Formal and Practical Weaving Approach Based on the Gimple Language for Software Security Hardening

In this paper, the authors propose an aspect-oriented approach based on the Gimple language for the systematic security hardening of software. They also present a formal specification for Gimple weaving and the implementation methodology and results of the proposed weaving semantics. The primary contribution of these propositions is providing the software architects with the capabilities to perform security hardening by applying well-defined solutions and without the need to have expertise in the security solution domain. At the same time, the security hardening is applied in an organized and systematic way in order to not alter the original functionalities of the software.