An aspect-oriented framework for systematic security hardening of software