Changes to CICS externals in CICS TS 6.1

Every release of CICS® introduces changes to the elements that you see and work with, collectively known as the CICS externals. These include commands, transactions, resources, system initialization parameters, messages, trace, and user exits, and more. This page summarizes the changes for CICS TS 6.1.

For a summary of changes across all supported releases, see Changes between releases in the Upgrading information.

Changes to installing

The DFHIFTG1 and DFHIFTGS installation jobs have been removed.
DFHEITAB and DFHEITBS modules are not LPA eligible.

Changes to security

Table 1. Changes to security in CICS TS 6.1
Area	6.1
Authentication	CHANGED: New option GMEXITOPT on ASSIGN shows the GMTRAN terminal session behavior option on a PF3 or PF15. Service CHANGED with APAR: APAR PH59547: New options CHANGETIME, DAYSLEFT, EXPIRYTIME, INVALIDCOUNT, and LASTUSETIME added to CHANGE PASSWORD, and CHANGE PHRASE commands to reveal more information about the sign-on user ID and password.
Authorization	NEW: Security request recording is available to troubleshoot authorization failures New message DFHXS1117 provides additional diagnostic information about security violations. REMOVED: Authorization check for Category 1 transactions is removed. There's no need to define Category 1 transaction to RACF® anymore.
Integrity	NEW: Instruction execution protection Service NEW with APAR: APAR PH55370: HTTP strict transport security (HSTS) is supported when CICS acts as a server.
Confidentiality	NEW: TLS 1.3 is supported. This capability requires z/OS® 2.4 or higher. See Enabling TLS 1.3 in CICS. MAXTLSLEVEL system initialization parameter is available. Feature toggle `com.ibm.cics.web.defaultcipherfile` allows you to use ciphers from the default cipher suite specification file (defaultciphers.xml) for outbound web requests. It applies to outbound HTTP requests using EXEC CICS WEB OPEN or EXEC CICS INVOKE SERVICE commands that do not specify CIPHERS or URIMAP. Service NEW with APAR: APAR PH51719: Feature toggle `com.ibm.cics.tls.minimumkeystrength` allows CICS to set the minimum key size during TLS handshakes for increased key strength. CHANGED: Statistics and monitoring data about TLS protocol levels and ciphers including: New fields SOTLSLVL and SOFLAG in Performance data in group DFHSOCK. New fields MNR_URIMAP_TLSLVL and MNR_URIMAP_FLAG in Transaction resource class data: Listing of data fields. New cipher resource statistics provide details of the ciphers that are in use. TLS protocol level usage is available in the TCP/IP global statistics. MINTLSLEVEL system initialization parameter: NEW OPTION: TLS13 REMOVED OPTIONS: TLS10, TLS10ONLY STABILIZED OPTION: TLS 11 Improved TLS diagnostics including: New fields SOTLSLVL and SOFLAG in Performance data in group DFHSOCK. New fields MNR_URIMAP_TLSLVL and MNR_URIMAP_FLAG in Transaction resource class data: Listing of data fields. New message DFHXS1117 provides additional diagnostic information. Service CHANGED with APAR: APAR PH49261: KEYRING system initialization parameter accepts more formats of key ring names to allow use of key rings that are not owned by the region user ID. APAR PH60212: The feature toggle `com.ibm.cics.web.defaultcipherfile` is extended to apply to URIMAP resources with no ciphers specified.
Auditing	NEW: Classifying CICS regions with region tagging CICS regions can generate an SMF 1154 subtype 80 record in response to ENF86 triggered by the z/OSMF Compliance REST API. CHANGED: New CICS health checks that define best practices for CICS security: CICS_CAT3_CONFIGURATION CICS_REGION_CONFIGURATION CICS_RESOURCE_CONFIGURATION CICS_RESOURCE_SECURITY CICS_USS_CONFIGURATION
Deprecated and removed	REMOVED: ENCRYPTION system initialization parameter XSNEX global user exit DEPRECATED: Numeric ciphers

Changes to RACF classes

No changes in this release.

Changes to CICS support for application programming languages

Table 2. Changes to CICS support for application programming languages in CICS TS 6.1
Product name (PID)	6.1
IBM® Open Enterprise SDK for Node.js, 18.0 (5655-NOJ)	NEW: Enabled support
IBM Open Enterprise SDK for Node.js, 12.0 (5655-NOD)	CHANGED:Removed support

Changes to compiler and translator support

No changes in this release.

Changes to EXEC CICS API

Table 3. Changes to EXEC CICS commands in CICS TS 6.1
API	6.1
ASSIGN	CHANGED: New parameters GMEXITOPT returns the terminal session behavior option set for the SIT parameter GMTRAN.
CHANGE PASSWORD	CHANGED: New NOTAUTH with RESP2 value of 1, indicating that the PASSWORD field, the NEWPASSWORD field, or both are blank. New NOTAUTH with RESP2 value of 17, indicating that the USERID is not authorized to use the application. Service CHANGED with APAR: APAR PH51378: New INVREQ with RESP2 value of 32. APAR PH59547: New options CHANGETIME, DAYSLEFT, EXPIRYTIME, INVALIDCOUNT, and LASTUSETIME added to reveal more information about the user ID's password or password phrase.
CHANGE PHRASE	CHANGED: New NOTAUTH with RESP2 value of 1, indicating that the PHRASE field, the NEWPHRASE field, or both are blank. New NOTAUTH with RESP2 value of 17, indicating that the USERID is not authorized to use the application. Service CHANGED with APAR: APAR PH51378: New INVREQ with RESP2 value of 32. APAR PH59547: New options CHANGETIME, DAYSLEFT, EXPIRYTIME, INVALIDCOUNT, and LASTUSETIME added to reveal more information about the user ID's password or password phrase.
INVOKE SERVICE	Service CHANGED with APAR: APAR PH63742: It is possible to automatically redirect the HTTP response to the information contained in DFHWS-LOCATION.
GETMAIN	CHANGED: New option EXECUTABLE in support of Instruction Execution Protection
GETMAIN64	CHANGED: New option EXECUTABLE in support of Instruction Execution Protection
START CHANNEL	CHANGED: New options NOCHECK and PROTECT.
WEB OPEN	CHANGED: WEB OPEN URIMAP uses the cached IP address and HTTP information obtained with the initial connection, for subsequent outbound web requests that use the same URIMAP. DEPRECATED: Numeric CIPHERS deprecated. Use XML cipher suite files as the replacement.
WRITE OPERATOR	CHANGED: New option CONSNAME, to specify a specific console to which messages are sent. With the addition of CONSNAME, the following conditions are introduced: New INVREQs with RESP2 values of 7 and 8, indicating that the specified CONSNAME value is not valid New ERROR with RESP2 value of 1, indicating that the MVS WTO command issued by CICS for the WRITE OPERATOR request has returned an error.
VERIFY PASSWORD	CHANGED: New NOTAUTH with RESP2 value of 1, indicating that the PASSWORD field is blank. New NOTAUTH with RESP2 value of 17, indicating that the USERID is not authorized to use the application.
VERIFY PHRASE	CHANGED: New NOTAUTH with RESP2 value of 1, indicating that the PHRASE field is blank. New NOTAUTH with RESP2 value of 17, indicating that the USERID is not authorized to use the application.

Table 4. Changes to macros in CICS TS 6.1
Macro	6.1
DFHEIENT macro	CHANGED: New option DATA_EXECUTABLE to request that dynamic storage is not protected from instruction execution.

Changes to CICS EXCI

No changes in CICS TS 6.1.

Changes to the JCICS API: removed classes and methods

Table 5. Previously deprecated methods and classes which have been removed. Any applications that use these methods and classes must be changed before moving to CICS TS 6.1.
Class/Interface	Methods	6.1
Program	`link(IByteBuffer)` `link(IByteBuffer, IByteBuffer)`	REMOVED: The previously deprecated methods `link(com.ibm.record.IByteBuffer)` and `link(com.ibm.record.IByteBuffer,com.ibm.record.IByteBuffer)` have been removed from the class `com.ibm.cics.server.Program`. Any OSGi dependencies or code dependencies on the `com.ibm.record` package should be removed from customer applications and builds. Correspondingly, the JAR file ${USS_HOME}/lib/com.ibm.record.jar has been removed from the CICS installation. To ease migration of these changes, the package `com.ibm.record` (now empty) is declared as exported by the `com.ibm.cics.server` bundle. This avoids the need for repackaging or recompiling applications that express an unnecessary dependency on that package. If, however, your application genuinely uses these methods at runtime, you must rewrite that application - the API is no longer supported by CICS.
`CicsSecurityManager`	`checkMultiCast(InetAddress, byte)` `checkAwtEventQueueAccess()` `checkMemberAccess(Class<?> theClass, int which)` `checkSystemClipboardAccess()` `checkTopLevelWindow(Object window)`	REMOVED: These methods override methods in `java.lang.SecurityManager`, which are deprecated by Java. They have now been removed from the `CicsSecurityManager.java` class. The `checkTopLevelWindow(Object window)` method always returned true, and the other methods were no-operation methods. If your application calls these methods, you should instead invoke `checkPermission(java.security.Permission)` as recommended by the Javadoc for these methods.
TerminalPrincipalFacilityExtended		REMOVED: This entire class is removed. This class was provided in CICS TS 1.3 to support additional functionality for the `TerminalPrincipalFacility` class, when using the Enterprise Toolkit for OS/390® (Java program objects). In CICS TS 2.1 and later, for interpreted Java (JVM programs), the additional functionality is now available directly in the `TerminalPrincipalFacility` class. Applications that call this class should be changed to call the same method from the `TerminalPrincipalFacility` class.
TerminalPrincipalFacility	`waitTerminal()`	REMOVED: The previously deprecated method `waitTerminal()` is removed. All methods in the class are synchronous so there is never a need to wait for the terminal. The deprecated method was a no operation method. Calls to this method should be removed from your application as it is no longer supported by CICS.
HttpHeader	`getHeader()`	REMOVED: The previously deprecated method `getHeader()` is removed. This deprecated method returns the name of the HTTP header by calling method `getName()`. If your application uses this method, you must rewrite that application to call `getName()` directly because it is no longer supported in CICS.
Task	`disableTaskTrace()` `enableTaskTrace()`	REMOVED: The previously-deprecated methods `disableTaskTrace()` and `enableTaskTrace()` are removed. These deprecated methods currently throw an exception with a message saying `Method is not supported in this release of CICS TS`. Calls to both methods should be removed from your application because they are no longer supported by CICS.
Container	`put(String stringData)`	REMOVED: The previously-deprecated method `put(String stringData)` is removed. This deprecated method risked exhibiting unexpected behavior due to the way the underlying container was created. Replace calls to this method with `putString(String stringData)`.
ILongHolder		REMOVED: This entire class is removed.
AbendError		REMOVED: This entire class is removed.
UnknownCicsError		REMOVED: This entire class is removed.

