Geography | Studies, essays, thesises » Theory of natural and man made disasters

Theory of natural and man-made disasters "Nothing is more practical than a good theory." (Ludwig Boltzmann) 1 The aim of the research and utilization possibilities 1.1 Timeliness of the topic and its military scientific aspects The National Security Strategy of the Republic of Hungary 1 states that during the EuroAtlantic integration process, after the change of the political system, Hungary became a member of such integration organizations, in which the stability of member states is a common interest, and is based on democracy and rule of law, and on the implementation of human rights and basic liberties. In order to defend them the nations are ready and able to help each other. However, new threats and challenges have appeared, to which effective response can only be given through governmental countermeasures coordinating our national efforts, conscious development and flexible use of our capabilities, and wide international cooperation. As far as my specialized field –

i.e disaster management, civil protection and the protection against fire – my scientific research study is so abstract that the conclusions, scientific results are valid and applicable in the wide range of security sciences like military science and the science of law enforcement. As a consequence of this, although my research activities originate from the issues of disaster management, the results have a more general value. The role of disaster management is to maintain safe conditions for life and work. It performs these tasks in the uniform scope of tasks of prevention, response and recovery, integrating them in the country’s security system. Its place is amongst law enforcement organizations, in close cooperation with the population, public administration, businesses, charitable organizations and all other actors of society. In Hungary, one of the timeliest national tasks nowadays is the protection against natural and man-made disasters. Public opinion, the political and

professional leadership pay a special attention to it, it determines the country’s development and basically influences the lives of citizens. By today, it has become evident that safety and security are not simply a technical problem, but a complex social issue. It is not simply a local issue affecting only a few professions, but a global one. One cannot count with a short-term solution We have to face long-lasting and dragging challenges. Safety and security, and within them, the protection against natural and man-made disasters is not only an important and basic human and natural value, but, at the same time, it also serves international interests. Having examined Hungary’s social and economic growth, it can be ascertained that the unsolved security and disaster management issues can become an obstruction in the country’s development. They may endanger the implementation of basic strategic objectives and deteriorate the nation’s evaluation. In a country stable from a

security and disaster management aspect, and in its environment, people are not afraid or uncertain, the probability of errors is on an acceptable social level, and therefore people are self-assured. 1 Government Decision 2073/2004. (IV15) 1 Nowadays, disaster management has to tackle two major challenges. An increased burden is witnessed during so-called traditional tasks: fires, technical rescue, the protection against other emergencies or incidents. However, Hungary’s disaster management will have to face quite serious challenges in the not too distant future, besides the above phenomena. These are the disaster management issues of global climate change, critical infrastructure protection, sustainable development and sustainable security and the fight against terrorism. How can these conventional and new types of protection tasks be solved? The up-to-date, sustainable safety and security service seems efficacious, integrating and enhancing the development of society.

Theoretically, the weakest point of a sustainable safety and security service, in practice, is the absence of scientific grounding it can be found in a disorganized state. The upgrade of these weak points is quite important because of the expectations and requirements originating in Hungary’s membership in NATO and EU, the rapid and continuous adaptation and response compulsion, forced by globalization, the absence of the social bases of safety culture and safety awareness, to relieve the tension between central efforts and territorial inequalities the methods and systems used so far are not suitable, they have evidently run out of internal and external reserves. The reserve for an upto-date, sustainable safety service can be the scientific researches and, beyond their results, the adaptation of methods used by the entrepreneur and NGO spheres. These are, amongst others, the professionally adapted application of change management, crisis communication, quality control and safety

innovation methods. With the help of the achievements of science and the use of the above methods, new safety/security strategic objectives can also be determined. These include: - reduction of social, environmental and individual risks, increase of tolerability; increase of social satisfaction amongst the population, growth of citizenfriendliness; qualitative, sustainable development and safety/security; quality-oriented safety service; integrated national defense and law enforcement capacity, the use of up-to-date control and planning models; improvement of partnership relations with formal and informal communities; shift towards a problem-solving service; use of best practice; intelligent, innovative safety/security. For the exact scientific examination of natural and man-made disaster phenomena and protection against them, first of all, it is necessary to fix the most important elements of approach model, i.e my starting point is the following assumption The elaboration of used

and [developed] introduced notions will take place in the thematic chapters of dissertation. the the the the  The state of risk systems in the application field of logical risk theory can be described with the so-called fault-tree, their behavior can be analyzed with the so-called fault-tree analysis [Henley]. The fault-tree method is now almost half a century old, therefore I regard it in this context as known. In the narrower, mathematical sense of the theory the use of a faulttree is the same as using a Boolean function, which leads back to an undesired phenomenon affecting a risk system in question (more precisely, a statement or declaration on its occurrence), with logical operations, to certain simpler, so-called prime events that are in our competence. It is quite frequent, and, in conflict situations, it is definitely typical that the same event can be simultaneously judged in different ways. Thus, the collision of an aircraft with a skyscraper for a terrorist can be

desirable, while for others, it is not. 2  The fault-tree method, both in its traditional and more modern form, implicitly assumes that the events of a risk system in question have fixed logical structure. In other words, it assumes that a risk system, during its contact with its environment, preserves its identity. This is a necessary and inevitable condition of the applicability of the theory.  Logical risk theory takes the explicatum 2 of a risk system in question as granted, therefore it is theoretically unable to describe or analyze its changes in an adequate way. Therefore, a new theory is needed to study the risk systems in strong interaction in such a sense. In my study, I named it (logical or explicative) conflict theory.  In a conflict situation, participants are affected by such undesired effects, which (slightly or more significantly) simultaneously hinder their normal behavior. The participants of a conflict may not only be persons, but theoretically all

