ABSTRACT
One of the most challenging issues for the QoP models is performing a multilevel
evaluation for complex and distributed systems. The manual analysis of such sys-
tems is almost impossible to perform. The analysis of any type of the security pro-
tocol is difficult when the experts do not use automated tools. In literature, we can
indicate programs which helped the experts analyze the protocols. We can indicate
the AVISPA tool [15, 88] or ProVerif [18, 49] application, which verifies security
properties for cryptographic protocols. From the Quality of Protection analysis point
of view, AVISPA and ProVerif have two limitations. The first one refers to the types
of the function which can be modeled; one can model only cryptographic primitives
and cryptographic algorithms. The full QoP analysis must refer to all security factors
which affect overall system security. The second limitation is that these languages
do not provide the structure for evaluation of the security factors’ performance. In
the literature one can indicate the tool for QoP analysis which is modeled on the
UMLsec [39]. This tool can be used for automated analysis of simple models but
when we would like to analyze the scenarios when thousands of hosts take part in
the protocol, then the analysis is too complex and cannot be done properly.