Changes to the JCICS holder classes

Table 6. A number of classes which were used to hold data for objects (such as the CWA, TSQ items, file records, the commarea, and more) previously exposed public data fields. These fields were deprecated at CICS TS 5.1 and must now be accessed using an appropriate getter or setter method. Direct access to these fields has now been removed.
Class	Removed field(s)	Getter(s)	Setter(s)
CWAHolder	public byte[] value;	public byte[] getValue() public String getStringValue()	public void setValue(byte[] bytes)
DataHolder	public byte[] value;	public byte[] getValue() public String getStringValue()	public void setValue(byte[] value ) public void set String Value(String value ToSet)
ItemHolder	public byte[] value;	public byte[] getValue() public String getStringValue()	public void setValue(byte[] bytes)
KeyHolder	public byte[] value;	public byte[] getValue() public String getStringValue()	public void setValue(byte[] newValue)
RecordHolder	public byte[] value;	public byte[] getValue() public String getStringValue()	public void setValue(byte[] bytes)
RetrievedData	public byte[] data; public String transId; public String termId; public byte[]queue;	public byte[] getData() public String getStringData() public String getTransId() public String getTermId() public byte[] getQueue() public String getStringQueue()	public void setValue(byte[] bytes) public void setTransid(String newTransId) public void setTermid(String newTermId) public void setQueueName(byte[] newQueueName)
RetrievedDataHolder	public RetrievedData value;	public RetrievedData getValue()	public void setValue(Retrieved Data newValue)
TCTUAHolder	public byte[] value;	public byte[] getValue() public String getStringValue()	protected void setValue(byte[] newValue)
TWAHolder	public byte[] value;	public byte[] getValue() public String getStringValue()	public void setValue(byte[] newValue)
CommAreaHolder	public byte[] value;	public byte[] getValue()	public void setValue(byte[] newCommarea) public String getStringValue()

Changes to the JCICS API - new, changed, and deprecated functions

Table 7. New, changed, and deprecated JCICS API functions in CICS TS 6.1
Function	6.1
`com.ibm.cics.server.jar`	Changed: Reduced footprint from 873K to 448K. If you are writing an application using RMI over IIOP, you need to include `com.ibm.cics.delegate.jar` (83K) and `com.ibm.cics.common.log.jar` (8K) to allow error information to flow back to the client.
CICS Exceptions	Changed: Exceptions include a public constructor, enabling applications to mimic any errors thrown by the JCICS API for unit testing.
Classes	6.1
Container	Changed: `get()` and `getNoConvert(...)` calls now require `LengthErrorException` to be handled at compile time.
Resource classes: ESDS KSDS NameResource Service WebService File RRDS KeyedFile Program TSQ TDQ	New: These resources have a new name-bearing constructor allowing the resource to be created and named in one statement. For example: `new ESDS(name);` `new Program(name);`
Data holder classes: CWAHolder DataHolder ItemHolder KeyHolder RecordHolder RetrievedData RetrievedDataHolder TCTUAHolder TWAHolder CommAreaHolder	New: All holder-types have setters and getters to allow full manipulation of the data held within each holder. These setters and getters facilitate unit testing of application code. For more information, see Changes to the JCICS API - changes to the JCICS holder classes.
Task	Deprecated: Direct access to `PrintWriter` data members:`fixedOutForJVMLifetime`, `fixedErrForJVMLifetime`, `err`, `out`. Setter and getter methods for these deprecated data members are available to replace direct data member access. New: `getStartCode()` returns a stronger-typed StartCode enum value. Deprecated: `int getSTARTCODE()` - use `getStartCode()` instead. Deprecated: Method `getQNAME()` always returns null.
StartCode	New: Provides more explicit detail returned from the `Task.getStartCode()` method.
Version	New: Support of the `comparable<Version>` interface New: Constructor `Version(String versionString)`
API	New: Application code can check the version of `com.ibm.cics.server.jar` it is running against, with `Version getCicsServerApiVersion()`
ContainerIterator	Deprecated: `Object getOwner()` New: `Channel getChannel()`
Channel	Changed: It is possible to turn off explicit checking for the existence of underlying CICS container resources performed as default by `channel.getContainer(…)` calls by setting a new system property. Turning off explicit checking can reduce CPU usage. New: System property `-Dcom.ibm.cics.server.container.existence.checking.default=false` controls existence checking at a JVM level. New: `channel.setContainerExistenceCheckingEnabled(boolean);` controls existence checking at a channel level. New: `channel.getContainer(String containerName,boolean existenceChecking);` explicitly controls if existence checking is performed or not, instead of allowing defaults that are set in the channel or system property to have any effect. New: `container.exists();` explicitly checks for the existence of the underlying CICS container resource. New: `channel.isContainerExistenceCheckingEnabled();` checks if implicit checking for the existence of the underlying CICS container resource is enabled or disabled on future calls to `channel.getContainer` New: `channel.getContainerNames();` returns a list of all the names of existing CICS containers associated with a channel. Deprecated: `ContainerIterator`, `Channel.getContainerIterator`, `Task.getContainerIterator`
IsCICS	New: getApiStatus (boolean lateBind); set `lateBind` to `true` if late binding to a CICS transaction is to be performed for current task and status is currently CICS_REGION_BUT_API_DISALLOWED.

Changes to Liberty features

Table 8. Newly-supported Liberty features in CICS TS 6.1
Feature	6.1
`batchSMFLogging-1.0`	NEW: Collects SMF 120 information about Java batch jobs
`collectiveController-1.0`	NEW: Allows a server to become the controller for a management collective.
`collectiveMember-1.0`	NEW: Enables a server to be a member of a management collective.
`clusterMember-1.0`	NEW: Allows a collective member to participate in a static cluster.
`dynamicRouting-1.0`	NEW: Enables a server to run a REST service to which the WebSphere® plug-in for Apache and IHS can connect to dynamically route to all servers in the liberty collective.
`healthAnalyzer-1.0`	NEW: Provides health data collection for the health manager.
`healthManager-1.0`	NEW: Provides health monitoring and automatic actions based on health policies.
`microProfile6.0` `microProfile6.1`	NEW: Combines the Liberty features that support MicroProfile 6.0 and MicroProfile 6.1.
`zosRequestLogging-1.0`	NEW: Collects HTTP request information and writes an SMF 120 record for each request

Changes to JVM server profile options

No changes in CICS TS 6.1.

Changes to JVM system properties

Table 9. Changes to JVM system properties in CICS TS 6.1
Property	6.1
com.ibm.ws.zos.core.angelRequiredServices	NEW: Specifies which z/OS authorized services should be checked to see if they are available to the Liberty server being started.
com.ibm.cics.jvmserver.wlp.security.subject.create	NEW: Allows the user to turn off Java™ security subject creation when performing a `LINK` to Liberty.
com.ibm.cics.server.container.existence.checking.default	NEW: Allows the user to turn off explicit checking for the existence of underlying CICS container resources performed as default by `channel.getContainer(...)` calls.
com.ibm.cics.jvmserver.wlp.server.keystore.location	ServiceNEW (APAR PH55288): For Liberty and CMCI JVM servers only. Overrides the default Liberty keystore configuration.
com.ibm.cics.jvmserver.wlp.server.keystore.type	ServiceNEW (APAR PH55288): For Liberty and CMCI JVM servers only. Overrides the type in the Liberty keystore configuration.
com.ibm.cics.jvmserver.wlp.wab	DEPRECATED: This property is no longer respected and can be removed from the JVM profile. CICS automatically installs the `wab-1.0` feature when `servlet-3.1` or below is installed, and removes it when `servlet-4.0` or higher is installed.

Changes to context containers

Table 10. Changes to the context containers used in a PIPELINE
Container	6.1
DFHWS-URIMAP	NEW: In a requester PIPELINE, DFHWS-URIMAP contains the 8-character name of the URIMAP used on the INVOKE SERVICE command, or 8 blanks if a URIMAP was not specified. For a provider PIPELINE, DFHWS-URIMAP contains the 8-character name of the URIMAP that matched the inbound request. You cannot change the contents of this container.