systems, relating to which a state notion can be interpreted, and a normal or abnormal change of state (behavior, modus operandi). Thus, in the application field of a general conflict theory, in principle, a geographical unit suffering global warming can also belong to, just as an undisciplined soldier or his responsible superior, and so on, up to the limit 3 of a paradigm.  Between non-probability risk theory and conflict theory, a third phenomenon can be observed. In this case the entirety of events occurring in individual but a great number of different risk systems is examined, namely in an environment, in which individual events, i.e risk systems described by the fault-trees representing them are in weak interaction. In such cases, risk systems preserve their self-identities, they are auto-identical. However, their massive co-effect exceeds the theoretical performance of a traditional fault-tree method. I examine this area with a cellular automaton model. Based on the above,

the thematic of dissertation covers three research problem scopes: - Logical (non-probabilistic) risk theory of individual isolated events Cellular automaton model of auto-identical tessellation safety risk systems Logical conflict theory 1.2 The paradigm convention The term "paradigm" in the general philosophy of science sense, by a slight generalization of Kuhn’s paradigm term, is interpreted in the following way: Paradigm – in the philosophy of science (and not linguistic) sense of the word – means an approach model of a discipline or a branch of discipline of science, whose components and criteria are: 1. Phenomena, examined by a relevant branch of science, ie on which it makes valid ascertainments. 2. Methods, by which the relevant science examines phenomena 3. Theory, ie the logical system of ascertainments regarded as valid by the relevant science, whose elements are a language, a truth criterion, axioms, definitions and theses. 4. Model, ie a system of things,

on the elements of which the statements of the relevant science regarded as valid, automatically prove to be true, according to the model’s definition. 5. Relevance term, based on which it can be determined, which phenomena the relevant science regards as suitable for examination. 2 The notion of explicatum of risk systems has a central significance in the theory. On an even higher level of abstraction level, we can, and we will see that we have to speak of two events, even two theories, approaches or conflicts of paradigms. 3 3 6. Competence term, based on which it can be determined, in which issues the relevant science regards itself as competent to make a statement and take a position. 7. A value criterion, based on which the relevant science determines on itself, what it regards as valuable, what values it accepts. I made my researches considering the above paradigm components. 1.3 My scientific objectives My scientific objective is to prove that the theory of disasters

can be construed in a general paradigmatic approach, which is capable of simultaneously applying the mutual part of paradigms of different specialized disciplines of sometimes opposite approaches (in a philosophy of science sense). This mutual part, according to my assumption, is the direct logical approach. Before the demonstration of the results of my dissertation, due to the nature of the subject, I had to deal with the issues of the coordination of abstractions and specifics in principle. The theory of disasters, in the sense of the paradigm elaborated in my dissertation, cannot be discussed in the framework of any branch of science as a discipline, because to interpret and manage disasters the mutual content part of paradigms of disciplines should be used. However, such mutual parts do not exist. Because mechanics examines mechanical systems, thermodynamics examines thermodynamic systems, with a diametrical opposite approach. Mechanics, as far as its content, is not a special case

of thermodynamics. The situation is similar with the other sciences as well. If because of this, as far as their content, the sets of terms and conclusions of disciplines studying certain partial phenomena of natural and manmade disasters cannot be unified, however, methodically the situation is basically different. It is undisputable that all branches of science meet the requirements of being scientific. From this originates the fact that the branches of science in question are not common as far as their terminology apparatuses, but in their methods. In their methods, there is an indispensable significant feature: all of them must be logical. They may not contradict the laws of logics even if they contradict simple common sense sometimes. They all are logical and suit the laws of logics. Specific goals of researching the following topics: • • • • • • • • • • • • • Event typology, Interpretation of event indicators, Critical points, Risk theory examination of

corporate decisions, Logical level, Strategic indicator, Modeling of risk systems in weak interaction, Cyclic centric examination of risk systems in weak interaction, Sustainable safety/security, Tolerability, immunity, Conflict-theoretical axiomatics, The disaster theoretical further development of Klein-Kis’ disfunction theory, Conflict typology. 2 Applied methods 2.1 Conceptual, specific methods  Explication; 4     Iteration; Network theory; Typology; Taxonomy. In the focus of my study, there is an observation: with the method of direct logical approach, heterogenic, moreover, phenomena being the subject of disciplines that are sometimes opposing each other can be conceptually comprehended in a uniform way. I strove to elaborate it methodologically. Where it seemed to be possible, I tried to substitute the special, particular (i.e probabilistic) assumptions used in different disciplines with more general (ie logical), abstract assumptions, to formulate them

in the uniform symbol system of formal logic. Thus it became possible that, as a necessary or sufficient condition of a certain disaster incident, disjunctions or conjunctions of an incident like the praxiological “failure to control” and the “occurrence of over-pressure”, belonging to the research area of mechanics, came into provable logical relation. A common methodological element in my dissertation is that I study risk systems. The term of risk system is a basic term. Intuitively, a risk system is, in (to) which a disaster occurs (happens), which is the “subject” of a disaster, which suffers or bears or tolerates a disaster (its damages), or perhaps resists it, prevents it, responds to it, rehabilitates it, etc. Of course, this word usage is imprecise yet. It is just clarified in the present dissertation My dissertation consists of three thematic chapters, through which the interaction of risk systems follows through as a guiding principle. Each syllabus also uses

specific methods, besides a general explication. The chapter on risk theory deals with risk systems, which, during their interaction with their environment, preserve their self-identity, i.e their state can be managed as an independent variable, the rules determining the change of their state – in other words, the logical structure of systems – are unchanged. We can express it in a way that the chapter dealing with risk theory elaborates isolated risk systems. Their typical specific method is the determination of the necessary and sufficient conditions of statements relating to the events in question, as opposed to using descriptive definitions. Besides, its inevitable methodological inherent is that it does not determine, for all possible system states, a logical value (i.e the characteristic main event of the risk system has occurred or not), but it can serve to prove it and to formally deduce it, too. Besides this logical state evaluation method, and also to evaluate the

