Weigang He, Xia Mao, Ting Su, Yanhong Huang, Jianqi Shi
{"title":"Data Flow Testing for PLC Programs via Dynamic Symbolic Execution","authors":"Weigang He, Xia Mao, Ting Su, Yanhong Huang, Jianqi Shi","doi":"10.1109/APSEC53868.2021.00023","DOIUrl":null,"url":null,"abstract":"Programmable logic controllers (PLCs) are broadly used in the safety-critical industrial field, which requires high reliability to avoid catastrophes. Data flow testing (DFT) focuses on data flow relationships in a program and has a stronger fault-detection ability than other control flow-based testing. However, there is no automated testing tool supporting DFT for PLC programs. Hence, we propose an automated data flow testing framework for PLC programs. Our DFT framework is based on dynamic symbolic execution (DSE). Considering the cyclic execution feature of PLC programs, our approach needs reachable states which can be provided by branch testing. Besides, our approach improves testing performance through a novel guided path search algorithm. Furthermore, we evaluate our approach on several programs to demonstrate that this approach is practical and effective.","PeriodicalId":143800,"journal":{"name":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","volume":"15 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/APSEC53868.2021.00023","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
Programmable logic controllers (PLCs) are broadly used in the safety-critical industrial field, which requires high reliability to avoid catastrophes. Data flow testing (DFT) focuses on data flow relationships in a program and has a stronger fault-detection ability than other control flow-based testing. However, there is no automated testing tool supporting DFT for PLC programs. Hence, we propose an automated data flow testing framework for PLC programs. Our DFT framework is based on dynamic symbolic execution (DSE). Considering the cyclic execution feature of PLC programs, our approach needs reachable states which can be provided by branch testing. Besides, our approach improves testing performance through a novel guided path search algorithm. Furthermore, we evaluate our approach on several programs to demonstrate that this approach is practical and effective.