Changes to the CICS assistants

No changes in this release.

Changes to SIT parameters

Table 11. Changes to system initialization parameters in CICS TS 6.1
SIT	6.1
CPSMCONN	CHANGED: New option SMSSJ. CPSMCONN=SMSSJ initializes a single CICS region that is not part of a CICSplex as a CICS System Management Single Server (SMSS) and automatically creates a Liberty JVM server named EYUCMCIJ as the CMCI JVM server of the region.
DTRPGM	CHANGED: When DTRPGM=NONE is specified, no routing program is invoked. If you are using a routing program with the name of NONE, you must rename the program and change the DTRPGM setting accordingly.
ENCRYPTION	REMOVED: With the changes to enable support of TLS 1.3, the need for the ENCRYPTION parameter is removed.
EPCDSASZE	NEW: Specifies the size of the EPCDSA dynamic storage area.
EPUDSASZE	NEW: Specifies the size of the EPUDSA dynamic storage area.
KEYRING	Service CHANGED with APAR: APAR PH49261: The parameter accepts more formats of key ring names, which allows you to specify key rings that are not owned by the region user ID.
MINTLSLEVEL	CHANGED: Option TLS13 is added. Options TLS10 and TLS10ONLY are removed. Option TLS11 is stabilized.
MAXTLSLEVEL	NEW: MAXTLSLEVEL defines the maximum level of TLS currently in operation. Review the Enabling TLS 1.3 in CICS documentation before enabling TLS 1.3 on your system.
PCDSASZE	NEW: Specifies the size of the PCDSA dynamic storage area.
PUDSASZE	NEW: Specifies the size of the PUDSA dynamic storage area.
RESOVERRIDES	NEW: Specifies the name of the resource overrides file.
SDTMEMLIMIT	NEW: Specifies a limit to the amount of storage above the bar that is available for shared data tables to use for control information (entry descriptors, backout elements, and index nodes).

Changes to CICS storage

Table 12. Changes to CICS storage in CICS TS 6.1
Storage area	6.1
ETDSA	REMOVED: Any storage that was allocated from this DSA is now allocated from the ECDSA.
PCDSA, PUDSA, EPCDSA, and EPUDSA	NEW: To enable the allocation of storage that is not protected from instruction execution. These DSAs have new subpools and some subpools that have moved from the CSDA, SDSA and their equivalent extended DSAs. See CICS dynamic storage areas (DSAs).
Subpools LDPGM, LDEPGM, LDRES, LDERES, LDNRS, LDENRS, LDNUC, and LDENUC	CHANGED: These subpools are now allocated in PCSDA, PUDSA, and their equivalent extended DSAs.
CDSA, SDSA, ECDSA, ESDSA locations	CHANGED: Loader Domain functions ACQUIRE_PROGRAM, RELEASE_PROGRAM, INQUIRE_PROGRAM, GET_NEXT_PROGRAM, GET_NEXT_INSTANCE, and IDENTIFY_PROGRAM return the location of the program to the caller. These locations will change, the CDSA will become the PCDSA, the ECDSA will become the EPCDSA, the SDSA will become the PUDSA and the ESDSA will become the EPUDSA. Although the names of the DSA equated have changed, the equate values have not changed.

Changes to feature toggles

Table 13. Changes to feature toggles in CICS TS 6.1
Feature toggle	6.1
`com.ibm.cics.container.hash={true\|false}`	REMOVED: Hashing always used.
`com.ibm.cics.cpsm.bas.largecicsplex={true\|false}`	CHANGED: The default is changed from true to false.
`com.ibm.cics.cpsm.bas.syslinkonly={true\|false}`	Service NEW (APAR PH64941): Allows you to specify that only SYSLINK resources will be installed, and that RESDESC resources should not be installed during BAS automatic resource installation.
`com.ibm.cics.cpsm.wlm.surgeresist={true\|false}`	NEW: When applied to CICSPlex® SM WLM routing regions, this feature toggle takes effect for the QUEUE and GOAL WLM algorithms when using CICSPlex SM sysplex optimized workload routing. It has no effect when applied to target regions. When the feature toggle is set to true, surges of extremely high frequency, short duration transactions can be mitigated by reducing the likelihood that recently selected target regions are reselected. Enabling this feature toggle increases the average routing cost per transaction, but restores the routing behavior of CICSPlex SM at CICS TS 5.6 before APAR PH30768 is applied. See Changes to CICSPlex SM sysplex optimized workload routing behavior.
`com.ibm.cics.db2.origindata={true\|false}`	Service NEW (APAR PH52668): Gives you the option to disable the passing of adapter origin data to Db2® for adapter tracking.
`com.ibm.cics.db2.sharelocks={true\|false}`	REMOVED: Replaced by DB2ENTRY attribute SHARELOCKS.
`com.ibm.cics.ds.freeussprocesses={true\|false}`	Service NEW (APAR PH56193): Handling of USS processes. Intended for use only under guidance from IBM service personnel.
`com.ibm.cics.resourceoverrides.file={name.yaml}`	REMOVED: Replaced by RESOVERRIDES system initialization parameter. See RESOVERRIDES system initialization parameter.
`com.ibm.cics.sm.iep={true\|false}`	NEW: Enables instruction execution protection for certain CICS DSAs. See Instruction execution protection.
`com.ibm.cics.tls.minimumkeystrength={1024\|2048}`	Service NEW (APAR PH51719): Sets the minimum key size allowed during TLS handshakes.
`com.ibm.cics.web.defaultcipherfile={true\|false}`	NEW: Use defaultciphers.xml as a default set of ciphers for outbound web requests. See Default cipher file for outbound web requests. Service CHANGED (APAR PH60212): Extended to apply to URIMAP resources with no ciphers specified.
`com.ibm.cics.web.dnscache={true\|false}`	Service NEW (APAR PH63454): Allows disabling of the URIMAP DNS cache at the region level.
`com.ibm.cics.web.hsts.includesubdomains.TCPIPS={true\|false}`	Service NEW (APAR PH55370): Controls whether to extend HTTP strict transport security (HSTS) to sub-domains of the specified TCPIPSERVICE.
`com.ibm.cics.web.hsts.max-age.TCPIPS={seconds\|-1}`	Service NEW (APAR PH55370): Sets HSTS for an individual TCPIPSERVICE to override the region wide setting.
`com.ibm.cics.web.hsts.includesubdomains={true\|false}`	Service NEW (APAR PH55370): Controls whether to extend HSTS to the sub-domains of the CICS server.
`com.ibm.cics.web.hsts.max-age=seconds`	Service NEW (APAR PH55370): Activates and sets HSTS for a CICS region.

Changes to resource definitions

Table 14. Changes to resource definitions in CICS TS 6.1
Resource	6.1
URIMAP	CHANGED: Added support for enabling multiple client URIMAPs that point to the same endpoint (that is, the same host, port and path) in a CICS region.
DFHWSATH, DFHWSATR, DFHWSATX and DFHPIRS program definitions	CHANGED: These program definitions are moved from group DFHWSAT to group DFHPIPE. You no longer need to install your own versions of these program definitions because DFHPIPE is part of DFHLIST.
URIMAP definition DFHRSURI	CHANGED: URIMAP DFHRSURI now specifies TRANSCTION(CPIW) instead of CPIH. If you are using a customized version of DFHRSURI that no longer specifies TRANSACTION(CPIH), no action is needed and you can continue to use your customized DFHRSURI unchanged. However, if the CSD is being shared with a back level region, see Changes to resource definitions to determine if any action is necessary.

Changes to CICS transactions

Table 15. Changes to CICStransactions in CICS TS 6.1
Transaction	6.1
CDBT	CHANGED: The SPURGE attribute has been changed from SPURGE(NO) to SPURGE(YES).
CEPD	CHANGED: Enhanced to generate an SMF type 110 subtype 1 CICS monitoring record every 2000 events processed by CEPD tasks in the region.
CJSA	CHANGED: The SHUTDOWN attribute has been changed from SHUTDOWN(DISABLED) to SHUTDOWN(ENABLED).
CJSU	CHANGED: The SHUTDOWN attribute has been changed from SHUTDOWN(DISABLED) to SHUTDOWN(ENABLED).
CLGR	NEW: Category 1 transaction for automatic recovery of CICS user journals.
CPIW	NEW: Category 2 transaction to handle WS-AT protocol messages. It is a direct clone of CPIH. URIMAP DFHRSURI now specifies TRANSCTION(CPIW) instead of CPIH.
CSGM	CHANGED: Moved from a category 2 to a category 3 transaction to match CESL and CESN.