technical and economic state, I established a special method to manage it, which I named Franklin method. The chapter using a cellular automaton model deals with risk systems in weak interaction. They are characterized by the fact that the states of risk systems depend on each other’s states according to defined rules, and preserve their self-identity, the rules determining the change of their states remain unchanged. Its characteristic specific method is iteration, which is widely used in cellular automaton models. In my study, I have elaborated a method to define and evaluate the cycle of processes This method has been specified in a cycle calculation algorithm. The subject of the chapter dealing with conflict theory is the examination of risk systems in strong interaction, in conflict. These are the risk systems, which, during their interaction, may lose their self-identity, they can become other systems (wrecks, ruins, inundated areas, devastated systems, etc.), in a general

situation, the change of their states, behavior can originate from the logical structure of conflict situations, which they tolerate to some extent in a certain technical sense of the word. The application of the method resulted in the creation of conflict typology. 5 In this context, typology could have been referred not only to conflicts, but generally also to the taxonomy of indicators of risk systems being on a much higher level of exactness. In the three different cases, I used three kinds of paradigms, but the explicative approach in the methods used is uniform. 3. New scientific results 3.1 Isolated risk system 3.11 Ordinal I have elaborated the term of event explicatum of isolated risk systems and introduced its ordinal. According to the definition of “isolated risk system”, introduced by me, a risk system, during its interaction with its environment, preserves its logical structure, and its state can be regarded as an independent variable. Auto-identical systems are

technically characterized by their explicatum. The explicatum of a risk system is a special Boolean algebraic equation system with n members, which only contains a conjunction and a disjunction, and in which there are variables numbering m < n, in whose function the remaining n – m number of variables can be produced. These are prime explicants. The variable on the left hand side of the first member of the equation system is the main event of a risk system. A main event produced as a function of prime explicants – as a Boolean function with m variables, is the system’s state function. Based on the strict mathematical logical definition of the explicatum of isolated risk systems – in short: system explicatum – I have introduced the term of event explicatum. To characterize an event explicatum, in short: explicatum – I have introduced the term of ordinal of an explicatum, in short ordinal. To define an ordinal, I have elaborated an algorithm that can be IT implemented,

using which the hierarchic logical relationship between any two explicants can be unambiguously defined based on their ordinals, i.e whether one of them implicates the other, and through which explication route can one be reached from the other. This method has significance in the safety engineering assessment of risk systems involving classified materials. 3.12 Franklin parameters I interpreted the Franklin (cost-time) parameters of the prime events of a risk system. The change of a prime event of risk system is called action. All actions, conceptually, have a well-defined cost and time requirement. In risk management, I divided actions into three basic classes:  prevention,  response,  and recovery. Since all the above are linked to a time and cost factor, Franklin parameters have two subclasses each, such as • prevention time, • response time, • recovery time, • prevention cost, • response cost, • and recovery cost. The common name for them is Franklin

parameters. The interpretation of the Franklin parameters, related to prime events, can be extended to any explicatum. To define them, I have elaborated algorithms that can be IT implemented, with the use of which the technical and economic calculations of managing risk systems have gained a conceptual foundation. 6 3.13 Critical points I have defined the critical (weak and strong) points of a risk system. The members of the disjunctive normal form and the factors of the normal form of a state function of an explicated risk system, as a Boolean function with positive variables m, usually serve for the necessary and sufficient conditions of activating and passivating the main event. Their common name is critical points. To define them, I have elaborated algorithms that can be IT implemented, with the use of which the management of safety risk systems, combined with the calculation algorithm of Franklin parameters, serves for technical and economic calculations. 3.14 Quorum function

I have elaborated the consensus limit calculation of decisions necessary for managing a risk system. The state of risk systems, in practice, cannot be known in each case. Depending on the expected outcome of the main event, the actions to be taken are determined through corporate voting. In such cases, the power often stipulates a qualified voting, in the statute of which the consensus limit is predetermined, i.e the minimal majority of votes necessary for decision The determination of the consensus limit is essentially peremptory, or is based on a previous corporate decision, but is independent from the logical structure of the event being the subject of the decision. I have recognized that the consensus limit of decisions necessary for the management of explicated risk systems can be unambiguously calculated from the system’s explicatum. This can be technically derived from the system’s so-called Quorum function. 3.15 Flórián model I have elaborated a strategic game theory

model for disaster management in the logical risk management interpretation. The traditional methodology of risk management, i.e fault tree analysis, has a functional aspect. This means that it statically demonstrates the main events of the risk system under examination (depending on prime events), and does not study the processes, which can lead to the formation of the main event. The traditional fault tree analysis expressis verbis does not use the term “state”, therefore it does not even have the possibility to describe the process. Therefore, it can only provide an answer to the basic question: what is the necessary and sufficient condition for the main events to occur if all the possible critical points are determined and statically stored. However, in a general case it is insupportable from both a conceptual and practical aspect. The conceptual obstacle is the non-probability character of the risk of an individual event, the practical obstacle is caused by a combinatorial

explosion. The problem is solved by the FLÓRIÁN model in a way that the functional approach is replaced by a procedural one. Accordingly, instead of storing the critical points of risk systems the necessary managing actions are to be determined depending on the state of the all-time processes, including the Franklin dimensions of costs incurred and the time necessary. 3.16 Protection level I have proved that by protecting any level of a risk system, all higher levels become protected. During explication, during the stages of sequential explications we always (if it is not a prime event) provide the necessary and sufficient condition of events found in a stage one stage earlier. This suggests the intuitive concept that we are getting “deeper and deeper” from the main event during explication, we are reaching a “lower and lower level”. From this originates that the main event, i.e from which the explication starts, is sometimes called a top 7 event. This suggests that prime

