A formal approach to the integrated analysis of security and QoS

Concurrent and distributed systems are subject to several requirements of different nature. Among them security and quality of service (QoS) are two fundamental aspects, which can have a profound impact on the system performability. Unfortunately, the study of the tradeoff between security guarantees and performance needs is hard to accomplish, because the related analysis activities are usually carried out separately. In this paper, we present an integrated and tool-supported methodology encompassing both activities, which can provide insights about how to trade the QoS delivered by a system with its security guarantees. The methodology is illustrated by assessing the effectiveness and the efficiency of the securing strategy implemented in the NRL Pump, a trusted device proposed to secure the replication of information from a low-security level enclave to a high-security level enclave.