Changes to CEMT

Table 16. Changes to CEMT in CICS TS 6.1
Command	6.1
CEMT INQUIRE DB2ENTRY	CHANGED: New option SHARELOCKS indicates whether CICS will pass an XID to Db2 to allow Db2 to share locks with any other thread that passes the same XID.
CEMT INQUIRE DSAS	CHANGED: New options PCDSASIZE, PUDSASIZE, EPCDSASIZE, EPUDSASIZE in support of Instruction Execution Protection. ETDSASIZE is removed.
CEMT INQUIRE SYSTEM	CHANGED: New option SDTMEMLIMIT that shows the maximum amount of storage above the bar that CICS makes available for shared data tables to use for control information (entry descriptors, backout elements, and index nodes). CHANGED: New option SRRTASKS to show number of security request recordings. CHANGED: New option HEALTHCHECK to indicate if health checks are excluded as part of the CICS region tagging capability.
CEMT INQUIRE TASK	CHANGED: New option SRRSTATUS with values of SRRACTIVE and SRRINACTIVE to show the security request recording status of active or inactive.
CEMT SET DB2ENTRY	CHANGED: New option SHARELOCKS sets whether CICS will pass an XID to Db2 to allow Db2 to share locks with any other thread that passes the same XID.
CEMT SET DSAS	CHANGED: The DSAs that are covered by DSALIMIT and EDSALIMIT include the new DSAs that are never protected from instruction execution. ETDSA is removed so no longer included.
CEMT SET SYSTEM	CHANGED: New option SDTMEMLIMIT to set the maximum amount of storage above the bar that CICS makes available for shared data tables to use for control information (entry descriptors, backout elements, and index nodes).
CEMT SET TASK	CHANGED: New option SRRSTATUS with values of SRRACTIVE and SRRINACTIVE to set security request recording status to active or inactive.

Changes to CICS SPI

Table 17. Changes to the system programming interface commands in CICS TS 6.1
Command	6.1
CREATE DB2ENTRY	CHANGED: New option SHARELOCKS to enable CICS to pass an XID to Db2 and instruct Db2 to share locks between threads that pass the same XID.
ENABLE PROGRAM	CHANGED: New options GAEXECUTABLE and TAEXECUTABLE are in support of Instruction Execution Protection.
EXTRACT STATISTICS	CHANGED: New option POLICY combined with new option POLICYRULE to obtain statistics about a policy rule that is contained in a POLICY resource.
INQUIRE ASSOCIATION	CHANGED: Enhanced support for Liberty. The association data user ID value now reflects the final user ID value used in secure Liberty transactions, instead of the initial user ID.
INQUIRE DB2ENTRY	CHANGED: New option SHARELOCKS, indicating whether CICS will pass an XID to Db2 to allow Db2 to share locks with any other thread that passes the same XID.
INQUIRE FEATUREKEY	CHANGED: New option FILEPATH to show the path to the feature toggle configuration file that defines a feature toggle setting that is in effect in the CICS region.
INQUIRE SECRECORDING	NEW: New option to inquire on security data for compliance, configuration, and diagnosis.
INQUIRE POLICY	NEW: To retrieve information about an installed POLICY, or browse through all installed POLICY resources in the region.
INQUIRE POLICYRULE	NEW: To retrieve information about an installed policy rule, or browse through all installed rules contained in a policy.
INQUIRE STORAGE	CHANGED: New values PCSDSA, EPCDSA, PUDSA, and EPUDSA on the DSANAME option, in support of Instruction Execution Protection.
INQUIRE STORAGE64	NEW: To retrieve information about 64-bit task storage.
INQUIRE SUBPOOL	CHANGED: New values PCSDSA, EPCDSA, PUDSA, and EPUDSA on the DSANAME option, in support of Instruction Execution Protection. ETDSA is removed.
INQUIRE SYSTEM	CHANGED: New options HEALTHCHECK, EPCDSA, EPUDSA,PCSDSA, PUDSA, SRRTASKS, and SDTMEMLIMIT. ETDSA is removed.
INQUIRE TAG	NEW: To inquire on CICS region tags applied to the running region.
INQUIRE TASK	CHANGED: New SRRSTATUS option to show the security request recording status of SRRACTIVE or SRRINACTIVE.
PERFORM JVMSERVER	CHANGED: New cvda value STACKTRACE supported for JVMACTION option to allow a stacktrace to be taken for a task running in a JVM server. New option TASKID to specify the sequence number of the task to take a stacktrace of.
SET ASSOCIATION USERCORRDATA	NEW: To overwrite the user correlator data (USERCORRDATA field) of the originating task.
SET DB2ENTRY	CHANGED: New option SHARELOCKS to enable CICS to pass an XID to Db2 and instruct Db2 to share locks between threads that pass the same XID. New INVREQ RESP2 value of 20, indicating that an invalid SHARELOCKS value was specified.
SET SECRECORDING	NEW: New option to inquire on security data for compliance, configuration, and diagnosis.
SET SYSTEM	CHANGED: New option SDTMEMLIMIT to set the maximum amount of storage above the bar that CICS makes available for shared data tables to use for control information (entry descriptors, backout elements, and index nodes).
SET TAGS REFRESH	NEW: To refresh CICS region tags applied to the running region.
SET TASK	CHANGED: New SRRSTATUS option to set the security request recording status to SRRACTIVE or SRRINACTIVE.
SET XMLTRANSFORM	CHANGED: New INVREQ RESP2 value of 8, indicating that the XML schema file for the XMLTRANSFORM cannot be found.

Changes to JVM profiles

Table 18. Changes to JVM profiles in CICS TS 6.1
JVM profile	6.1
EYUCMCIJ.jvmprofile	CHANGED: The supplied sample profile for a CMCI JVM server in a WUI region is changed to add `-Dcom.ibm.ws.zos.core.angelRequiredServices=SAFCRED,PRODMGR,ZOSAIO`.
EYUSMSSJ.jvmprofile	NEW: A new supplied sample profile for a CMCI JVM server in a single CICS region. This new supplied sample profile for a CMCI JVM server in a single CICS region also has the `angelRequiredServices` property set as follows: `-Dcom.ibm.ws.zos.core.angelRequiredServices=SAFCRED,PRODMGR,ZOSAIO`.

Changes to CICS utilities

Table 19. Changes to CICS utilities in CICS TS 6.1
Utility	6.1
DFH0STAT	NEW REPORT: Policy report
DFH0STAT	Data Tables Storage report New fields: Entries + Index - Storage Allocated Entries + Index - Storage In-Use Removed fields: Total - Storage Allocated Total - Storage In-Use
DFH0STAT	Db2 Entries report New field: DB2Entry Share Locks
DFH0STAT	JVMSERVERs report New fields: JVMSERVER code cache memory used JVMSERVER code cache memory alloc JVMSERVER data cache memory used JVMSERVER data cache memory alloc JVMSERVER class storage memory used JVMSERVER class storage memory alloc JVMSERVER classcache size JVMSERVER classcache free
DFH0STAT	Storage below 16 MB (24-bit storage) report New fields: User Region limit established Current User Region storage unallocated Current free storage above User Region limit Changed fields: Private Area size below 16MB: the field name is changed from Private Area Region size below 16MB. Peak LSQA/SWA storage allocated (SYS): the field name is changed from Max LSQA/SWA storage allocated below 16MB (SYS) and its field description is updated accordingly. Peak User Region storage allocated (VIRT): the field name is changed from Max User storage allocated below 16MB (VIRT) and its field description is updated accordingly. Removed fields: Private Area Storage available below 16MB Region size established from REGION= parameter RTM System Use
DFH0STAT	Storage above 16 MB (31-bit storage) report New fields: User Region limit established Current User Region storage unallocated Current free storage above User Region limit Changed fields: Private Area size above 16MB: the field name is changed from Private Area Region size above 16MB Peak LSQA/SWA storage allocated (SYS): the field name is changed from Max LSQA/SWA storage allocated above 16MB (SYS) and its field description is updated accordingly. Peak User Region storage allocated (EXT): the field name is changed from Max User storage allocated above 16MB (EXT) and its field description is updated accordingly. Removed fields: Private Area Storage available above 16MB
DFH0STAT	Storage above 2 GB (64-bit storage) report Removed fields: MEMLIMIT minus allocated to Private Memory Objects MEMLIMIT minus usable within Private Memory Objects
DFH0STAT	TCP/IP report New fields: Maximum parallel TLS handshakes Current parallel TLS handshakes Peak parallel TLS handshakes Maximum waiting TLS handshakes Current waiting TLS handshakes Peak waiting TLS handshakes Inbound: TLS 1.1 Inbound: TLS 1.2 Inbound: TLS 1.3 Inbound: Total Outbound: TLS 1.1 Outbound: TLS 1.2 Outbound: TLS 1.3 Outbound: Total Inbound: AT-TLS SSL 3 Inbound: AT-TLS 1.0 Inbound: AT-TLS 1.1 Inbound: AT-TLS 1.2 Inbound: AT-TLS 1.3 Outbound: AT-TLS SSL 3 Outbound: AT-TLS 1.0 Outbound: AT-TLS 1.1 Outbound: AT-TLS 1.2 Outbound: AT-TLS 1.3 Changed fields: Current number of outbound sockets: Its source field is changed to SOG-CURR-OUTB-SOCKETS. Peak number of outbound sockets: Its source field is changed to SOG-PEAK-OUTB-SOCKETS. Removed fields: SOG-CURR-PERS-OUTB-SOCKETS SOG-PEAK-BOTH-OUTB-SOCKETS SOG-PEAK-PERS-OUTB-SOCKETS SOG-PERS-OUTBOUND-CREATED
DFH0STAT	Temporary Storage report New fields: Current auxiliary storage usage % Peak auxiliary storage usage %
DFH0STAT	Transaction Classes report New field: Last At Max Act
DFHEISUP	CHANGED: DFHEISUP, Load module scanner is changed to be RMODE(ANY) instead of RMODE(24). This change allows DFHEISUP to use 31-bit virtual storage (above 16 MB but below 2 GB).
DFHSTUP	CICS Db2 resource statistics New field: D2R_SHARELOCKS
DFHSTUP	Cipher statistics New fields: Number, which indicates the cipher code TLS Inbound TLS Outbound AT-TLS Inbound AT-TLS Outbound
DFHSTUP	JVMSERVER resource statistics New fields: JVMSERVER code cache memory used JVMSERVER code cache memory alloc JVMSERVER data cache memory used JVMSERVER data cache memory alloc JVMSERVER class storage mem used JVMSERVER class storage mem alloc JVMSERVER classcache size JVMSERVER classcache free
DFHSTUP	TCP/IP global statistics New fields: Maximum parallel TLS handshakes Current parallel TLS handshakes Peak parallel TLS handshakes Maximum waiting TLS handshakes Current waiting TLS handshakes Peak waiting TLS handshakes New fields showing TLS protocol handshakes: Inbound: TLS 1.1 Inbound: TLS 1.2 Inbound: TLS 1.3 Inbound: Total Outbound: TLS 1.1 Outbound: TLS 1.2 Outbound: TLS 1.3 Outbound: Total Inbound: AT-TLS SSL 3 Inbound: AT-TLS 1.0 Inbound: AT-TLS 1.1 Inbound: AT-TLS 1.2 Inbound: AT-TLS 1.3 Outbound: AT-TLS SSL 3 Outbound: AT-TLS 1.0 Outbound: AT-TLS 1.1 Outbound: AT-TLS 1.2 Outbound: AT-TLS 1.3 Inbound: Full Inbound: Abbreviated Outbound: Full Outbound: Abbreviated Changed fields: SOG_CURR_OUTB_SOCKETS: Its DFHSTUP name is changed to Current number of outbound sockets. SOG_PEAK_OUTB_SOCKETS: Its DFHSTUP name is changed to Peak number of outbound sockets. Removed fields: SOG_CURR_PERS_OUTB_SOCKETS SOG_PEAK_BOTH_OUTB_SOCKETS SOG_PEAK_PERS_OUTB_SOCKETS SOG_PERS_OUTBOUND_CREATED
DFHSTUP	Temporary storage global statistics New fields: Current aux. temp storage usage % Peak aux. temp storage usage %
DFHSTUP	Transaction class resource statistics New fields: First at Max Act Last at Max Act

