At Problematics, we are not just a one trick pony. As well as developing the Dependency Structure Method, we have also developed another problem solving method that uses a knowledge base to explain what has occurred or how to cause or prevent something one wishes to occur or not occur. The method is called COPE for Cause Or Prevention of Effects.

We at Problematics are looking for someone at Homeland Security with whom we can discus the use of this method for Terrorism Threat Assessment.

We would also like to team up with someone who can help us commercial this as a product. We have a pending patent and software adequate to establish proof of concept and have tested it on many types of made-up problems to establish proof of concept.

This technique is fundamental to the scientific method. It can be used to connect the dots to explain terrorist's intentions, or to analyze and solve crimes, find the causes of quality failures and accidents, and to develop physician's diagnostic systems that can be updated regularly over the net as new knowledge becomes available.

It allows experts with various perspectives and from different organizations to develop a knowledge base of simple cause and effect relations involving primitive actions and effects. Once this knowledge base has been developed, as quickly as facts are presented to it, a computer assembles the pertinent relations from the knowledge base to either show how to achieve or prevent some objective or to explain what has been observed.

It allows a knowledge base to be developed by people with different perspectives and from different organizations working collaboratively. The knowledge base is made up of simple cause and effect relations between elementary actions and effects. Then, as quickly as new evidence becomes available, the computer can use the knowledge base to integrate it with previous evidence to find all possible scenarios within the scope of the knowledge base that could explain the evidence.

This allows for a quick response that could, for instance, increase the chances of thwarting terrorist's attacks. It also allows for considering large amounts of dubious information that might otherwise not be considered because a computer can be used to screen and passed on information only if it is relevant.

Ordinarily, cause and effect models can be used to start with hypotheses and deduce their consequences. The opposite process, to find all the hypotheses and their scenarios that could explain the consequences/evidence observed is usually done by trial and error, guessing at hypotheses and deducing their consequences until a hypothesis is found that explains what is observed. Making the trials may require consulting again with the experts, which can delay the response. The method we have developed is extremely fast because it uses the computer and does not rely on trial and error.

The two types of questions are:

- Implication asks: Given certain assumptions, i.e. hypotheses, what are their consequences? If we believe that 'A is true if B is true' and that 'B is true', then we can say that 'A is true'.
- Explanation asks: Given certain consequences, i.e. facts, what are all the hypotheses within the scope of the model that could explain them? If we believe that 'A is true if B is true' and that 'A is true', then we can say that 'B is a plausible explanation for A'.

'Implication', going from assumptions to consequences, is a commonly used method and is comparatively easy to use. But a great many very important problems can be phrased as the need for explanations, which require reasoning in the other direction, from consequences to assumptions.

Explanation is a much more difficult process. It is usually done by trial and error, i.e. comparing the consequences of various hypotheses by using implication until a hypothesis is found that explains what has been observed. This can be a long and tedious process, and it is difficult to assure that all the alternative hypotheses have been found. Furthermore, it may be necessary to go back to the experts to repeat this process each time new evidence is presented. Many familiar problems such as solving crimes, diagnosing the causes of medical symptoms, or the source of quality failures are usually solved this way. It is, fundamentally, the scientific method.

What is new and unique here is that we have developed a method to solve the 'explanation' type of problems quickly with a computer as new evidence becomes available without having to go back to the experts again. The various individual pieces of knowledge are represented in statements such as 'This is true if A and B are both true or if C is true. A mathematical method called Boolean algebra is used to make substitutions to eliminate all the intermediate variables to express the consequences directly in terms of the assumptions. It assures that we have found all the hypotheses within the scope of the model that could plausibly explain these consequences. This timeliness can be vital if the explanation reveals that something needs to be stopped before it is allowed to proceed further. Preventing terrorism is an example where speed in analyzing new facts as they occur is of the essence.

Adding new facts can reduce the plausible hypotheses that remain because some of the hypotheses that explained the old facts are not able to explain the new facts as well, so these hypotheses drop out. Thus, adding facts can eliminate extraneous explanations until we arrive at just a few explanations that we can then test with additional information.

An idea is a matching between a need and a plausible means for satisfying it. The knowledge model describes all the elementary capabilities, i.e. what can and cannot be done. The computer finds how to put these elementary capabilities together to connect the need with the means. A number of ideas can be generated and preliminarily compared by cost. The costs can be included in the knowledge model.

We may also use consequences to represent the goal we wish to achieve. The process of explanation then tells us what we need to assume and/or do in order to achieve those consequences. Then, by starting with those assumptions, we can use the implication process to work step by step through all the intermediate variables to produce 'scenarios' that lay out how to achieve the goal.

Implication and explanation can be used to develop business plans that can adapt to changing situations. The knowledge model expresses the capabilities of the business. Consequences represent what goals the business wants to achieve. The explanation process can be used to find the various assumptions that would allow the business to achieve these goals under various prevailing situations. As the business confronts new situations, various assumptions become true or false. Then the implementation process can be used to generate new scenarios in order to achieve the business goals under these new situations.

