The analysis of the source [1] revealed that each protected object has an attractive potential, which is formed by a hazard potential, in accordance with which the necessary security potential is formed in the form of a physical protection system (PPS). In turn, each typical intruder has the potential for preparedness (danger), which is determined by the degree of his motivation. Thus, many typical intruders have a definite impact on many categorized objects in accordance with their potential capabilities. Typical violators and categorized objects have many characteristics that determine their potential motivation (danger) and attractiveness, which intersect informationally. Obviously, between the categories of critical objects (CIO) and typical intruders (threats) there must be a certain correspondence, which is based on the general commensurability or ratios of the characteristics of these sets (potentials). That is, each category of CIO must correspond to a certain basic type or types of violators.

The author of the article suggests, using the information probabilistic method (IPM) and cluster analysis, to determine the typical basic intruders for each category of CIO, i.e. identify existing compliance. Based on the hazard results of typical violators, an appropriate level of security (safety) of objects is proposed.

This problem is solved to differentiate the necessary requirements when determining the required value of protection of categorized objects from basic typical violators.

Currently, the task of determining the basic threats for various categories of objects is determined mainly by expert methods [2], where there is an element of subjectivity, or based on the theory of fuzzy logic and fuzzy hypergraphs [3]. Recent methods do not allow us to estimate their weight contribution to the formation of the hazard potential of the object. In addition, sometimes when composing fuzzy membership matrices (performing disjunction and conjunction operations) for certain data (if one of the characteristics is significantly small), fuzzy logic methods show doubtfully low results.

On the basis of processing the combined general information field of the characteristics of violators and categorized objects with an information probabilistic method and cluster analysis, it is necessary to determine each category of CIO of the corresponding typical intruder, that is, it is necessary to determine the degree of potential impact of the i-type intruder on the j-th category of CIO, to solve the problem of determining ratios and on this basis to propose the necessary amount of security for each category of objects. The source [4] discusses the finding of correspondences on images presented in the form of graph models, but this problem has a limitation — the number of vertices in the image graphs must be the same. The source [5] provides an in-depth analysis of clustering methods. A technique for clustering big data is proposed. The issues of graph clustering are considered, while the weight of the signs of cluster analysis is not taken into account.

To solve this problem, it is necessary to form a common information field in a unified scale for measuring the characteristics of violators and CIO.

To assess the potential danger of the object from the actions of violators, six private types of losses were introduced [4]: - political (determined by a decrease in all levels of authority of the authorities and general instability); - human (consists in the loss of people's lives and health); - financial (consists in the loss of material values); - economic (take into account the costs of relocating people from the accident zone and the related compensation payments); - environmental (loss of natural resources leading to environmental degradation in the region); - informational (losses consisting in the loss of advanced technologies, confidential information and artistic values).

For each particular type of loss, one of the six scales of potential losses in the event of an emergency (ES) was determined in the form of a six-point hazard scale, which are presented in Table 1.

The results of the hazard assessment (attractiveness) for the seven categories of CIO in case of emergencies on a sixpoint scale, obtained in article [7], are shown in table 2. cter character character character al character

To solve this problem, we describe typical intruders and objects in a single scale of measurement of characteristics. Based on the data of Table 3 and expert evaluations of specialists, a transition was made from qualitative to of Many dangerous emergencies (violators, objects) Name characteristics 1 … …

… … … … … … …

The weight of parameters in the formation of the estimated

potential is characterized by a quantitative measure of the degree of confidence in the situation, objectively existing uncertainty and is identified with the probability distribution Pji. Characteristics {Xji} are uniquely set in various physical scales.

Therefore, to bring the characteristics {Xji} to a single common scale, we use the natural normalization, carried out relative to the extreme values {Xji} of the components as without changing the ingredient to the opposite: and with the change of ingredient to the opposite: The level is

the stics violators with display in xji → r[0,1]. Dependencies (1) and (2) ensured the mapping of the sample space shown in Table 5 to another having the power of the continuum shown in 1 … … … … …

Elements rji (continuum power spaces) in a single scale will be identified with elementary events.

Moreover, the measure defined on rji the normalized corresponds to the probability p(r), which is identified with the concept of the integral potential of a given complex of elementary events. The meaning of this measure is to appropriately interpret the concept of probability. Moreover, probability, as a category of dialectics, combines both the measure of the objective possibility of an event and the degree of subjective confidence in the occurrence of events.

In order to formalize the problem of choosing a solution, we identify many alternatives with the event space {A}, and many attributes with events {x}. Then the connection between all the characteristics that form the estimated potential of the emergency is carried out through the normalized measure defined on these characteristics, which is identified with probability p(a). The probability distribution p(a) provides an estimate of entropy Hi.

Information in probabilistic-statistical theory acts as a removable, diminished uncertainty.

Therefore, further construction of the method is associated with the study of the laws of transformation of the information field of the Cartesian product of two sets (emergency situations and their characteristics) into quantitative components of information. For this purpose, we introduce concepts such as a priori, a posteriori, and conditional probabilities into the logic diagram, apply the Bayesian theorem and the formula for the total probability, and introduce the concept of the conditional p probability of the j-th characteristic in the formation of the estimated potential, provided that the events that form the estimated potential have occurred.

To obtain the dependence of determining the quantity p(r), which is a normalized measure on elementary events {r}, we use the fact that the concept of the estimated potential of a given complex of elementary events can be identified with the membership function, which associates each r with a real number in the interval [0,1].