events are on the same “level” – occasionally on the “deepest level”. However, this is, of course, not the case in a general situation, since the “deepest level” in a general case simply does not exist. Because generally, it takes routes of different lengths from the main event to two prime explicants, i.e it takes different number of steps to get there. The term “level” has a deep intuitive content different from the latter, which the introducers of the logical level ignore. The term “level” can be expressively interpreted by the term “dyke”. A dyke protects from floods. A dyke prevents the attack of a flood, thus providing protection against its effects that cause flood damages. There are dyke protection events or can be created. Dyke protection events will also have, in general cases, complex consequences, which can save homes, houses and lives. The consequences of consequences form a chain and can be arranged into levels. However, not from the “top to

bottom”, as suggested by a primitive intuition, but during the use of protection,, from the “bottom to top”. I have elaborated the theory of logical level protection, whose bases are as follows. Definition: • We interpret the entirety of prime events of a system on the zeroth logical level – in short on its level 0 – of an explicated safety risk system. • We interpret the entirety of prime events of a system on the first logical level – in short, on its level 1 – of an explicated safety risk system, whose members have a prime explicant. • On the nth (n > 1) logical level of an explicated safety risk system – in short on its level n – we interpret the entirety of complex events of a system, whose members have an n-1 level explicant, but do not have an explicant lower than n-1 level. If the highest level in a system is m, we say that the system is of level m. If n > 0 and all the level n elements of a system are passive, we say that level n is protected, and

the system on level n is protected, in short n protected. Comment: It can happen that a level n event has a higher-level explicant than n. It can also happen that an event has an explicant of the same level. In such cases, we speak of transient events [Bukovics-1]. It can also happen that the level of the main event is not the highest, where the name “top event” is deceptive 4. 3.17 Strategic typology I have defined strategic indicators and elaborated a typology for them. I have indicated that in the scope of risk systems • System determinants can be defined, based on which the exclusive type system of risk systems can be interpreted. • Types characterize the behavior of a system determined by its relationship with its environment, i.e the change of state or the possible state change processes • Furthermore, strategic indicators can be defined, which, within each type, form new information on risk systems that can be more and more extended. I have introduced the term

“strategic indicators” through the term “strategic models”. I have used some of the terminologies of the theory of strategic games for creating strategic models. 4 Referring to this, one of the most interesting examples is the logical risk analysis of a plant genetically modified to be Herbicide-tolerant. It was elaborated in the research institute of the Australian CSIRO (Commonwealth Scientific & Industrial Research Organization) under the guidance of [Hayes]. 8 In games, serving as a basis for strategic models the number of players is always two. The common thing in their roles is that they change the state of certain prime events. Systems that can be found in reality and are in actual interaction with their environment (i.e accompanied by the change of state of the risk system) are, however, better characterized if prime events have not two, but three kinds of states attributed to them. The third state is “undetermined” or “free”, besides being

“active” or “passive”. Therefore, risk systems in this paradigm are not described by a Boolean function, but by a ternal monotone logical function. It is as follows: FT(p 1 , p 2 ,,p n ), (FT refers to “Fault Tree”). Here, n is an optional fixed integer and p i (i = 1, 2,,n) is also a ternal variable with values 0, u and 1. Their interpretation is as follows: p i = 0, anytime when the occurrence of prime event p i is valid, p i = 1, anytime when the occurrence of prime event p i is valid, p i = u, anytime when the state of prime event p i is “undetermined” (after the English word(s) “uncertain”, “undetermined” or “unknown”). The fact that the state of a prime event is undetermined can be interpreted in the following way: If a prime event occurs, in other words becomes active, it means that the change of its state has been caused by an effect. However, a prime event, according to the model suggestion, is in our competence, i.e can be prevented, can be

responded to, the change of its state can be caused. According to the model suggestion, all state changes have a time demand Therefore, it is not indifferent, since when and for how long has a prime event been passive or active. Accordingly, an active event cannot become immediately passive, or a passive event cannot become immediately active. In other words, in the model, neither 0 –> 1, nor 1 –> 0 transitions have a meaning. Therefore, a third, intermediate state has to be introduced, marked u, referring to which the activity can be described with the transition 0 –> u –> 1, and the passivity with 1 –> u –> 0. In other words, I postulate that the change of state between active and passive states can only take place through an intermediate, third state. This can be also interpreted that the intermediate state is which can be activated and passivated. I have grouped risk systems into types, and characterized them with two kinds of data groups. I have named

them comprehensively strategic indicators. The first group consists of strategic type determinants (in short: type determinants). They characterize and identify the individual types themselves. The name of the second group is strategic type indicators (in short: type indicators). These mean some of the new characteristic features of individuals (risk systems) belonging to one of the types. During the practice of risk analysis, as the experience of a risk analyzer increases, they may be extended by further data (type indicators). Besides, I have introduced general systems and strategic characteristics. Four data characterize strategic types. These data characterize the behavior of risk systems according to general aspects. Type determinants mean four strategies. These are as follows: • • • • Struggling Shannon’s Maintenance Ad hoc strategy. The two latter ones have subcases. The subcases of the Maintenance Strategy are directed towards the optimization of the Franklin

parameters. 9 The subcases of the Ad Hoc Strategy relate to the reliability levels of prime events featuring reliability. All games are for two. One of the players is the "Attacker" and the other one is the "Defender". The players do not play according the same rules. Attacker represents the environmental effects of the above risk system. Defender models the intention (the form of behavior of a risk system), which aims at the prevention or the liquidation of the Main Event of a risk system. From the games, Struggling and Shannon’s games are “anti-nature games”. It means that Attacker moves randomly, without any intelligent plan. The moves of the game are the activation, passivation or renovation of a free prime. A free prime is which has not yet been activated by Attacker and has not yet been passivated by Defender. At the start of the game, all prime events are free. Strategic type indicators serve for the characterization of risk systems within certain

