% IMPORTANT: The following is UTF-8 encoded. This means that in the presence
% of non-ASCII characters, it will not work with BibTeX 0.99 or older.
% Instead, you should use an up-to-date BibTeX implementation like “bibtex8” or
% “biber”.
@PHDTHESIS{Simon:964231,
author = {Simon, Hendrik},
othercontributors = {Kowalewski, Stefan and Weyrich, Michael},
title = {{A}utomatic test {C}ase generation for {PLC} software},
volume = {2023,05},
school = {RWTH Aachen University},
type = {Dissertation},
address = {Aachen},
publisher = {RWTH Aachen University},
reportid = {RWTH-2023-08196},
series = {Aachener Informatik-Berichte (AIB)},
pages = {1 Online-Ressource : Illustrationen},
year = {2023},
note = {Veröffentlicht auf dem Publikationsserver der RWTH Aachen
University 2024. - Weitere Reihe: Technical report /
Department of Computer Science; Dissertation, RWTH Aachen
University, 2023},
abstract = {Automatic test case generation for the purpose of bug
finding or achieving coverage goals has recently evolved to
a scalable technique that is nowadays used to find highly
critical security bugs, e.g. by Microsoft. However, in the
domain of Programmable Logic Controllers (PLCs),
applications of this technique are rare and usually rely on
tools and mechanisms that were not initially designed for
this domain. In fact, a discussion on how to design such
techniques with the peculiarities of PLC software in mind,
is missing. At the same time, PLC software is typically used
in safety critical environments where software errors pose
significant threats to the environment or humans and may
additionally result in significant financial losses. Mature
automatic testing techniques for the PLC domain would, thus,
be highly beneficial to further support software quality in
this area. PLC software typically follows a cyclic execution
scheme that involves a repeated process of reading input
values, executing a (often state machine based) control
program that relies on local variables and writing computed
values to outputs. Although the cyclic execution resembles
only a small change in the execution semantics, the impact
on automatic testing techniques is significant. This
dissertation provides insights and mechanisms to transfer
automatic test case generation into the domain of PLC
software. We conduct an in-depth discussion on related
approaches and point out strengths and weaknesses in order
to provide baseline knowledge that can be utilised in future
developments in this field of research. Further, we
introduce our own automatic test case generation approaches
and exemplify their effectiveness on PLC software. We are
able to show that the generation of branch coverage tests
can be achieved significantly faster than with existing
techniques, rendering our approaches more applicable for
larger software. The focus of our techniques lies in the
exploitation of state-machine based execution behaviour and
the preservation of structural information in Sequential
Function Chart. For the latter, our presented algorithm can
achieve full coverage in a few seconds for programs that
could only partly be covered within an hour by related
approaches.},
cin = {122810 / 120000},
ddc = {004},
cid = {$I:(DE-82)122810_20140620$ / $I:(DE-82)120000_20140620$},
typ = {PUB:(DE-HGF)11 / PUB:(DE-HGF)3},
doi = {10.18154/RWTH-2023-08196},
url = {https://publications.rwth-aachen.de/record/964231},
}
guest ::