An 'explicit type enforcement' program transformation tool for preventing integer vulnerabiliites.

A security-oriented program transformation is similar to a refactoring, but it is not intended to preserve behavior. Instead, it improves the security of systems, which means it preserves the expected behavior, but changes a system's response to security attacks. This demo is about a tool for Explicit Type Enforcement transformation, which adds proper typecast to integer variables. The tool is built using Eclipse CDT and applies on C programs. Preliminary results show that it is very effective in fixing integer-related vulnerabilities. Power tools such as these can improve developer productivity and produce vulnerability-free software.