types. Two major features of strategic type indicators are the risk system and the strategy implemented on it. The first one is determined by system features, the second one by strategic features. Here belong the following: system name, strategy name, number of prime events and the entire event number. 3.18 Indicator taxonomy On the one hand, I have developed the typology of risk systems, on a strategic basis, into taxonomy, on the other, I have interpreted ontological taxonomy based on a general indicator term. The methods used by me made it not only possible to develop typologies, but also to create a so-called taxonomy. In common language, one quite often uses the words typology and taxonomy as synonyms, but the difference between them is that taxonomy is a higher order typology, in which the typological units, besides classification hierarchies, have certain ontological attributes. To them, the road led through so-called Galois relations and through several areas. On the one hand,

I could interpret an indicator taxonomy, on the other, a strategic taxonomy, in close connection with it, introduced in a kind of game theory model of risk systems. 3.2 Risk systems in weak interaction 3.21 Cellular automata I have elaborated a cellular space (SORS), by which risk systems in weak interaction can be modeled. In both natural and man-made disasters, the collectives of risk systems quite often participate. Such phenomena are well known, ranging from forest fires to floods, from epidemics to climatic extremities. Their common feature is that there is a characteristic interaction between the participating risk systems, during the implementation of which their states depend on each other according to a determined normality. We say about these systems that they are in weak interaction with each other. The attribute “weak” intends to express that the interactions are not strong enough to change the logical structure and self-identity of the components. In my study, I have

used a cellular automaton model to study risk systems in weak interaction. The acronym SORS refers to “Self-Organizing Raiding System”. The basic idea is: 10 (1) Every operation’s (including strategic games played against nature) weakest point is usually the unorganized state. (2) To avoid unorganized state and to restore organized state self-organizing systems are the most suitable means. (3) Artificial self-organizing systems, self-reproducing automata are known as cellular automata – networks of automata. (4) Cellular automata have also been used in practice on the present level of development of information technology. In my dissertation, I started with a cellular space, in which an explicated risk system belongs to each of the cells. Different risk systems may belong to different cells This is determined by allocation, implementable by IT equipment, elaborated by me, and the allocation algorithm. Allocation Allocation, intuitively means the kind of explicated risk

system (fault-tree) that can be assigned to a site element (cell). To interpret it exactly, I had to elaborate an adequate terminology system. I have defined the terms of SORS of central importance: Site and scene; Cellular space; Transitional function; Cell state; Threat degree; Prime event; Logical risk management. 3.22 Attack and defense With SORS, I have modeled the process of attack and defense. In the cellular space of a SORS model, there are two types of cells: public cells and guard cells. Public cells follow the general transient rule (which is determined by the relevant transient function). Attack is interpreted as a change of state occurring after an external effect. Guard cells move according to the algorithm of guard cell movement, and serve for modeling defense, representing the reaction to an attack. The movement of the Guard Cell (state transient function) figuratively means that the guard cell, in every t time, “looks around” the neighboring cells, looking for

“cells to be defended”. Guard cell G’s cell to be defended (defense cell) DC(G) (if there is such) is a public cell in a maximum real state. If there is none, G randomly selects a public cell from the neighboring cells. Later, at t + 1 time, the guard cell occupies the place of the cell to be defended, and takes up the state of the cell to be defended with “virtual threat”, i.e in a virtual type of state In other cases (if there is no cell amongst the neighboring ones to be defended), guard cell G does not move, i.e does not change its state In order to implement, in practice, the movement of the guard cell, I have elaborated an algorithmic procedure with special regard to the effects occurring through the cellular space’s border 5. A public cell’s state can change in two ways: spontaneously or on external effect. The spontaneous change of state occurs according to the law on state transition. The next spontaneous state of a public cell can be simply defined by a state

transition function. The next state of a public cell, generated by external effect can be defined with the help of a State Assessment Algorithm, belonging to the cell, elaborated by me. 3.23 Strategies Two types of defense strategies, offensive and defensive, were modeled in silico in SORS. Their cost and time demand, and efficiency in several specific cases were studied by me through computer-assisted experiments, and I have documented the results in tables and graphical format. 5 The SORS cellular space, in a cellular automaton sense, does not have a border, because it is confined. Here, border refers to the interpreted, i.e established cellular space 11 The theoretical grounds of the tolerability and immunity of risk systems can be traced back to these procedures. 3.24 Cycles and sustainability I have elaborated a cycle term according to the existence of the cycle-centric risk management and in silico, I have elaborated a suitable experimental procedure technique. Risk

analysis does not know the formally defined exact term of a cycle. I see the reason for this deficit because risk analysis does not know the expressis verbis term of state either, although it would be greatly needed, since the strategic-game theory approach has a huge role in preventing and responding to a hazard. As far as the theory of strategic games, the introduction of the term “state” is indispensable 6. If (in a given deterministic system with finite state) the same state occurs twice in a series of sequential states in time, we speak of a cycle, and graphically we say that the system “returned to a previous (earlier) state”, or “it fell (got, etc.) into a cycle” In the majority of systems discussed in environmental (cellular automaton) models, the number of states of systems in question is finite. These kind of finite (deterministic) systems necessarily get into a cycle eventually. The important theoretical aim of risk management is the elaboration of finite models

