_source_node_id = item["sourceNodeId"]
        pol_source_node_service = item["sourceNodeService"]
        pol_source_node_service_state = item["sourceNodeServiceState"]
-        self.red_node_pol[pol_id] = NodeStateInstruction(pol_id, pol_start_step, pol_end_step, pol_node, pol_type, pol_protocol, pol_state, pol_is_entry_node)
+        self.red_node_pol[pol_id] = NodeStateInstructionRed(pol_id, pol_start_step, pol_end_step, pol_target_node_id, pol_initiator, pol_type, pol_protocol, pol_state, pol_source_node_id, pol_source_node_service, pol_source_node_service_state)
    def create_acl_rule(self, item):
        """
@@ -961,13 +1002,19 @@ class PRIMAITE(Env):
        if node_base_type == "ACTIVE":
            # Active nodes have operating system state
            node_software_state = SOFTWARE_STATE[item["softwareState"]]
            node_file_system_state = FILE_SYSTEM_STATE[item["fileSystemState"]]
            node.set_os_state(node_software_state)
            node_ref.set_os_state(node_software_state)
            node.set_file_system_state(node_file_system_state)
            node_ref.set_file_system_state(node_file_system_state)
        elif node_base_type == "SERVICE":
            # Service nodes have operating system state and list of services
            node_software_state = SOFTWARE_STATE[item["softwareState"]]
            node_file_system_state = FILE_SYSTEM_STATE[item["fileSystemState"]]
            node.set_os_state(node_software_state)
            node_ref.set_os_state(node_software_state)
            node.set_file_system_state(node_file_system_state)
            node_ref.set_file_system_state(node_file_system_state)
            # Update service states
            node_services = item["services"]
            for service in node_services:
--- a/PRIMAITE/environment/reward.py
+++ b/PRIMAITE/environment/reward.py
@@ -18,6 +18,7 @@ def calculate_reward_function(initial_nodes, final_nodes, reference_nodes, green
        green_iers: The green IERs (should be running)
        red_iers: Should be stopeed (ideally) by the blue agent
        step_count: current step
        config_values: Config values
    """
    reward_value = 0
@@ -37,6 +38,10 @@ def calculate_reward_function(initial_nodes, final_nodes, reference_nodes, green
        # Service State
        if (isinstance(final_node, ServiceNode)):
            reward_value += score_node_service_state(final_node, initial_node, reference_node, config_values)
        # File System State
        if isinstance(final_node, ActiveNode):
            reward_value += score_node_file_system(final_node, initial_node, reference_node, config_values)
    # Go through each red IER - penalise if it is running
    for ier_key, ier_value in red_iers.items():
@@ -65,6 +70,7 @@ def score_node_operating_state(final_node, initial_node, reference_node, config_
        final_node: The node after red and blue agents take effect
        initial_node: The node before red and blue agents take effect
        reference_node: The node if there had been no red or blue effect
        config_values: Config values
    """
    score = 0    
@@ -97,6 +103,8 @@ def score_node_operating_state(final_node, initial_node, reference_node, config_
                score += config_values.on_should_be_resetting
            elif final_node_operating_state == HARDWARE_STATE.OFF:
                score += config_values.off_should_be_resetting
            elif final_node_operating_state == HARDWARE_STATE.RESETTING:
                score += config_values.resetting
            else:
                pass
        else:
@@ -112,6 +120,7 @@ def score_node_os_state(final_node, initial_node, reference_node, config_values)
        final_node: The node after red and blue agents take effect
        initial_node: The node before red and blue agents take effect
        reference_node: The node if there had been no red or blue effect
        config_values: Config values
    """
    score = 0    
@@ -137,6 +146,8 @@ def score_node_os_state(final_node, initial_node, reference_node, config_values)
