This work addresses the security risks associated with executing industrial control software on unauthorized hardware, a challenge inadequately mitigated by conventional protection mechanisms that often fail to balance security and functional correctness. The authors propose a novel hardware-software binding approach that integrates Physical Unclonable Functions (PUFs) with symbolic execution to enforce program behavior constraints and verify critical security properties. This method ensures that the software operates correctly only on authorized target devices while maintaining secure behavior—even in the presence of unauthorized execution environments or PUF failures. Notably, this study is the first to leverage symbolic execution for preserving software security properties under anomalous execution conditions, thereby achieving a robust combination of strong anti-reverse-engineering capabilities and high reliability.

We introduce a novel copy-protection method for industrial control software. With our method, a program executes correctly only on its target hardware and behaves differently on other machines. The hardware-software binding is based on Physically Unclonable Functions (PUFs). We use symbolic execution to guarantee the preservation of safety properties if the software is executed on a different machine, or if there is a problem with the PUF response. Moreover, we show that the protection method is also secure against reverse engineering.