This technique has many applications such as:

- This has been observed. What explains it?
- We observe something that is happening. Could this be explained as an indication that an act of terrorism is being prepared, or does it have a more innocent explanation? If a terrorist act is being prepared, how can it be stopped?
- What explains how this crime might have been committed and by whom?

#### The Scientific Method:

What hypotheses would explain this phenomenon?Diagnosing symptoms to explain what their cause and cure might be:

- Medical diagnosis
- Equipment failure and accident diagnosis
- Quality assurance - tracing the causes of product deficiencies
- Determining various ways by which something might be achieved:
- Developing the design of a process to achieve it.
- Developing a dynamic business plan that adapts as circumstances change.

### Generating new ideas:

Finding matches between the means available to do something and a need to do it where the knowledge model describes what can and cannot be done.

### APPLICATION TO TERRORISM THREAT ASSESSMENT

The reaction time upon obtaining a new piece of evidence can be greatly reduced by this method because the experts' knowledge has already been captured in the knowledge base. Only the computer is needed to connect the new dots to the old ones to establish their relevance and implications.

A great amount of evidence is never submitted for analysis because its relevance is not understood by those who observe it. And if they were more free to submit it to the analysts to determine its relevance, the analysts would be swamped. The method proposed here can be used as a filter to analyze large volumes of possible evidence with the computer determining its relevance, and if relevant showing its consequences and means for prevention.

We could be wrong, but we believe that every day this mechanism is not in place, we are subject to greater risk from terrorism than need be. If it had been fully operational, the 9/11 terrorist attack probably could have been prevented. And if it were put into operation quickly enough, it could be instrumental in preventing the next attack. But only if this is taken seriously by those concerned with homeland security. top

### FOR THE CURIOUS AND PATIENT, MORE ON HOW THIS WORKS?

I have written the following with the intention that no special knowledge of mathematics or Boolean algebra should be required to understand it. However, some patience is required.

The model is expressed as a collection of simple statements such as 'A is true if both P is true and Q is true or if R is true'. More elaborate statements can be made up by using AND's, OR's and NOT's and additional variables.

Let's say that we accept the statement that 'A is true if either P or Q is true'. Then assume we also accept the statement that 'either P or Q is true'. Then we must accept that 'A is true'. This is what we call 'implication'. Implication goes from the right side of the 'if' to the left.

Now let's look at the reverse situation. We again accept that 'A is true if P or Q is true'. But now instead we accept that 'A is true'. What can we then say about 'P' and 'Q'? We can say that 'either the truth of P' or 'the truth of Q' could be a plausible explanation for why 'A is true'. This we have call 'explanation'. Explanation goes in the opposite direction, from the left side of the 'if' to the right.

A model consists of putting together a number of such statements. For example:

- 'A is true if either P or Q is true'
- 'P is true if both R and S are true'
- 'Q is true if S is true'

But most models will involve many such statements, often too many to deal with in our heads alone. We would then like to have the help of a computer. Experts unfamiliar with Boolean algebra can enter these relations in the form of an outline such as follows:

Those variables that never appear on the left side of any statement, and thus are never given values by other statements in the model, are called 'assumptions'. Those variables that never appear on the right side of any statement are called 'consequences'. Those variables that somewhere appear on the right side and elsewhere appear on the left are called intermediaries. Thus in the above, A is a consequence, P and Q are intermediaries, and S and R are assumptions.

The intermediaries are used to make substitutions, much as we do in algebra. For example: Where P appears on the right in statement 1, we can substitute its explanation from statement 2. When we finish all the intermediary variables have disappeared so that the consequences are expressed directly in terms of the assumptions

In Boolean algebra, unlike high school algebra, we are dealing with variables that can only take on the values of 'true' or 'false', or 'don't care'. We have to be careful because the rules of Boolean algebra often appear similar to the rules of high school algebra, but sometimes can have different results.

Using the intermediaries for substitution we get the following:

- 'A is true if either P or Q is true' ,
- 'P is true if both R and S are true'

So where P appears on the right side of 1, we substitute the right side of 2 to get:

- 'A is true if either (both R and S are true) or if Q is true.

Similarly, using:

- 3, 'Q is true if S is true'
gives us Q that we can substitute for the Q in this last

statement to get:

- 'A is true if either (both R and S are true) of if S is true'.

As we make substitutions while solving large models, these statements can grow longer and longer because they pick up a lot of redundancy. If we had many statements and did these substitutions on a computer, we could quickly run out of memory. So to avoid this, the computer program must use Boolean algebra with a vengeance to eliminate this redundancy as quickly as it develops. This 'simplification' process is the key to making the method practical.

To demonstrate this simplification, we have taken the last statement and used some rules of Boolean algebra, which we don't show here, to remove redundancy in order to get:

- 'A is true if S is true'

Without knowing Boolean algebra, we can convince ourselves that this is correct by trying all the combinations of true and false for S and for R. No matter what we assume for R, we always get the same result. That's why we can say that:

- R is 'don't care' '.

This model is very simple. But these models can become large enough that they would completely overwhelm us if we could not use a method such as this on a computer to amplify our capabilities.

© 1995-2015 Problematics

Contact us via email at: sales@problematics.com