                score += config_values.good_should_be_patching
            elif final_node_os_state == SOFTWARE_STATE.COMPROMISED:
                score += config_values.compromised_should_be_patching  
            elif final_node_os_state == SOFTWARE_STATE.PATCHING:
                score += config_values.patching 
            else:
                pass              
        elif initial_node_os_state == SOFTWARE_STATE.COMPROMISED:
@@ -161,6 +172,7 @@ def score_node_service_state(final_node, initial_node, reference_node, config_va
        final_node: The node after red and blue agents take effect
        initial_node: The node before red and blue agents take effect
        reference_node: The node if there had been no red or blue effect
        config_values: Config values
    """
    score = 0    
@@ -194,6 +206,8 @@ def score_node_service_state(final_node, initial_node, reference_node, config_va
                    score += config_values.compromised_should_be_patching    
                elif final_service.get_state() == SOFTWARE_STATE.OVERWHELMED:
                    score += config_values.overwhelmed_should_be_patching 
                elif final_service.get_state() == SOFTWARE_STATE.PATCHING:
                    score += config_values.patching 
                else:
                    pass
            elif initial_service.get_state() == SOFTWARE_STATE.COMPROMISED:
@@ -221,4 +235,106 @@ def score_node_service_state(final_node, initial_node, reference_node, config_va
            else:
                pass
    return score
 def score_node_file_system(final_node, initial_node, reference_node, config_values):
    """
    Calculates score relating to the file system state of a node
    Args:
        final_node: The node after red and blue agents take effect
        initial_node: The node before red and blue agents take effect
        reference_node: The node if there had been no red or blue effect
    """
    score = 0    
    final_node_file_system_state = final_node.get_file_system_state_actual()
    initial_node_file_system_state = initial_node.get_file_system_state_actual()
    reference_node_file_system_state = reference_node.get_file_system_state_actual()
    final_node_scanning_state = final_node.is_scanning_file_system()
    reference_node_scanning_state = reference_node.is_scanning_file_system()
    # File System State
    if final_node_file_system_state == reference_node_file_system_state:
        # All is well - we're no different from the reference situation
        score += config_values.all_ok
    else:  
        # We're different from the reference situation
        # Need to compare initial and final state of node (i.e. after red and blue actions)
        if initial_node_file_system_state == FILE_SYSTEM_STATE.GOOD:
            if final_node_file_system_state == FILE_SYSTEM_STATE.REPAIRING:
                score += config_values.repairing_should_be_good
            elif final_node_file_system_state == FILE_SYSTEM_STATE.RESTORING:
                score += config_values.restoring_should_be_good
            elif final_node_file_system_state == FILE_SYSTEM_STATE.CORRUPT:
                score += config_values.corrupt_should_be_good
            elif final_node_file_system_state == FILE_SYSTEM_STATE.DESTROYED:
                score += config_values.destroyed_should_be_good
            else:
                pass
        elif initial_node_file_system_state == FILE_SYSTEM_STATE.REPAIRING:
            if final_node_file_system_state == FILE_SYSTEM_STATE.GOOD:
                score += config_values.good_should_be_repairing
            elif final_node_file_system_state == FILE_SYSTEM_STATE.RESTORING:
                score += config_values.restoring_should_be_repairing  
            elif final_node_file_system_state == FILE_SYSTEM_STATE.CORRUPT:
                score += config_values.corrupt_should_be_repairing  
            elif final_node_file_system_state == FILE_SYSTEM_STATE.DESTROYED:
                score += config_values.destroyed_should_be_repairing 
            elif final_node_file_system_state == FILE_SYSTEM_STATE.REPAIRING:
                score += config_values.repairing
            else:
                pass              
        elif initial_node_file_system_state == FILE_SYSTEM_STATE.RESTORING:
            if final_node_file_system_state == FILE_SYSTEM_STATE.GOOD:
                score += config_values.good_should_be_restoring
            elif final_node_file_system_state == FILE_SYSTEM_STATE.REPAIRING:
                score += config_values.repairing_should_be_restoring
            elif final_node_file_system_state == FILE_SYSTEM_STATE.CORRUPT:
                score += config_values.corrupt_should_be_restoring
            elif final_node_file_system_state == FILE_SYSTEM_STATE.DESTROYED:
                score += config_values.destroyed_should_be_restoring  
            elif final_node_file_system_state == FILE_SYSTEM_STATE.RESTORING:
                score += config_values.restoring  
            else:
                pass
        elif initial_node_file_system_state == FILE_SYSTEM_STATE.CORRUPT:
            if final_node_file_system_state == FILE_SYSTEM_STATE.GOOD:
                score += config_values.good_should_be_corrupt
            elif final_node_file_system_state == FILE_SYSTEM_STATE.REPAIRING:
                score += config_values.repairing_should_be_corrupt
            elif final_node_file_system_state == FILE_SYSTEM_STATE.RESTORING:
                score += config_values.restoring_should_be_corrupt
            elif final_node_file_system_state == FILE_SYSTEM_STATE.DESTROYED:
                score += config_values.destroyed_should_be_corrupt  
            elif final_node_file_system_state == FILE_SYSTEM_STATE.CORRUPT:
                score += config_values.corrupt  
            else:
                pass
        elif initial_node_file_system_state == FILE_SYSTEM_STATE.DESTROYED:
            if final_node_file_system_state == FILE_SYSTEM_STATE.GOOD:
                score += config_values.good_should_be_destroyed
            elif final_node_file_system_state == FILE_SYSTEM_STATE.REPAIRING:
                score += config_values.repairing_should_be_destroyed
            elif final_node_file_system_state == FILE_SYSTEM_STATE.RESTORING:
                score += config_values.restoring_should_be_destroyed
            elif final_node_file_system_state == FILE_SYSTEM_STATE.CORRUPT:
                score += config_values.corrupt_should_be_destroyed  
            elif final_node_file_system_state == FILE_SYSTEM_STATE.DESTROYED:
                score += config_values.destroyed  
            else:
                pass
        else:
            pass
    # Scanning State
    if final_node_scanning_state == reference_node_scanning_state:
        # All is well - we're no different from the reference situation
        score += config_values.all_ok
    else: 
        # We're different from the reference situation
        # We're scanning the file system which incurs a penalty (as it slows down systems)
        score += config_values.scanning
    return score
--- a/PRIMAITE/nodes/active_node.py
+++ b/PRIMAITE/nodes/active_node.py
@@ -11,7 +11,7 @@ class ActiveNode(Node):
    Active Node class
    """
-    def __init__(self, _id, _name, _type, _priority, _state, _ip_address, _os_state, _config_values):
+    def __init__(self, _id, _name, _type, _priority, _state, _ip_address, _os_state, _file_system_state, _config_values):
        """
        Init
@@ -23,12 +23,22 @@ class ActiveNode(Node):
            _state: The node state (enum)
            _ip_address: The node IP address
            _os_state: The node Operating System state
            _file_system_state: The node file system state
            _config_values: The config values
        """
        super().__init__(_id, _name, _type, _priority, _state, _config_values)
        self.ip_address = _ip_address
        # Related to O/S
        self.os_state = _os_state
        self.patching_count = 0
        # Related to File System
        self.file_system_state_actual = _file_system_state
        self.file_system_state_observed = _file_system_state
