Module 14: Dynamic Symbolic Execution

[Video] [Slides]


This module introduces a technique for automated test generation called Dynamic Symbolic Execution (DSE). DSE is an example of a hybrid analysis: it collaboratively combines static analysis and dynamic analysis. You’ll learn how it outperforms both random testing, which is based on purely dynamic analysis, and symbolic execution, which is based on purely static analysis. You’ll also learn about the effectiveness of the DSE approach in testing various real-world applications.


  • Visualize execution paths of a program using its Computation Tree to understand how Dynamic Symbolic Execution works.
  • Apply a combination of Concrete Execution and Symbolic Execution to generate numeric and pointer inputs as part of Dynamic Symbolic Execution.
  • Compare Dynamic Symbolic Execution to Random Testing and Symbolic Execution.
  • Apply the Dynamic Symbolic Execution approach to test data structures.
  • Illustrate real-world applications of Dynamic Symbolic Execution using examples.