(models with finite number of states). The task is to elaborate methods, by which a system’s cycles (and not states, which means an impermissible restriction) can be efficiently characterized. Efficient characterization here means that it can be deduced from the principles of theory (its fundamental assumptions, axioms), which cycle, out of any two, has to be regarded as “better” (more favorable and to be more preferred, more desirable, more sustainable, etc.) or as “worse” (to be more avoided, to be more changed, to be more repaired, to be more evaded, etc.) than the other In other words, one can expect from a cycle-centric risk management to be able to fully order cycles of a studied system. More precisely, to be able to define a full order of relation amongst the cycles of a studied (finite) system. This is the time when the possibility arises that the correctness of risk management operations (arrangements) are to be judged based on uniform and clear principles,

furthermore, to be able to reach well-founded cycle management decision procedures consistently. 3.25 Tolerability and immunity I have in silico elaborated an experimental procedure to interpret tolerability and immunity in the SORS model. I have experimentally studied the tolerability or more precisely and technically: the immunity of risk systems in weak interaction with each other in the framework of a SORS model. An (in silico) experiment, which is performed with a system modeled (or rather normatively described) using SORS, is generally divided into three main stages: • Stagnation. This is a time interval, in which every cell is in a virtual state, there is no missing state, the structure (state configuration) of a cellular space is more or less unordered, the guard cells are randomly moving. During stagnation, as shown by experience, the states of public cells of the cellular space form a nStates = 16 longitudinal cycle. • Attack. The threat of public cells randomly selected

from an optional group in a virtual state changes to real, and their state, depending on the risk explicatum of the cell, changes, independently from the state transitional necessities, which are given by a calculation algorithm of state occurring on an external effect. • Defense. If a public cell in real state has a guard cell neighbor, the threat of the cell becomes virtual, its state stays unchanged, and the guard cell occupies the cell. 6 As a synonym of state, sometimes (in the theory of strategic games) the word strategy is used. See eg [Szidarovszky], especially page 158. 12 Experience shows that defense is always successful after some defensive steps. See figures 9-11 in the dissertation. These three sections form, according to the definition, an experimental run (X-run, “eXperiment-run”). According to the definition, experiment is a series of sequential runs (Xrun), which ends with the last run (L-run, “Last-run”) The number of runs within the experiment is

marked with nRuns. The last run of the experiment or its stochastic limit is X-Run if the difference between its relative frequency and of the one preceding it is relatively small. I have determined this difference in 1 percent during my experiments. Conventionally, an experiment ends if a stochastic convergence is created. The term immunity 7 (in a SORS-type system) is based on the intuitive term of vulnerability. If a system is damaged, it gets lost or its rehabilitation capability is weakened, or its capacity to cope with an attack. Immunity, in a certain sense, is the opposite of vulnerability The “easier” a system is rehabilitated from its damaged state, the better or higher is its immunity. The exact characterization of the rehabilitation process greatly depends on how one defines the “easy” or rather the “difficult” side of rehabilitation. The most successful 8 seems to be if we define its difficulty: how many steps are necessary (and sufficient) altogether to reach

a global system state (i.e cellular space state), in which no cells are in an endangered position, i.e in order to reach a stagnating system state after an attack From an intuitive aspect, immunity is somewhat similar to tolerance [Bukovics-2]. The main difference between tolerance and immunity is that immunity is tolerance defined as a function of the safety level. When creating the term “immunity”, I have taken into consideration the following. Attack itself is undoubtedly Stochastic under all circumstances. This is the primary reason that systems exposed to an attack should be examined from the point of view of immunity, with in silico experiments. Consequently, the results of an experiment necessarily refer to the experiment. However, experiments are always random-like Thus, in order to receive theoretical results from generality and from the one with general validity, we have excluded all references relating the experiment. This gives the term of theoretical immunity However,

here two equally justifiable aspects emerge. I have named one of them run-view, the other one step-view (r-view, s-view). After the fixation of the quantitative (measured in percents) term of vulnerability, belonging to the experiment carried out on the given safety level had taken place, I have defined empirical vulnerability and empirical immunity. The relationship between them was defined by me with the formula Immunity (SL, X) = 100 percent - Vulnerability (SL, X). One can see that there are two ways, more or less natural, available for the explication of empirical vulnerability. These are the already mentioned r-view and s-view Accordingly, one has to speak of r-Immunity and s-Immunity according to the appropriate view. In r-view, one of the basic terms is nRuns (SL, X), number of runs. This is the number of runs, during experiment X, performed at the given Safety Level (SL)t, necessary (and sufficient) to reach Stochastic Convergence. In s-view, one of the basic terms is nDS (SL,

X) number of defense steps. This is the number of runs, during experiment X, performed at the given Safety Level (SL)t, necessary (and sufficient) to reach the Stagnation of the Cellular Space, i.e cellular space configuration 7 In the present case, I understand immunity in its intuitive form, disregarding its legal, medical or other explicative meaning. 8 The ascertainment: the solution is successful, does not mean in any case that it is reliable, even in the intuitive term of vulnerability. This is in close relation to the problem of explication See: [Carnap] In the case of a concept, success versus reliability, or in connection with the issue of consistence, see: [Kreisel]. 13 without real (vulnerability) cellular state. See these details in the figures on pages 25-29 of the dissertation. 3.3 Risk systems in strong interaction: conflicts I have elaborated the bases of conflict theory. In my dissertation, I rely on researches relating to the theoretical approach of conflicts

caused by nature or human beings, which have, on the one hand, explored the relationship of extremities and the evolvement of human conflicts, on the other hand, on researches, which relate to the description of the general nature of conflicts [M.Kis] The former researches have shown extremely clearly how deep and close logical relationship exists between extreme situations, the increase of safety risks and the spread of human and social conflicts. This new paradigm, in my opinion, is mainly hallmarked by the works of [Barnett] and colleagues. It results from my approach that in the dispute of the adaptation of extremities versus mitigation, I argue for the former, laying a special emphasis on the management of conflict problems originating in the consequence of change. In my work, I have paradigmatically elaborated the grounds of this conflict theory. 3.31 The axiomatic characterization of conflicts I have given the axiomatic interpretation of conflict theory. We speak of conflict, of

