Using symbolic execution to characterize behavior

Prototypes are built for a variety of reasons. This paper offers an alternative to the use of a prototype as a means of testing a specification (i.e. someone who "knows" what he wants compares his intuitive understanding with the behavior of the prototype on particular test cases). The alternative is symbolic execution of a formal specification, i.e. the specification is the prototype and its behavior is determined by symbolic execution rather than the traditional "concrete" execution. This is an extension of the approach to rapid prototyping based on operational specification [Balzer 82] and an alternative to testing prototypes whether manually constructed or developed mechanically from such an operational specification [Feather 82]. One advantage of this approach is that the prototype need not be built at all. Of course, the formal specification must be written, but this is often necessary anyway, especially if the specifier and implementor are different people. A more important advantage arising from symbolic execution is that a large subset of the possible behaviors can be examined at once.