        self.file_system_scanning = False
        self.file_system_scanning_count = 0
        self.file_system_action_count = 0
    def set_ip_address(self, _ip_address):
        """
@@ -93,3 +103,103 @@ class ActiveNode(Node):
        if self.patching_count <= 0:
            self.patching_count = 0
            self.os_state = SOFTWARE_STATE.GOOD
    def set_file_system_state(self, _file_system_state):
        """
        Sets the file system state (actual and observed)
        Args:
            _file_system_state: File system state
        """
        self.file_system_state_actual = _file_system_state
        if _file_system_state == FILE_SYSTEM_STATE.REPAIRING:
            self.file_system_action_count = self.config_values.file_system_repairing_limit
            self.file_system_state_observed = FILE_SYSTEM_STATE.REPAIRING
        elif _file_system_state == FILE_SYSTEM_STATE.RESTORING:
            self.file_system_action_count = self.config_values.file_system_restoring_limit
            self.file_system_state_observed = FILE_SYSTEM_STATE.RESTORING
        elif _file_system_state == FILE_SYSTEM_STATE.GOOD:
            self.file_system_state_observed = FILE_SYSTEM_STATE.GOOD
    def set_file_system_state_if_not_compromised(self, _file_system_state):
        """
        Sets the file system state (actual and observed) if not in a compromised state
        Use for green PoL to prevent it overturning a compromised state
        Args:
            _file_system_state: File system state
        """
        if self.file_system_state_actual != FILE_SYSTEM_STATE.CORRUPT and self.file_system_state_actual != FILE_SYSTEM_STATE.DESTROYED:
            self.file_system_state_actual = _file_system_state
            if _file_system_state == FILE_SYSTEM_STATE.REPAIRING:
                self.file_system_action_count = self.config_values.file_system_repairing_limit
                self.file_system_state_observed = FILE_SYSTEM_STATE.REPAIRING
            elif _file_system_state == FILE_SYSTEM_STATE.RESTORING:
                self.file_system_action_count = self.config_values.file_system_restoring_limit
                self.file_system_state_observed = FILE_SYSTEM_STATE.RESTORING
            elif _file_system_state == FILE_SYSTEM_STATE.GOOD:
                self.file_system_state_observed = FILE_SYSTEM_STATE.GOOD
    def get_file_system_state_actual(self):
        """
        Gets file system state (actual)
        Returns:
             File system state (actual)
        """
        return self.file_system_state_actual
    def get_file_system_state_observed(self):
        """
        Gets file system state (observed)
        Returns:
             File system state (observed)
        """
        return self.file_system_state_observed
    def start_file_system_scan(self):
        """
        Starts a file system scan
        """
        self.file_system_scanning = True
        self.file_system_scanning_count = self.config_values.file_system_scanning_limit
    def is_scanning_file_system(self):
        """
        Gets true/false on whether file system is being scanned
        Returns:
             True if file system is being scanned
        """
        return self.file_system_scanning
    def update_file_system_state(self):
        """
        Updates file system status based on scanning / restore / repair cycle
        """
        # Deprecate both the action count (for restoring or reparing) and the scanning count
        self.file_system_action_count -= 1
        self.file_system_scanning_count -= 1
        # Reparing / Restoring updates
        if self.file_system_action_count <= 0:
            self.file_system_action_count = 0
            if self.file_system_state_actual == FILE_SYSTEM_STATE.REPAIRING or self.file_system_state_actual == FILE_SYSTEM_STATE.RESTORING:
                self.file_system_state_actual = FILE_SYSTEM_STATE.GOOD
                self.file_system_state_observed = FILE_SYSTEM_STATE.GOOD
        # Scanning updates
        if self.file_system_scanning == True and self.file_system_scanning_count < 0:
            self.file_system_state_observed = self.file_system_state_actual
            self.file_system_scanning = False
            self.file_system_scanning_count = 0
--- a/PRIMAITE/nodes/node_state_instruction_green.py
+++ b/PRIMAITE/nodes/node_state_instruction_green.py
@@ -1,14 +1,14 @@
 # Crown Copyright (C) Dstl 2022. DEFCON 703. Shared in confidence.
 """
-Defines node behaviour for PoL
+Defines node behaviour for Green PoL
 """
-class NodeStateInstruction(object):
+class NodeStateInstructionGreen(object):
    """
    The Node State Instruction class
    """
-    def __init__(self, _id, _start_step, _end_step, _node_id, _node_pol_type, _service_name, _state, _is_entry_node=False):
+    def __init__(self, _id, _start_step, _end_step, _node_id, _node_pol_type, _service_name, _state):
        """
        Init
@@ -20,7 +20,6 @@ class NodeStateInstruction(object):
            _node_pol_type: The pattern of life type
            _service_name: The service name
            _state: The state (node or service)
            _is_entry_node: Indicator for entry node (default = False)
        """
        self.id = _id
@@ -30,7 +29,6 @@ class NodeStateInstruction(object):
        self.node_pol_type = _node_pol_type
        self.service_name = _service_name # Not used when not a service instruction
        self.state = _state     
        self.is_entry_node = _is_entry_node
    def get_start_step(self):
        """
@@ -91,14 +89,4 @@ class NodeStateInstruction(object):
        """
        return self.state
    def get_is_entry_node(self):
        """
        Informs of entry node
        Returns:
             True if entry node
        """
        return self.is_entry_node
--- a/PRIMAITE/nodes/node_state_instruction_red.py
+++ b/PRIMAITE/nodes/node_state_instruction_red.py
@@ -0,0 +1,140 @@
 # Crown Copyright (C) Dstl 2022. DEFCON 703. Shared in confidence.
 """
 Defines node behaviour for Green PoL
 """
 class NodeStateInstructionRed(object):
    """
    The Node State Instruction class
    """
    def __init__(self, _id, _start_step, _end_step, _target_node_id, _pol_initiator, _pol_type, pol_protocol, _pol_state, _pol_source_node_id, _pol_source_node_service, _pol_source_node_service_state):
        """
        Init
        Args:
            _id: The node state instruction id
            _start_step: The start step of the instruction
            _end_step: The end step of the instruction
            _target_node_id: The id of the associated node
            -pol_initiator: The way the PoL is applied (DIRECT, IER or SERVICE)
            _pol_type: The pattern of life type
            -pol_protocol: The pattern of life protocol/service affected
            _pol_state: The state (node or service)
            _pol_source_node_id: The source node Id (used for initiator type SERVICE)
            _pol_source_node_service: The source node service (used for initiator type SERVICE)
            _pol_source_node_service_state: The source node service state (used for initiator type SERVICE)
        """
        self.id = _id
        self.start_step = _start_step
        self.end_step = _end_step
        self.target_node_id = _target_node_id
        self.initiator = _pol_initiator
        self.pol_type = _pol_type
        self.service_name = pol_protocol # Not used when not a service instruction
        self.state = _pol_state
        self.source_node_id = _pol_source_node_id
        self.source_node_service = _pol_source_node_service
        self.source_node_service_state = _pol_source_node_service_state
    def get_start_step(self):
        """
        Gets the start step
        Returns:
             The start step
        """
        return self.start_step
    def get_end_step(self):
        """
        Gets the end step
        Returns:
             The end step
        """
        return self.end_step
    def get_target_node_id(self):
        """
        Gets the node ID
        Returns:
             The node ID
        """
        return self.target_node_id
    def get_initiator(self):
        """
        Gets the initiator
        Returns:
             The initiator
        """
        return self.initiator
    def get_pol_type(self):
        """
        Gets the node pattern of life type (enum)
        Returns:
             The node pattern of life type (enum)
        """
        return self.pol_type
    def get_service_name(self):
        """
        Gets the service name
        Returns:
             The service name
        """
        return self.service_name
    def get_state(self):
        """
        Gets the state (node or service)
        Returns:
             The state (node or service)