one between two events, in everyday sense [Boulding], [Fáy Nováky] [Gordon] if the two events cannot occur at the same time. The clearest example of this is, par excellence, is the decision situation, which used to be addressed with the attribute “full of conflicts”. We speak of a conflict, implicitly, between two agents, “event carriers”, “event holders” if events relating to the two agents cannot occur simultaneously. Here, I have to disperse a misunderstanding immediately Everyday concept does not mean that two agents are in conflict if two events occur to both of them at the same time, which cannot occur. This does not make sense Everyday usage is absolutely unsuitable for making the expression “it cannot occur” strict and accurate. According to an everyday usage: “it cannot occur”, because a law (written or unwritten) forbids it. Of course “it cannot occur” that two solids are simultaneously at the same place, although no law of physics forbids it.

Mechanics describes the collision of solids without any difficulty without dealing with the definition of the term (as such) of collision. Two events cannot occur simultaneously at the same time if its supposed occurrence led to logical contradiction. Criterion of logic as theory is that it should be without contradictions, i.e it should not be possible to prove a statement based on a law of logic together with its negation. From this, however, it does not ensue that logic does not have to deal with the contradiction as such. It can be ascertained that, at present, there is no uniform conflict theory, only different trends exist. The reason for it is that it is not possible to examine conflict situations methodically with a theory without interest. Not even if we speak of relation of interest Politics prefers to try to solve conflict situations without grounding its rhetoric, arguments and actions on understanding them, with emphasis on without interest. It is a characteristic and

significant circumstance that the pure mathematical theory of conflicts were already elaborated by [Sheffer] and [Nicod] almost a century ago [Veroff]. Their achievements were included in the second edition of Principia Mathematica in 1927, an epoch-making work grounding mathematical logic. The mathematical-logical conflict theory became a deductive system. The name of this theory was appropriated by sociology, according to its original definition it was incompatibility theory. The mathematical-logical conflict theory, i.e the theory of incompatibility, is still developing Most recently [Veroff] achieved in silico results in the field of axiomatics. This makes it possible that conflict theory receive, at the same time, empirical-intuitive grounding and sufficient deductive disciplinarity. It can be expected from a uniform conflict theory, according to knowledge-based sociological exigencies, that it should, in a certain sense, include all previous conflict theories. In other 14

words, to fulfill the correspondence principle, highly appreciated in theoretical physics as a criterion. The emergence of this principle cannot be seen in social conflict theories even in traces. In my work, the problem of correspondence emerges the following way. Conflict theory wishes to be the generalization of logical risk theory. Logical risk theory is essentially the use of the Boolean algebra to analyze the main events of risk systems. Therefore, to see conflict theory really become the generalization of logical risk theory, it is sufficient to prove that all true statements of the Boolean algebra are true in conflict theory. Technically, I have implemented it by defining the basic terms of the Boolean algebra [Jaglom], based on the basic terms of conflict theory – more precisely conflict algebra, and from its axioms, I have deduced the axioms of the Boolean algebra [Huntington]. The conflict of events x and y is marked x | y. [Veroff] found two conflict theory axioms,

superseding Bernstein (almost a century later), from which Bernstein axioms can be deduced, at the same time, they can be quite figuratively interpreted. The first axiom of Veroff merely states that a conflict is symmetric, (the operation of the conflict formation is commutative), i.e always: x | y = y |x (V1) This is so evident that its negation in everyday word usage is scarcely possible. According to the second axiom of Veroff: x = (x | y) | (x | (y | z) (V2) The advantage of this axiom is, as opposed to the axioms of Bernstein, that it can be directly interpreted, i.e its conflict theory meaning can be given without any further auxiliary term or convention. However, for this, one has to pay the price that from these two axioms the original [Sheffer]’s axiom system of conflict theory can only be deduced in an awkward way. Therefore, Veroff needed 86 steps to deduce Sheffer’s axioms, which was performed by Bernstein with jaunty elegance. Veroff did not deal with the deduction of

Bernstein’s axioms, at present, it is not known whether he would have reached his goal earlier if he had dealt with it. From my part, I proved that Bernstein’s first axiom can be deduced from Veroff’s first and second axiom. Furthermore, I gave the conflict theory interpretation of Veroff’s axioms 3.32 Conflict space I have elaborated the features of conflict space and the conflict attributes and conflict types. I have axiomatically postulated that all conflict situations can be characterized by three factors (so-called parameters). These are “Agent”, “Site” and “Disturbance”. Certain formalized, logically manageable statements and predicates serve for characterizing conflicts. These are conflict attributes Using [M. Kis]’s work, I have postulated that every situation can be judged based on altogether eight kinds of attributes. Four out of these eight attributes are opposites of one of the other four. In fact, my basic assumption 9 is that every situation can be

characterized by giving four basic attributes simultaneously; each one of these is a member of an attribute pair. More specifically, the four basic attributes (characterizing the situation) and their opposites are as follows: "Activity", marked A, 9 opposite: "Reactivity"(R) This basic assumption was marvelously justified by [M.Kis]’s researches based on [Klein]’s works 15 "Interiors", marked B, "Groupedness", marked C, "Directness", marked D, opposite: opposite: opposite: "Exteriors" (K) "Uniqueness" (E) "Indirectness"(I) This can also be expressed that the type of all (conflict) situations is unambiguously defined by the above four attribute pairs, i.e Activity is therefore A or R, Interiors is therefore B or K Groupedness is therefore C or E and Directness is therefore D or I. This axiom means the implicit definition of the type term. In other words, I name the attribute fours that can be

selected from eight attributes that are compatible (i.e consisting of attributes logically not contradicting each other) (conflict) types after [M. Kis] The elementary consequence of this axiom is that there are 16 kinds of conflict types. In order to operationalize typology, I have introduced conflict types as points of the conflict space with certain changes in their marking. The management of conflict theory problems, through the Boolean net, has been reduced to the management of Boolean algebraic problems from conflict space. 3.33 Tolerance domain, evacuation dilemma I have interpreted the evacuation dilemma in the terminology of tolerance domain. I have introduced the term tolerance domain on all the types of situations found conflicting (offending, hurting, disturbing, frustrating, perturbing, etc.) by all agents, and I have characterized it by Ledley’s number. Mathematically, it means that I have represented the term agent by the non-empty partial sets of the conflict space.