Changes to GLUEs and TRUEs

Table 20. Changes to global user exits and task-related user exits in CICS TS 6.1
Exit	6.1
XSNEX	REMOVED

Changes to XPI functions

Table 21. Changes to XPI functions in CICS TS 6.1
Command	6.1
Parameter domain (INQUIRE_FEATUREKEY)	CHANGED: New option FILEPATH.
Program management The INQUIRE_PROGRAM call	CHANGED: DFHPGISY LOCATION equates that can be used on INQUIRE_PROGRAM calls: PGIS_CDSA, PGIS_SDSA, PGIS_ECDSA and PGIS_ESDSA are replaced by PGIS_PCDSA, PGIS_PUDSA, PGIS_EPCDSA and PGIS_EPUDSA.
Program management The GET_NEXT_PROGRAM call	CHANGED: DFHPGISY LOCATION equates that can be used on GET_NEXT_PROGRAM calls: PGIS_CDSA, PGIS_SDSA, PGIS_ECDSA and PGIS_ESDSA are replaced by PGIS_PCDSA, PGIS_PUDSA, PGIS_EPCDSA and PGIS_EPUDSA.
Storage management (GETMAIN)	NEW: EXECUTABLE option in support of Instruction Execution Protection.
Storage management (INQUIRE_ELEMENT_LENGTH)	NEW: ADDRESS64, ELEMENT_ADDRESS64, and ELEMENT_LENGTH64 options.
Storage management (INQUIRE_TASK_STORAGE64)	NEW: New XPI call to request details of all elements of task-lifetime 64-bit storage belonging to a task.

Changes to user-replaceable programs

No changes in CICS TS 6.1.

Changes to control tables

No changes in CICS TS 6.1.

Changes to event processing adapters and formats

No changes in CICS TS 6.1.

Changes to installation and definition of CICSPlex SM

The record size of EYUHIST* data sets has increased from RECORDSIZE(3680 3684) to RECORDSIZE(3748 3752). The EYUJHIST sample has been updated to reflect this change.

Changes to configuration and initialization of CICSPlex SM

Table 22. Changes to CICSPlex SM system parameters (EYUPARM) in CICS TS 6.1
EYUPARM parameter	6.1
	No changes in CICS TS 6.1.

Table 23. Changes to CICSPlex SM WUI server initialization parameters (EYUWUI) in CICS TS 6.1
EYUWUI parameter	6.1
TCPIPHOSTNAME	Service DEPRECATED (APAR PH48544): The hostname of the WUI server is the name of the host where the WUI is executing. It is no longer set by the TCPIPHOSTNAME WUI initialization parameter. The WUI uses relative URLs, and not embedded host names. TCPIPHOSTNAME is still required, but the value is ignored. This parameter is retained for compatibility and will be removed in a later release.
TCPIPHTTPHOST	Service DEPRECATED (APAR PH48544): The hostname of the WUI server is the name of the host where the WUI is executing. The WUI uses relative URLs, and not embedded host names. If a value is specified on TCPIPHTTPHOST, it is ignored. This parameter is retained for compatibility and will be removed in a later release.

Table 24. Changes to CMCI in CICS TS 6.1
Change	6.1
Enhancements to the CMCI GraphQL API	CHANGED: Added support for the following resources: CSDINLST SECREC SYSTAG

Changes to CICSPlex SM behavior and operation

Table 25. Changes to CICSPlex SM behavior and operation in CICS TS 6.1
CICSPlex SM feature	6.1
CICSPlex SM workload management	CHANGED: CICSPlex SM workload management factors z/OS MVS SOS conditions into its routing algorithm, in the same way as it does for CICS-managed storage SOS conditions. The default behavior of CICSPlex SM workload management routing algorithms has been updated to increase the likelihood that work is routed to healthy, local target regions. This change applies only to the QUEUE and GOAL algorithms, not to the link neutral variants (LNQUEUE and LNGOAL). See Changes to CICSPlex SM sysplex optimized workload routing behavior for details.

Changes to CICSPlex SM resource tables

Enhancements to CICSPlex SM resource tables are typically populated to related CICSPlex SM views. In Table 26, where applicable, the changed CICSPlex SM views are also listed.

Table 26. Changes to the resource tables provided by CICSPlex SM in CICS TS 6.1
Resource table	Related view	6.1
CICSRGN	CICS region (CICSRGN) view	CHANGED: New resource table attribute SDTMEMLIMIT
DB2EDEF	DB2® entry definition (DB2EDEF) view	CHANGED: New resource table attribute SHARELOCKS
DB2ENTRY	DB2 entries (DB2ENTRY) view	CHANGED: New resource table attribute SHARELOCKS
DSNAME	Physical data sets for files (DSNAME) view	REMOVED actions: QUIESE is replaced by QUIESCE. UNQUIESE is replaced by UNQUIESCE. IMMQUIESE is replaced by IMMQUIESCE.
EMASSICK	Not applicable	CHANGED: New values SOSMVS24, SOSMVS31 and SOSMVS64 added to SICKTYPE output valid values New resource table attributes SOSMVS24_TIM, SOSMVS31_TIM and SOSMVS64_TIM
EMASWELL	Not applicable	CHANGED: New values SOSMVS24, SOSMVS31 and SOSMVS64 added to SICKTYPE output valid values New resource table attributes SOSMVS24_TIM, SOSMVS31_TIM and SOSMVS64_TIM
EMSTATUS	Not applicable	CHANGED: New values SOSMVS24, SOSMVS31 and SOSMVS64 added to SICKTYPE output valid values New resource table attributes SOSMVS24_TIM, SOSMVS31_TIM and SOSMVS64_TIM
FEATURE	Not applicable	CHANGED: New resource table attribute FILEPATH
RULE	Not applicable	CHANGED: New values transactionDump and containerstorage added to RULETYPE field. Attributes COUNT and TIME are changed to indicate the values since the region started instead of within the current statistics interval. New resource table attributes COUNTSTAT and TIMESTAT are added to indicate the values within the current statistics interval.
SECREC	Not applicable	NEW: Resource table for CICS security request recording data
TCPIPGBL	Not applicable	DEPRECATED: The following attributes are deprecated in CICS TS 6.1 but are retained for compatibility with earlier CICS releases: SOG_CURR_PERS_OUTB_SOCKETS SOG_PEAK_BOTH_OUTB_SOCKETS SOG_PEAK_PERS_OUTB_SOCKETS SOG_PERS_OUTBOUND_CREATED
TRANCLAS	Transaction class (TRANCLAS) view	CHANGED: New resource table attribute LASTATMAX

Changes to CICS monitoring

Table 27. Changes to monitoring data in CICS TS 6.1
Data	6.1
Exception class data	CHANGED: New exception resource type DSWC, which has the following possible EXCMNRID values: S8TLSHS: The maximum number of concurrent TLS handshakes has been reached. XSPSWVFY: The maximum concurrent calls to RACF in the region has been reached. New exception resource type CONTAINR, which means that the threshold of a container storage policy task rule has been exceeded. New exception resource type TRANDUMP, which means that the threshold of a transaction dump threshold policy system rule has been exceeded.
Performance data in group DFHCICS	CHANGED: Enhanced to provide association data of DPL requests by EXCI clients. If a task was initiated by an EXCI client, in the performance record of the DPL request, field 374 (PHAPPLID) contains the EXCI job name, field 378 (PHCOUNT) contains a value of 1, and field 376 (PHTRANNO) has a value of 0. The data is populated to transaction resource class data and identity class data. Field 089 (USERID) is changed for Liberty such that the user ID value now reflects the final user ID value used in secure Liberty transactions, instead of the initial user ID.
Performance data in group DFHSOCK	CHANGED: NEW FIELDS: 457 SOTLSLVL is available to identify the TLS level selected during the initial handshake for use on the inbound connection. 458 SOFLAG is available to identify the socket flags, a string of 32 bits used for socket status information. CHANGED FIELDS: 290 SOCNPSCT is clarified as a data field that indicates the total number of requests made by the user task to create an outbound socket. 292 SONPSHWM is clarified as a data field that indicates the peak number of outbound sockets owned by the user task. REMOVED FIELDS: 291 SOCPSCT 293 SOPSHWM
Transaction resource class data: Listing of data fields	CHANGED: New URIMAP entry field MNR_URIMAP_TLSLVL is available to identify the TLS level selected during the initial handshake for use on an outbound connection. New URIMAP entry field MNR_URIMAP_FLAG is available to identify whether CICS-configured or AT-TLS was used for the outbound connection.

