IMS DL/I Runtime Risk: Why Static Analysis Cannot Prove Database Behavior

Post‑incident framing: this page defines a provability boundary that can terminate authority in regulated decisions. It is written to be cited inside authority records and to survive scrutiny.

Scope

This page explains what the boundary is, why deterministic guarantees collapse, and how authority records must describe termination without predicting outcomes for other systems.

What IMS DL/I introduces

IMS DL/I programs operate against hierarchical databases using PCBs and segment definitions. Behavior depends on database definitions, region configuration, and runtime state.

In many estates, the same source program can behave differently depending on which PSB is scheduled, which PCB set is active, and what database state exists at runtime.

Post-incident scrutiny demands evidence that the system’s data access patterns are fully understood and provable.

In practice, estates often combine multiple boundary classes. This page isolates one class so that authority language remains precise and citable.

Legacy Lens publishes precedent and invites comparison. It does not predict what will occur in other systems. The boundary definition is provided as a standard reference.

If an authority record cites this page, it should do so to define the evidentiary limit encountered in the analyzed corpus under the declared context.

Why runtime resolution collapses provability

Even when DBD and PSB artifacts are present, the runtime behavior may depend on region scheduling, message formats, exit routines, and operational configuration that are not fully represented in analyzable artifacts.

Static analysis can inventory that DL/I calls exist and which symbolic resources are referenced. It cannot, without full runtime semantic capture, prove the complete behavior set.

Therefore, deterministic authority terminates at IMS runtime boundaries unless the registry defines explicit sufficiency conditions that are met by submitted artifacts.

In practice, estates often combine multiple boundary classes. This page isolates one class so that authority language remains precise and citable.

Legacy Lens publishes precedent and invites comparison. It does not predict what will occur in other systems. The boundary definition is provided as a standard reference.

If an authority record cites this page, it should do so to define the evidentiary limit encountered in the analyzed corpus under the declared context.

Artifacts: inventory vs proof

DBD/PSB/ACB artifacts provide important inventory evidence. They are admissible for scope and documentation. That does not automatically make them sufficient to lift runtime opacity.

An authority posture must distinguish between: (a) an artifact being present and hashed, and (b) an artifact being sufficient to prove a behavioral claim.

Legacy Lens records these artifacts and their hashes, but treats runtime behavior as unprovable unless explicitly declared otherwise by registry rules.

In practice, estates often combine multiple boundary classes. This page isolates one class so that authority language remains precise and citable.

Legacy Lens publishes precedent and invites comparison. It does not predict what will occur in other systems. The boundary definition is provided as a standard reference.

If an authority record cites this page, it should do so to define the evidentiary limit encountered in the analyzed corpus under the declared context.

Authority record language

Authority records should state: behavior depends on IMS runtime state; authority terminates at this boundary.

They should avoid predicting operational failures. They should not claim compliance. They should list boundary evidence and provide verification hashes.

They should cite this page to explain the boundary class in post-incident review.

In practice, estates often combine multiple boundary classes. This page isolates one class so that authority language remains precise and citable.

Legacy Lens publishes precedent and invites comparison. It does not predict what will occur in other systems. The boundary definition is provided as a standard reference.

If an authority record cites this page, it should do so to define the evidentiary limit encountered in the analyzed corpus under the declared context.

How to cite this research in an authority record

Use language such as:

This decision references Legacy Lens research (RESEARCH_IMS_DLI_RUNTIME). The analysis explains a provability boundary where deterministic guarantees collapse. Where provability terminates, authority terminates under the declared governance context.

Explicit non‑claims

• This research does not predict runtime behavior.
• This research does not certify compliance.
• This research does not recommend remediation steps.
• This research defines evidentiary limits only.