Moreover, without violating the generality of reasoning, the desired dependence of the membership function is represented in the form: ( ) = / ∑ =1 (3)

One of the methods for calculating the probability of manifestation of the j-th characteristic of the compared emergency situations (violators, objects) to the formation of the estimated potential is based on the input V. Khomenyuk concept of the potential probability distribution, which is determined by the formula: (4)

The principle of the potential probability distribution is based on the fact that it is preferable to choose with greater probability those characteristics of the system whose properties have a large contribution to the total value of the estimated potential. At the same time, we note that for the principle of potential probability distribution,

Khomenyuk, a priori information about the state of characteristics is based on the principle of insufficient knowledge.

However, the weight of various characteristics in the formation of the estimated potential is different. Obtaining estimates of the a priori distribution is related to the order relation , which was studied in detail in the works of Fishborn [6]. For a simple linear relationship, the order of the Fishborn estimates of a priori probabilities form a decreasing arithmetic progression of the form: ̌ = 2 ∗ ( − + 1)/ ∗ ( + 1)

Introducing an a priori probability based on Fishborn estimates, we, setting the “input” to the method, take into account the different weight of the characteristics in the formation of the estimated potential.

Then, using the principle of potential distribution (4) and the provisions of the Bayesian theorem, we obtain a logically justified “exit” from the model in the form of posterior conditional probabilities in the form:

= ∑ =1 ∗ ̌/ ∑

=1 ∑ =1 ̌ (5)

Thus, the benefit of introducing a priori probability is that it provides an attachment of the information necessary for analysis.

After introducing the a priori probability into the decision-making method and calculating the a posteriori value of the conditional probability , we proceed to the next modeling stage, which is associated with obtaining probabilistic estimates To this end, we use the Bayesian theorem, in which we are talking about reversing the order of statements in conditional probability, that is, in the notation we have adopted ( ) and are related . Then the probability ( ) in the considered information situation is determined by the dependence: ( ) = ( ) ⋅ / ∑ =1

∑ =1 ( ) ⋅ (6)

Then the significance level of the emergency (intruder, object) is estimated through the uncertainty function: ( ) = − ∑ =1 ( ) ( ) .

For the data in Table 4, the entropy potential of each type of intruder was evaluated using an IVM. The results are presented in Figure 1.

In Table 7, the characteristics of the damage caused by typical violators of the CIO on the same six-point scale were formed in such a way that the entropy assessment of the potentials of preparation (danger) of violators coincided with the entropy assessment of the potentials of the consequences of the target implementation of violators. That is, the entropy estimates in Figures 1 and 2 are uniform according to the Pearson chi-square criterion.

On this basis, information on violators and CWS (tables 2 and 7) should be combined into one information field. As a result, we get table 8 with a common information field in a single measurement scale. In table 8, we replace the sixpoint scale with the entropy scale of the danger of emergency consequences, which was determined using the IWM to the data of table 1 [9] (H is the corresponding entropy value of damage):

1 - local (damage within the territory of the facility) - H = 0.007;

2 - local (damage within the territory of the settlement) - H = 0.116;

3 - territorial (damage to the territory of the constituent entity of the Russian Federation) - H = 0.173;

4 - regional (damage on the scale of two constituent entities of the Russian Federation) - H = 0.555; 5 - state (damage to the limits of more than two constituent entities of the Russian Federation) -H= 0.621; 6 - interstate (damage extends beyond the borders of the Russian Federation) - H = 0.878.

The transition from the six-point scale to the entropy hazard potentials is justified by the requirement to increase the reliability of the damage assessment scale [1].

Applying ICM to the data in Table 8, we obtained the entropy potentials of typical intruders and categorized objects (shown in the bottom row of Table.8 and in fig. 3). 1 0 Model violators and categories of

X1 X2 X3 X4 X5 X6 1-к 2-кC3IO-кC4-к 5-к 6-к 7-к Fig. 3. Graph of the entropy potential of the CIOC and typical violators.

Having solved the problem of combining homogeneous potentials into clusters by the agglomerative method using Statistika 10.0 SPP, we obtained the results of combining typical intruders and categorized KBO into clusters categories (Table 9). An analysis of Table 9 and Figure 3 shows that the first type of intruder is lower in potential capabilities than an object of the first category, so he needs to combine with internal intruders X5 or X6.

It should be noted that the preparedness potential is consistent with the hazard potential of the consequences of the actions of violators and with their capabilities to overcome the PPS of objects, i.e. each potential of the intruder can be assigned the corresponding protection potential of the object (PPS potential) - for example, the probability of a safe state of the object. That is, it is required to determine the necessary probability of the safe state of the object depending on the hazard potential of the base intruder for the corresponding hazard category of the object. Obviously, there should be a correspondence between the danger potential of a typical intruder and the degree of protection from his actions, i.e. the nature of the change in the dependencies of the potentials of violators and their counteraction should be similar functions.

If the function of changing the entropy potentials of the type of intruder is related to the required probability of a safe state according to the first type of intruder (the highest estimate is the probability of protection 0.98 - the value is close to the limit), and the weakest type of intruder (the sensitivity of the detection sensor is 0.7 and the probability of timely arrival - 0.9 gives a value of a safe state of 0.6), i.e. we associate with each type of intruder the required value of the object's security (the probability of a safe state) from its actions. The results of the probabilities of the safe state of the PPS, as similar values to hazards (typical violators), are shown in table 9.

The basic typical violators for each category of CIO are defined, which are shown in table 9. The results obtained do not contradict the physical meaning. The results of the probabilities of the safe state of categorized objects (Table 9) can be used to justify the requirements for the effectiveness of the PPS CIO.