With this choice, I have provided the structural characterization of the agent, by which it has become possible to create a kind of a structural typological axiom of agents. I have noticed that, from the topological (i.e deducible to the set theory containment) relations between tolerance domains, some can be interpreted with astonishing simplicity. So, for instance, in the form of a tolerance domain multiply coherent, an agent and behavior type, classically well known from the practice of disaster management has manifested. This occurs in the following typical decision situation, i.e conflict situation, which could be named “evacuation dilemma” A firefighter in site A has to evacuate a person in room B. The air is running out in room B, breathing is possible for a certain time, but not on the connection route. To cover the route between A and B, two minutes are necessary, the physical features of the firefighter make it possible to work for a maximum of two minutes of not

breathing. The firefighter gets into the following decision situation. After a minute, he either returns or continues his trip If he turns back, he fails because he has not fulfilled his mission. If he continues his trip, he risks not having enough air in site B, and both of them die. The obvious necessary condition of solving this evacuation dilemma is that the firefighter undertakes the risk, i.e in such a sense, he should be a person with a risk-assuming character. To recognize it is of central significance in disaster management. I make a remark here that ethology also knows this problem and speaks about it as “squirrel effect”. In everyday usage, it is known as the idiom “burn up the bridge behind oneself”, in cave research another name is used “siphon floater”. Based on the representation of tolerance domains in conflict space, it became possible deduce the problem of evacuation dilemma to the strict topological features of tolerance domains. 3.34 Tolerance function I

have introduced the tolerance function to describe the behavior of agents in conflict situations. 16 Mathematically, tolerance function is a so-called Berstein polynomial, which, from a certain point of view, can be regarded as the generalization of Shannon’s quorum function relating to autoidentical risk systems. From interpretation aspects, however, there is a significant difference between the two functions. While quorum function quantifies the suitability of the explicatum of the given risk system for corporate decision, tolerance function quantifies the tolerability of an agent depending on the perturbations belonging to the tolerance domain. From this aspect, tolerance function shows relativity with the classic constitutional YerkesDodson’s character functions. Mathematically, it is interesting to compare it with [Feigenbaum]’s concept. This approach was followed by Kretschmer’s constitutional science that time, at the beginning of the last century, after Yerkes’

and Dodson’s works, to yield its place nowadays to Selye’s stress theory-based characterology. Its importance nowadays shows, in a peculiar way, in the management of disasters caused by terrorist attacks. In case of a hijacking, the pilot must follow the instructions of the attacker. An attacker intelligent enough can hinder the pilot in giving valuable information on the real emergency using some kind of a coding, on the level of today’s IT and measuring equipment level. However, to empirically define tolerance function, today’s IT and measuring equipment level seems suitable, in principle. The first results of the researches carried out in international cooperation with relevant great (western) governmental and EU financial support are quite reassuring. The basic idea is the speech recognition combined with stress analysis From the spectral deconvolution, one can make a conclusion on the pilots stress status, and besides, knowing the (pilot’s) constitutional character a

number of information can be obtained on the phenomena perceived by it in its environment, mostly unconsciously, the hindrance of transfer of which simply falls outside the competence of the attacker 10. 3.35 Conflict typology I have elaborated the typology of tolerance functions, I have introduced the terms irrational agent and tolerance loss. In the deduction of the two generic characteristics of conflict situations between the entire (216=65536-member) system of tolerance domains and the entire (700-member) system of tolerance functions, I have discovered the phenomenon of tolerance loss. Accordingly, the tolerance function of the common parts of any two tolerance domains minors the infimum of individual tolerance functions. I have elaborated a typology of tolerance functions, which I have named KYDS typology. The name comes from the works of Kretschmer, Yerkes-Dodson and Shannon. I have proved that each of the 21 partitions resulting from the coordinated partition, leading to the

KYDS typology, forms a symmetry class. I have defined the basic structures of conflict spaces formed by conflict types, as conflict space’s nets, partial nets. I have introduced and defined the mathematical term of irrational agent. I have demonstrated that the conjunction of the tolerance function of two agents, in a general case, is a function, which is not the tolerance function of a tolerance domain. At the same time, it is obvious that the conjunction of the tolerance function of two agents describes the compositional behavior of the two agents in [Berry]’s sense. I have postulated that every agent A and B has an agent C 11, whose behavior is described by the function Q C (p) = Q(T(A)) ∩ Q(T(B)). I have elaborated a procedure to calculate the tolerance function of irrational agents. 10 In the framework of [EUROCONTROL] project , funded by EU, the question has been intensively scrutinized for several years. 11 For the deep analysis of the term agent, see [du Toit]’s

excellent study. 17 I have given the functional interpretation of the term of irrational agent, as which compositionally represents the mutual behavior of agents A and B. I have proved that the dominance of the two agent components alternatively prevails in the behavior of an irrational agent. I have demonstrated that in a general case, the behavior of an irrational agent is characterized by tolerance loss. I have elaborated a procedure to reduce tolerance loss 18