Deriving a state model of a control program by symbolic execution
|Title||Deriving a state model of a control program by symbolic execution|
|Booktitle||Proceedings of the IEEE 16th International Conference on Industrial Informatics (INDIN 2018)|
This paper presents an approach for deriving a state transition model which represents the behavior of a control component using symbolic execution. Symbolic execution is a technique for executing a program using symbolic values for unknowns. It explores execution paths in a program and then uses a SAT/SMT solver to prove that paths are feasible. Further, the approach allows using constraints on the environment and simplifications with a widening operator similar to abstract interpretation.We present the formal foundation of the approach, depict the the tool implementation, present results from a preliminary evaluation, and discuss various application scenarios.