        """
        return self.state
    def get_source_node_id(self):
        """
        Gets the source node id (used for initiator type SERVICE)
        Returns:
             The source node id
        """
        return self.source_node_id
    def get_source_node_service(self):
        """
        Gets the source node service (used for initiator type SERVICE)
        Returns:
             The source node service
        """
        return self.source_node_service
    def get_source_node_service_state(self):
        """
        Gets the source node service state (used for initiator type SERVICE)
        Returns:
             The source node service state
        """
        return self.source_node_service_state
--- a/PRIMAITE/nodes/service_node.py
+++ b/PRIMAITE/nodes/service_node.py
@@ -11,7 +11,7 @@ class ServiceNode(ActiveNode):
    ServiceNode class
    """
-    def __init__(self, _id, _name, _type, _priority, _state, _ip_address, _os_state, _config_values):
+    def __init__(self, _id, _name, _type, _priority, _state, _ip_address, _os_state, _file_system_state, _config_values):
        """
        Init
@@ -23,9 +23,10 @@ class ServiceNode(ActiveNode):
            _state: The state of the node
            _ipAddress: The IP address of the node
            _osState: The operating system state of the node
            _file_system_state: The file system state of the node
        """
-        super().__init__(_id, _name, _type, _priority, _state, _ip_address, _os_state, _config_values)
+        super().__init__(_id, _name, _type, _priority, _state, _ip_address, _os_state, _file_system_state, _config_values)
        self.services = {}
    def add_service(self, _service):
--- a/PRIMAITE/pol/green_pol.py
+++ b/PRIMAITE/pol/green_pol.py
@@ -216,11 +216,15 @@ def apply_node_pol(nodes, node_pol, step):
                # Don't allow PoL to fix something that is compromised. Only the Blue agent can do this
                if isinstance(node, ActiveNode) or isinstance(node, ServiceNode):
                    node.set_os_state_if_not_compromised(state)
-            else:
+            elif node_pol_type == NODE_POL_TYPE.SERVICE:
                # Change a service state
                # Don't allow PoL to fix something that is compromised. Only the Blue agent can do this
                if isinstance(node, ServiceNode):
                    node.set_service_state_if_not_compromised(service_name, state)
            else:
                # Change the file system status
                if isinstance(node, ActiveNode) or isinstance(node, ServiceNode):
                    node.set_file_system_state_if_not_compromised(state)
        else:
            # PoL is not valid in this time step
            pass
--- a/PRIMAITE/pol/red_agent_pol.py
+++ b/PRIMAITE/pol/red_agent_pol.py
@@ -130,8 +130,7 @@ def apply_red_agent_iers(network, nodes, links, iers, acl, step):
                for node in path_node_list:
                    if node.get_state() != HARDWARE_STATE.ON:
                        path_valid = False
-
+              
                if path_valid:
                    if _VERBOSE:
                        print("Applying IER to link(s)")
@@ -203,35 +202,65 @@ def apply_red_agent_node_pol(nodes, iers, node_pol, step):
    for key, node_instruction in node_pol.items():
        start_step = node_instruction.get_start_step()
        stop_step = node_instruction.get_end_step()
-        node_id = node_instruction.get_node_id()
+        target_node_id = node_instruction.get_target_node_id()
-        node_pol_type = node_instruction.get_node_pol_type()
+        initiator = node_instruction.get_initiator()
        pol_type = node_instruction.get_pol_type()
        service_name = node_instruction.get_service_name()
        state = node_instruction.get_state()
-        is_entry_node = node_instruction.get_is_entry_node()
+        source_node_id = node_instruction.get_source_node_id()
        source_node_service_name = node_instruction.get_source_node_service()
        source_node_service_state_value = node_instruction.get_source_node_service_state()
        passed_checks = False
        if step >= start_step and step <= stop_step:
            # continue -------------------------- 
-            node = nodes[node_id]
+            target_node = nodes[target_node_id]
-            # for the red agent, either:
+            # Based the action taken on the initiator type
-            # 1. the node has to be an entry node, or
+            if initiator == NODE_POL_INITIATOR.DIRECT:
-            # 2. there is a red IER relevant to that service entering the node with a running status of True