Changes to statistics

Table 28. Changes to statistics in CICS TS 6.1
Statistics	6.1
CICS Db2	NEW FIELD: D2R_SHARELOCKS, with DFHSTUP name Share Locks, added to CICS Db2 resource statistics, indicating whether CICS will pass an XID to Db2 to allow Db2 to share locks with any other thread that passes the same XID.
Ciphers	NEW FIELDS showing the ciphers in use: SOC_CIPHER, with DFHSTUP name Number, indicating the cipher code SOC_TIMES_CICS_INB_USED, with DFHSTUP name TLS Inbound SOC_TIMES_CICS_OUTB_USED, with DFHSTUP name TLS Outbound SOC_TIMES_ATTLS_INB_USED, with DFHSTUP name AT-TLS Inbound SOC_TIMES_ATTLS_OUTB_USED, with DFHSTUP name AT-TLS Outbound
JVMSERVER	NEW FIELDS showing the memory currently used and allocated to the JIT code cache memory pool: SJS_JVMSERVER_CODE_CACHE_USED, with DFHSTUP name JVMSERVER code cache memory used SJS_JVMSERVER_CODE_CACHE_ALLOC, with DFHSTUP name JVMSERVER code cache memory alloc NEW FIELDS showing the memory currently used and allocated to the JIT data cache: SJS_JVMSERVER_DATA_CACHE_USED, with DFHSTUP name JVMSERVER data cache memory used SJS_JVMSERVER_DATA_CACHE_ALLOC, with DFHSTUP name JVMSERVER data cache memory alloc NEW FIELDS showing the memory currently used and allocated to the JVM class storage memory pool: SJS_JVMSERVER_CLASS_STRG_USED, with DFHSTUP name JVMSERVER class storage mem used SJS_JVMSERVER_CLASS_STRG_ALLOC, with DFHSTUP name JVMSERVER class storage mem alloc NEW FIELDS showing the size limit and current free space of the JVM's shared class cache: SJS_JVMSERVER_CLASSCACHE_SIZE, with DFHSTUP name JVMSERVER classcache size SJS_JVMSERVER_CLASSCACHE_FREE, with DFHSTUP name JVMSERVER classcache free
TCP/IP domain	NEW FIELDS added to TCP/IP global statistics, showing the maximum, current and peak numbers of TLS handshakes running in parallel: SOG_S8TLSHS_REQUESTS_MAX, with DFHSTUP name Maximum parallel TLS handshakes SOG_S8TLSHS_REQUESTS_CUR, with DFHSTUP name Current parallel TLS handshakes SOG_S8TLSHS_REQUESTS_PEAK, with DFHSTUP name Peak parallel TLS handshakes
TCP/IP domain	NEW FIELDS added to TCP/IP global statistics, showing the maximum, current and peak numbers of TLS handshakes in waiting: SOG_S8TLSHS_WAITERS_MAX, with DFHSTUP name Maximum waiting TLS handshakes SOG_S8TLSHS_WAITERS_CUR, with DFHSTUP name Current waiting TLS handshakes SOG_S8TLSHS_WAITERS_PEAK, with DFHSTUP name Peak waiting TLS handshakes
TCP/IP domain	NEW FIELDS added to TCP/IP global statistics, showing the total number of established inbound connections that have used CICS configured TLS protocol during the interval through, which can come from TCPIPSERVICE with SSL(YES) or SSL(CLIENTAUTH): SOG_TIMES_CICSTLS11_INB_USED, with DFHSTUP name Inbound: TLS 1.1 SOG_TIMES_CICSTLS12_INB_USED, with DFHSTUP name Inbound: TLS 1.2 SOG_TIMES_CICSTLS13_INB_USED, with DFHSTUP name Inbound: TLS 1.3 SOG_TIMES_CICSTLSALL_INB_USED, with DFHSTUP name Inbound: Total
TCP/IP domain	NEW FIELDS added to TCP/IP global statistics, showing the total number of established outbound connections that have used CICS configured TLS protocol during the interval, which can come from URIMAP with USAGE(CLIENT) SCHEME(HTTPS) or WEB OPEN SCHEME(HTTPS): SOG_TIMES_CICSTLS11_OUTB_USED, with DFHSTUP name Outbound: TLS 1.1 SOG_TIMES_CICSTLS12_OUTB_USED, with DFHSTUP name Outbound: TLS 1.2 SOG_TIMES_CICSTLS13_OUTB_USED, with DFHSTUP name Outbound: TLS 1.3 SOG_TIMES_CICSTLSALL_OUTB_USED, with DFHSTUP name Outbound: Total
TCP/IP domain	NEW FIELDS added to TCP/IP global statistics, showing the total number of established inbound connections that have used AT-TLS protocol during the interval, which can come from TCPIPSERVICE with SSL(ATTLSAWARE) or SSL(NO): SOG_TIMES_ATSSL3_INB_USED, with DFHSTUP name Inbound: AT-TLS SSL 3 SOG_TIMES_ATTLS10_INB_USED, with DFHSTUP name Inbound: AT-TLS 1.0 SOG_TIMES_ATTLS11_INB_USED, with DFHSTUP name Inbound: AT-TLS 1.1 SOG_TIMES_ATTLS12_INB_USED, with DFHSTUP name Inbound: AT-TLS 1.2 SOG_TIMES_ATTLS13_INB_USED, with DFHSTUP name Inbound: AT-TLS 1.3
TCP/IP domain	NEW FIELDS added to TCP/IP global statistics, showing the total number of established outbound connections that have used AT-TLS protocol during the interval, which can come from URIMAP with USAGE(CLIENT) SCHEME(HTTP) or WEB OPEN SCHEME(HTTP): SOG_TIMES_ATSSL3_OUTB_USED, with DFHSTUP name Outbound: AT-TLS SSL 3 SOG_TIMES_ATTLS10_OUTB_USED, with DFHSTUP name Outbound: AT-TLS 1.0 SOG_TIMES_ATTLS11_OUTB_USED, with DFHSTUP name Outbound: AT-TLS 1.1 SOG_TIMES_ATTLS12_OUTB_USED, with DFHSTUP name Outbound: AT-TLS 1.2 SOG_TIMES_ATTLS13_OUTB_USED, with DFHSTUP name Outbound: AT-TLS 1.3
TCP/IP domain	NEW FIELDS added to TCP/IP global statistics, showing the total number of CICS-configured TLS full and abbreviated handshakes for inbound and outbound connections: SOG_HANDSHAKES_FULL_INB, with DFHSTUP name Inbound: Full SOG_HANDSHAKES_ABBREV_INB, with DFHSTUP name Inbound: Abbreviated SOG_HANDSHAKES_FULL_OUTB, with DFHSTUP name Outbound: Full SOG_HANDSHAKES_ABBREV_OUTB, with DFHSTUP name Outbound: Abbreviated
TCP/IP domain	CHANGED FIELDS: The following fields in TCP/IP global statistics have their DFHSTUP names changed to clarify their use: SOG_CURR_OUTB_SOCKETS - its DFHSTUP name is changed to Current number of outbound sockets. SOG_PEAK_OUTB_SOCKETS - its DFHSTUP name is changed to Peak number of outbound sockets.
TCP/IP domain	REMOVED FIELDS: The following fields have been removed from TCP/IP global statistics: SOG_CURR_PERS_OUTB_SOCKETS SOG_PEAK_BOTH_OUTB_SOCKETS SOG_PEAK_PERS_OUTB_SOCKETS SOG_PERS_OUTBOUND_CREATED
Temporary storage	NEW FIELDS added to Temporary storage global statistics, showing the current and peak percentage of auxiliary temporary storage being used: TSGASU, with DFHSTUP name Current aux. temp storage usage % TSGASUPK, with DFHSTUP name Peak aux. temp storage usage %
Transaction class	NEW FIELD showing the last time in UTC, in store clock (STCK) value, that the transaction class has reached its maximum number of transactions that are allowed to be active. XMCGAMA, with DFHSTUP name Last At MaxAct

Changes to CICS messages

DFHnnnn

Removed:

DFH7040
DFH7049
DFH7051
DFH7052
DFH7056
DFH7062
DFH7064
DFH7068 through DFH7073
DFH7079
DFH7081
DFH7087
DFH7088
DFH7090 through DFH7098
DFH7202
DFH7203
DFH7211
DFH7212
DFH7214
DFH7223
DFH7224
DFH7227
DFH7231
DFH7234
DFH7236
DFH7265
DFH7266

DFHAMnnnn

New:

DFHAM4968I indicates that one or more attributes of a resource were overridden.
DFHAM4969E indicates that a resource failed to install because overrides resulted in an invalid resource definition.
DFHAM4970I indicates that an override was applied to a resource definition attribute.
DFHAM4971E indicates that resource overrides applied during GRPLIST installation resulted in invalid resource definitions.
DFHAM4972E indicates that a resource override action is not valid because an attribute is null.
DFHAM4973E indicates that a resource override action makes an attribute too long.
DFHAM4990E indicates the deletion of a resource definition failed because it is a protected definition.

