Welcome
CICS® IA security
CICS® IA transaction security
CICS® IA has no internal RACF® security classes. The two main interfaces are application programs. These two interfaces are the Operations and Administration Interface that is driven by transaction CINT and the Eclipse-based Query Interface.

Preface
This information describes the IBM® CICS® Interdependency Analyzer for z/OS®. It explains what the program does and how to set up and run its various components.
What's new in CICS® IA Version 6.1
CICS® IA Version 6.1 continues to support a wide range of capabilities and fully supports new CICS Transaction Server 6.3. Building on previous releases, CICS IA Version 6.1 contains updates to reflect those commands for which CICS Transaction Server 6.3 has updated the threadsafe status allowing more applications to run without requiring a switch to QR TCB mode.
Overview of the CICS® Interdependency Analyzer
This section gives an overview of the CICS® Interdependency Analyzer (CICS IA), and describes its components.
Getting Started with the CICS® IA plug-in for CICS Explorer®
The CICS® Interdependency Analyzer plug-in for CICS Explorer® provides an Eclipse-based interface to analyze your CICS IA data. It also provides cheat sheets that guide you through the steps required to configure and install CICS IA. It is recommended that you download the CICS IA plug-in and follow the steps in the cheat sheets.
Configuring CICS® IA
This section describes what you need to do before you can use CICS® IA.
Running the Collector
You run the CICS® IA Collector to look for instances of program commands that might cause resource dependencies or transaction affinities.
Updating the Dependency and Affinity database objects
The Dependency database objects contain accumulated data about your applications and the resources that they use. Update the database objects regularly to add new information recorded by the Collector in the VSAM dependency files.
Managing your CICS® IA data
With each new release CICS® IA captures more data. In volatile development environments this data can soon become out of date. If you have out of date data, the CICS IA plug-in might retrieve more data than you need. The presence of unwanted data might impede your analysis and provide confusing results.
The CICS® IA UDB database
CICS® IA provides jobs to unload CICS IA data into CSV files. These files can be used to populate the IBM® supported UDB databases.
Running the Reporter
Running the Program Threadsafe report
The threadsafe report can be run from the CICS IA Explorer plug-in or as a batch job using the sample CIUJTSQ2 that can be found in SCIUSAMP.CICS. The report runs the Db2® stored procedure CIUSPTSR.
Running the Load Module Scanner
The Load Module Scanner scans load modules for instances of program commands that could cause resource dependencies or transaction affinities.
Running the CSECT Scanner
The CICS® IA CSECT Scanner scans load modules for information that can be used to identify the version of each CSECT.
Running the Builder
The CICS® IA Builder runs as a batch job to build affinity-transaction-group definitions suitable for input to the CICS system management product, CICSPlex SM.
Running the sample Db2® query
This section describes how to run the sample CICS® IA batch query job CIUJSAMP.
Solving problems
This section helps you to isolate and determine the cause of CICS® IA problems.
Details of dependencies and affinities collected
Correlating Load Module Scanner and Dependency Reporter output to source
The structure of the CICS® IA database
Messages and codes
This section describes the messages that the Collector, Query interface, Dependency Reporter, Affinities Reporter, Load Module Scanner, CSECT Scanner, and Builder can issue, and the transaction abend codes that the Collector can produce.
CICS® IA space considerations
CICS® IA security
- CICS® IA transaction security
  CICS® IA has no internal RACF® security classes. The two main interfaces are application programs. These two interfaces are the Operations and Administration Interface that is driven by transaction CINT and the Eclipse-based Query Interface.
- Db2® security
  CICS® IA uses Db2® packages to control access to the tables in CICS and batch. All the packages are bound in to both the batch plan and the CICS plan. The plan names can be defined at customization time.
CICS® IA External Interfaces
The Appendix describes available Stored Procedures and Command Flow user exit.
Collecting dynamic COBOL calls
CICS® IA detects dynamic COBOL calls, which are collected by the Dependency and Command Flow Data collectors.
Accessibility
Accessibility features help a user who has a physical disability, such as restricted mobility or limited vision, to use software products successfully
Download PDF
Download the PDF format documentation for CICS Interdependency Analyzer for z/OS 6.1

CICS® IA transaction security

CICS® IA has no internal RACF® security classes. The two main interfaces are application programs. These two interfaces are the Operations and Administration Interface that is driven by transaction CINT and the Eclipse-based Query Interface.

All CICS® IA transactions are defined with RESSEC(NO) and CMDSEC(NO). If you want to categorize and define the IA transactions in a similar way to CICS® transactions, see RACF categories for CICS IA transactions. It shows the CICS® IA transactions and their RACF® categories as described in the CICS® RACF® Security Guide. It also indicates whether the transaction runs a program that has a Db2® DBRM associated with it.

Table 1. RACF® categories for CICS® IA transactions
Transid	Description	Category	IBM® Db2®
CINT	Drives program CIUA000C for Operation and Administration.	3	YES
CINB	Drives program CIUCINB1 for a long running task that writes the data to VSAM (see the following note).	1
CINS	Drives program CIUCINS for a long running task that handles CICS® IA runtime collection statistics.	1
CINC	Drives program CIUACM10 for the Command Flow feature.	3

Note:

Authorization can be given by granting the user ID access to the CICS® IA batch plan.

On all regions, where you want to collect Db2® data ensure that the user ID, that CICS® IA runs under, has GRANT permission to the batch plan created in the sample job SCIUSAMP.CICS(CIUDBNT). This permission enables the background transaction, CINB, to access the SYSIBM.SYSDUMMY1, SYSIBM.SYSPACKSTMT, and SYSIBM.SYSSTMT Db2® tables. In most cases, the CICS® default user ID is used. However, in some cases it might be that the PLT user ID is used, if it was started by PLT processing, the user ID of the current CINT transaction, or the Link user ID if the CINT transaction is routed to another CICS® region.