+                # No conditions required, just apply the change
-            red_ier_incoming = is_red_ier_incoming(node, iers, node_pol_type)
+                passed_checks = True
-            if is_entry_node or red_ier_incoming:
+            elif initiator == NODE_POL_INITIATOR.IER:
-                if node_pol_type == NODE_POL_TYPE.OPERATING:
+                # Need to check there is a red IER incoming
-                    # Change operating state
+                passed_checks = is_red_ier_incoming(target_node, iers, pol_type)
-                    node.set_state(state)
+            elif initiator == NODE_POL_INITIATOR.SERVICE:
-                elif node_pol_type == NODE_POL_TYPE.OS:
+                # Need to check the condition of a service on another node
-                    # Change OS state
+                source_node = nodes[source_node_id]
-                    if isinstance(node, ActiveNode) or isinstance(node, ServiceNode):
+                if source_node.has_service(source_node_service_name):
-                        node.set_os_state(state)
+                    if source_node.get_service_state(source_node_service_name) == SOFTWARE_STATE[source_node_service_state_value]:
                        passed_checks = True
                    else:
                        # Do nothing, no matching state value
                        pass
                else:
-                    # Change a service state
+                    # Do nothing, service not on this node
-                    if isinstance(node, ServiceNode):
+                    pass
                        node.set_service_state(service_name, state)
            else:
                if _VERBOSE:
-                    print("Node Red Agent PoL not allowed - not entry node, or running IER not present")
+                    print("Node Red Agent PoL not allowed - misconfiguration")
            # Only apply the PoL if the checks have passed (based on the initiator type)
            if passed_checks:
                # Apply the change
                if pol_type == NODE_POL_TYPE.OPERATING:
                    # Change operating state
                    target_node.set_state(state)
                elif pol_type == NODE_POL_TYPE.OS:
                    # Change OS state
                    if isinstance(target_node, ActiveNode) or isinstance(target_node, ServiceNode):
                        target_node.set_os_state(state)
                elif pol_type == NODE_POL_TYPE.SERVICE:
                    # Change a service state
                    if isinstance(target_node, ServiceNode):
                        target_node.set_service_state(service_name, state)
                else:
                    # Change the file system status
                    if isinstance(target_node, ActiveNode) or isinstance(target_node, ServiceNode):
                        target_node.set_file_system_state(state)
            else:
                if _VERBOSE:
                        print("Node Red Agent PoL not allowed - did not pass checks")
        else:
            # PoL is not valid in this time step
            pass
@@ -242,8 +271,8 @@ def is_red_ier_incoming(node, iers, node_pol_type):
    for ier_key, ier_value in iers.items():     
        if ier_value.get_is_running() and ier_value.get_dest_node_id() == node_id:
-            if node_pol_type == NODE_POL_TYPE.OPERATING or node_pol_type == NODE_POL_TYPE.OS:
+            if node_pol_type == NODE_POL_TYPE.OPERATING or node_pol_type == NODE_POL_TYPE.OS or node_pol_type == NODE_POL_TYPE.FILE:
-                # It's looking to change operating state or O/S state, so valid 
+                # It's looking to change operating state, file system or O/S state, so valid 
                return True
            elif node_pol_type == NODE_POL_TYPE.SERVICE:
                # Check if the service is present on the node and running
--- a/setup.py
+++ b/setup.py
@@ -11,17 +11,16 @@ setup(
    url="https://github.com/qtsl/PrimAITE",
    description="A primary-level simulation tool",
    python_requires=">=3.7",
-    version="1.0.0",
+    version="1.1.0",
    install_requires=[
        "gym==0.21.0",
-        "matplotlib == 3.5.2",
+        "matplotlib==3.6.2",
-        "networkx == 2.6.3",
+        "networkx==2.8.8",
-        "numpy == 1.21.1",
+        "numpy==1.23.5",
-        "stable_baselines3 == 1.6.0",
+        "stable_baselines3==1.6.2",
-        "pandas == 1.1.5",
+        # Required for older versions of Gym that aren't compliant with
-        "pyyaml == 6.0",
+        # Setuptools>=67.
-        "typing-extensions == 4.2.0",
+        "setuptools==66"
        "torch == 1.12.0"
    ],
    packages=find_packages()
 )