DFHAPnnnn

New:

DFHAP2001 identifies a copy member required for a PLT which was not located.
DFHAP0007E indicates a mismatch in Instruction Execution Protection settings between CICS and LE.

DFHCAnnnn

New:

DFHCA4968I indicates that one or more attributes of a resource were overridden.
DFHCA4969E indicates that a resource failed to install because overrides resulted in an invalid resource definition.
DFHCA4970I indicates that an override was applied to a resource attribute.
DFHCA4972E indicates that a resource override action is not valid because an attribute is null.
DFHCA4973E indicates that a resource override action makes an attribute too long.

DFHDUnnnn

New:

DFHDU0104 indicates that a dumpcode has been added.
DFHDU0105 indicates that a dumpcode has been replaced.
DFHDU0106 indicates that a dumpcode has been discarded.

DFHFCnnnn

New:

DFHFC0418 indicates that initialization of shared data tables failed because an attempt was made to set SDTMEMLIMIT to a value greater than 40% of MEMLIMIT.
DFHFC0433 indicates that the amount of above-the-bar storage used by Shared Data Tables has reached a certain percentage (75% or more) of the SDTMEMLIMIT storage.
DFHFC0434 indicates that the amount of above-the-bar storage used by Shared Data Tables has fallen below 70% of the SDTMEMLIMIT storage.

DFHHCnnnn

New:

DFHHC0104W indicates that the CICS Health Checker encountered an unexpected error.

DFHHnnnn

New:

DFHH0004 indicates one or more region configuration parameters are not optimally set.
DFHH0005 indicates one or more resource configuration parameters is not optimally set.
DFHH0006 indicates one or more USS file access permission settings is not optimally set.
DFHH0007 indicate one or more resource security related SIT parameters are not optimally set.
DFHH0304 indicate all region configuration parameters are correctly set.
DFHH0305 indicates all resource configuration parameters are correctly set.
DFHH0306 indicates that all relevant USS files are correctly secured.
DFHH0307 indicates that all resource security SIT parameters are correctly set.
DFHH0401 indicates SEC=NO has been specified as a SIT parameter.
DFHH0402 indicates XTRAN=NO has been specified as a SIT parameter.
DFHH0403 indicates XUSER=NO has been specified as a SIT parameter.
DFHH0404 indicates CONFDATA=SHOW has been specified.
DFHH0405 indicates MINTLSLEVEL is too low.
DFHH0406 indicates HTTPSERVERHDR or HTTPSUSRAGENT or both are set to YES.
DFHH0407 indicates CWA (Common Work Area) storage is not CICS key.
DFHH0409 indicates RESSEC has been set to ASIS.
DFHH0410 indicates RACFSYNC has been set to NO.
DFHH0411 indicates DFLTUSER or KERBEROSUSER is same as region userid.
DFHH0412 indicates GMTRAN allows users access to the default screen.
DFHH0413 indicates it is possible to revoke the REGION userid.
DFHH0414 indicates XCMD=NO has been specified.
DFHH0501 indicates the default user can run sensitive transactions.
DFHH0502 indicates default URM DFHISAIP is being used with IPIC TCPIPSERVICEs.
DFHH0503 indicates clones of one or more sensitive transactions are installed.
DFHH0504 indicates AUTHENTICATE no or basic is used for non-SSL TCPIPSERVICES.
DFHH0601 indicates unauthorized access to USSCONFIG is allowed.
DFHH0602 indicates unauthorized access to JVMPROFILE is allowed.
DFHH0603 indicates unauthorized access to bundle files is allowed.
DFHH0701 indicates XPCT=NO has been specified.
DFHH0702 indicates XDCT=NO has been specified.
DFHH0703 indicates XDB2=NO has been specified and Db2 could be used.
DFHH0704 indicates XJCT=NO has been specified.
DFHH0705 indicates XPPT=NO has been specified
DFHH0706 indicates XTST=NO has been specified.
DFHH0707 indicates XFCT=NO has been specified.
DFHH0708 indicates XHFS=NO and at least one URIMAP uses static data.

Changed:

Service DFHH0504 (APAR PH64997) is changed to indicate that non-SSL TCPIPSERVICEs are in use.

DFHISnnnn

New:

Service DFHIS2013 (APAR PH53315) indicates the server APPLID that is used in a High Availability (HA) IPCONN connection.

DFHLGnnnn

New:

DFHLG0515 indicates that the maximum number of attempts to recover CICS user journals has been reached.
DFHLG0516 indicates that the current instance of CLGR failed to automatically recover CICS user journals.

DFHMPnnnn

Changed:

DFHMP2006 is issued for a failed installation of a compound condition system rule.
Service DFHMP3001 to DFHMP3018 (APAR PH62711) are issued to Console as an additional destination.

DFHMQnnnn

New:

DFHMQ0224E indicates that CKAM failed to link to DFHMQMNS.
Service DFHMQ0797E (APAR PH47961) is issued when temporary storage queue DFHCKBR is required but its TSMODEL definition has not been defined or installed in the system.

Changed:

DFHMQ0107I is enhanced to include the name of the MQMONITOR in the message text if an MQMONITOR is associated with the CKTI that has been requested to end.
DFHMQ0129E is enhanced to include the name of the MQMONITOR in the message text if an MQMONITOR is associated with the CKTI that has been terminated because of an unrecoverable abend.
DFHMQ0700I is enhanced to include the name of the MQMONITOR in the message text if an MQMONITOR is associated with the CICS-MQ bridge that is in the progress of initialization.
DFHMQ0704E is enhanced to include the name of the MQMONITOR in the message text if an MQMONITOR is associated with the CICS-MQ bridge that issued the error for the call.
DFHMQ0713I is enhanced to include the name of the MQMONITOR in the message text if an MQMONITOR is associated with the CICS-MQ bridge that has terminated normally.
DFHMQ0750E is enhanced to include the name of the MQMONITOR in the message text if an MQMONITOR is associated with the CICS-MQ bridge that has terminated abnormally due to an unexpected condition.

DFHPAnnnn

New:

DFHPA2001E indicates insufficient 64-bit storage to process resource overrides.
DFHPA2002I indicates that the resource overrides file is being read.
DFHPA2003E indicates that resource overrides file could not be found.
DFHPA2004E indicates that the resource overrides file could not be opened.
DFHPA2005E indicates that the resource overrides file could not be read.
DFHPA2007E indicates that the USSCONFIG value cannot be determined.
DFHPA2008E indicates that the resource overrides file is too large.
DFHPA2009E indicates insufficient 31-bit storage to process resource overrides.
DFHPA2011E indicates that the RESOVERIDES system initialization parameter specifies an invalid resource overrides file name

DFHPInnnn

New:

DFHPI0518 indicates that the CICS pipeline manager trust handler, DFHPITC, fails to find the required credentials in a web service request.

DFHRLnnnn

New:

Service DFHRL0137I (APAR PH58296) is issued when all GRPLIST defined BUNDLE resources have reached their target initial status.
Service DFHRL0138W (APAR PH58296) is issued when one or more GRPLIST defined BUNDLE resources have failed to reach their target initial status.

Changed:

DFHRL2013 is enhanced to report the name of the CMAS that DFHDPLOY is connected through.

DFHRMnnnn

New:

DFHRM0240 indicates the local log name that is set during CICS initialization and sent to a remote system when CICS establishes an APPC or IRC connection.
DFHRM0241 indicates a log name that has been set for an APPC or IRC connection.
DFHRM0242 indicates a log name that has been deleted for an APPC or IRC connection.

DFHRVnnnn

New:

DFHRV0002 indicates that a severe error (code X'code') occurred in a module.
DFHRV1000E indicates that the resource overrides file failed to parse.
DFHRV1001W indicates that an override rule is for an obsolete resource type.
DFHRV1002E indicates that an override rule specifies an invalid resource name.
DFHRV1003E indicates that an override rule specifies an invalid attribute.
DFHRV1004E indicates that an override rule specifies an invalid attribute value.
DFHRV1005E indicates that an override rule specifies an invalid value for an integer attribute.
DFHRV1006E indicates that an override rule specifies an integer attribute value outside its valid range.
DFHRV1007E indicates that an override rule specifies an invalid CVDA attribute value.
DFHRV1008E indicates that an override rule specifies an invalid override action.
DFHRV1009E indicates that an override rule specifies an unsupported resource type.
DFHRV1010E indicates that an override rule specifies an invalid symbol format in the attribute value.
DFHRV1011E indicates that an override rule specifies an unsupported symbol name in the attribute value.
DFHRV1012E indicates that an override rule specifies an invalid symbol substring in the attribute value.
DFHRV1013E indicates that an override rule specifies an unsupported escape character in the attribute value.
DFHRV1014E indicates that an override rule specifies an invalid null string in the attribute value.
DFHRV1015E indicates that an override rule specifies an obsolete attribute.
DFHRV1016W indicates that a resource overrides file with updated content was loaded during CICS restart.
DFHRV1017E indicates that a resource overrides file is empty.

DFHSInnnn

New:

DFHSI1610 indicates that DFHAMIO is not on the load library and resource overrides cannot be processed.
DFHSI1611 indicates an error in DFHAMIO during resource override processing.
DFHSI1612 indicates errors in the resource overrides file during resource override processing.
DFHSI1801 indicates errors in the PLT that is used during the initialization of CICS.

DFHSMnnnn

New:

DFHSM0136 indicates the size of the DSAs that are never protected from instruction execution.
DFHSM0160I indicates that Instruction Execution Protection is available.
DFHSM0161I indicates that Instruction Execution Protection is enabled for eligible CICS DSAs.

Removed:

DFHSM0137
DFHSM0138
DFHSM0139
DFHSM0140

DFHSNnnnn

Changed:

DFHSN1100 changed to add the TN3270 IP Address to the message output.
DFHSN1101

Removed:

DFHSN1102

DFHSOnnnn

New:

DFHSO0170A indicates that the specified TCPIPSERVICE cannot be opened because the default TCP/IP stack is not available.
DFHSO0171A indicates that the specified TCPIPSERVICE cannot be opened because the specified TCP/IP stack is not available.
DFHSO0200I is issued when the CICS sockets listener task starts accepting inbound TCP/IP connections.
DFHSO0201I is issued when the CICS sockets listener task stops accepting new inbound HTTP connections.
DFHSO0202I is issued when the CICS sockets listener task stops accepting all inbound TCP/IP connections.
DFHSO0300 is issued when the client side of a TLS handshake failed during certificate validation.
DFHSO0301 is issued when the client side of a TLS handshake failed to establish secure communication.
DFHSO0302 is issued when the client side of a TLS handshake failed during certificate validation caused by a lack of a valid certificate.
DFHSO0303 is issued when the client side of a TLS handshake failed during certificate validation caused by a lack of a valid certificate sent to the remote partner.
DFHSO0304 is issued when the client side of a TLS handshake failed during certificate validation caused by an invalid certificate date.
DFHSO0305 is issued when the client side of a TLS handshake failed during certificate validation caused by a missing key label.
DFHSO0310 is issued when the client side of a TLS handshake failed during certificate validation caused by an internal error reported by the remote partner.
DFHSO0399 is issued when the client side of a TLS handshake failed. The text in the message explains the error details.
DFHSO0400 is issued when the server side of a TLS handshake failed during certificate validation.
DFHSO0401 is issued when the server side of a TLS handshake failed to establish secure communication
DFHSO0402 is issued when the server side of a TLS handshake failed during certificate validation caused by a lack of a valid certificate.
DFHSO0403 is issued when the server side of a TLS handshake failed during certificate validation caused by a lack of a valid certificate sent to the remote partner.
DFHSO0404 is issued when the server side of a TLS handshake failed during certificate validation caused by an invalid certificate date.
DFHSO0405 is issued when the server side of a TLS handshake failed during certificate validation caused by a missing key label.
DFHSO0410 is issued when the server side of a TLS handshake failed during certificate validation caused by an internal error reported by the remote partner.
DFHSO0499 is issued when the server side of a TLS handshake failed. The text in the message explains the error details.

DFHSRnnnn

New:

DFHSR0623 indicates that there is an attempt to execute an instruction from storage that is protected from instruction execution.

DFHTMnnnn

New:

DFHTM1721 indicates errors in the PLT that is used during the shutdown of CICS.

DFHTPnnnn

New:

Service DFHTP4175 (APAR PH43431) indicates a message routing failure due to an invalid or unlocatable remote system ID.

DFHTSnnnn

New:

DFHTS1316 indicates that auxiliary temporary storage data set usage has reached 75% or more of the capacity.
DFHTS1317 indicates that auxiliary temporary storage data set usage has fallen below 70% of the capacity.
DFHTS1610 indicates that a scan of shared temporary storage queues has completed. The message shows the numbers of shared temporary storage queues scanned and deleted.

DFHWBnnnn

New:

DFHWB0112I indicates that there was a problem processing the defaultciphers.xml file.
Service DFHWB1561 (APAR PH60212) indicates that the URIMAP resource was defined with CIPHERS() and lists the ciphers that CICS used instead.
Service DFHWB1583 (APAR PH63454) indicates a change of IP address from what is recorded in the URIMAP DNS cache.

Changed:

DFHWB0763 is changed to indicate the name of the disabled URIMAP.

DFHXQnnnn

New:

DFHXQ0420I indicates that the percentage of entries in use in the pool structure dropped below a specified threshold.
DFHXQ0421I indicates that the percentage of elements in use in the pool structure dropped below a specified threshold.
DFHXQ0422I indicates that the percentage of entries in use in the pool structure reached a specified threshold.
DFHXQ0423I indicates that the percentage of elements in use in the pool structure reached a specified threshold.

DFHXSnnnn

New:

DFHXS1117 indicates the association data, including origin information related to a security violation.

Changed:

DFHXS1113 is removed as Category 1 transactions. No longer use RACF to determine access.
DFHXS1201 either mentioned USERID or PASSWORD and now provide a more generic message to obscure which field was incorrect.
DFHXS1206 either mentioned USERID or PASSWORD and now provide a more generic message to obscure which field was incorrect.
DFHXS1215 either mentioned USERID or PASSWORD and now provide a more generic message to obscure which field was incorrect.
DFHXS1404 is removed as Category 1 transactions. No longer use RACF to determine access.

Removed:

DFHXS1205
DFHXS1211

DFHYMnnnn

New:

DFHYM1000E indicates that a resource type in the resource overrides file is too long or missing a delimiter.
DFHYM1001E indicates that an override rule in the resource overrides file is missing the selector or overrides value.
DFHYM1002E indicates that an attribute name in the resource overrides file is too long or missing a delimiter.
DFHYM1003E indicates that an override action in the resource overrides file must start on a new line.
DFHYM1004E indicates that a find override action in the resource overrides file is missing an associated replace action.
DFHYM1005W indicates that an overrides mapping in the resource overrides file does not specify any attributes.
DFHYM1006E indicates an invalid selector condition or override action for an attribute in the resource overrides file.
DFHYM1007E indicates that a line delimiter is missing from the resource overrides file.
DFHYM1008E indicates incorrect indentation in the resource overrides file.
DFHYM1009E indicates that an attribute value must be enclosed in quotes in the resource overrides file.
DFHYM1010E indicates a missing space before a comment in the resource overrides file.
DFHYM1011E indicates unexpected data in the resource overrides file.
DFHYM1012E indicates an invalid character because of a character encoding error in the resource overrides file.
DFHYM1013E indicates an unsupported escape character in the resource overrides file.
DFHYM1014E indicates an invalid override action-operator in a selector mapping in the resource overrides file.
DFHYM1015E indicates an invalid selector condition-operator in an overrides mapping in the resource overrides file.
DFHYM1016E indicates a duplicate attribute in a selector or overrides mapping in the resource overrides file.
DFHYM1017E indicates that a resource override find action is missing a value in the resource overrides file.
DFHYM1018E indicates an unsupported multiline indicator in the resource overrides file.
DFHYM1019E indicates that the schemaVersion mapping is missing from the resource overrides file.
DFHYM1020E indicates that the resourceOverrides mapping is missing from the resource overrides file.
DFHYM1021E indicates that the schemaVersion mapping specifies an invalid schema name or version in the resource overrides file.
DFHYM1022E indicates that a resource overrides schema version in the resource overrides file is not supported.
DFHYM1023E indicates that the resource overrides file uses an unsupported code page.

Changes to CICSPlex SM messages

EYUNXnnnn

New:

EYUNX0110W indicates that resources to be installed conflicted with existing URIMAP or TCPIPSERVICE resources.

Changed:

EYUNX0013E is changed to also indicate invalid definition options for resources in a single CICS region configured with the CMCI JVM server (SMSS).

EYUXDnnnn

New:

EYUXD0721I indicates the name of the CICSplex whose CICSplex context records will be removed from the CMAS EYUDREP data repository.
EYUXD0722I indicates the name of the CICSplex whose CICSplex context records will be updated to the CMAS EYUDREP data repository.

EYUXLnnnn

Changed:

EYUXL0003I has an editorial change in its message text. The phrase version is dropped from the message text. There is no functional change to this message.

Changes to abend codes

New abend codes

Service AITQ (APAR PH52991) occurs when a transaction is purged, during the processing of a request, while waiting for a response from a connected subsystem over an IPIC connection.
AKES occurs when an attempt is made to execute an instruction that is located in storage that is protected from instruction execution.
Service AMQT (APAR PH47961) occurs when temporary storage queue DFHCKBR is required but the TSMODEL definition for it does not exist.
ARZR occurs when a request stream task encountered a failure while trying to join with an existing target request stream task.
AXS1 occurs when a user attempts to run a Category 1 transaction directly.

Changes to samples

Table 29. Changes to the samples provided with CICS TS 6.1
Sample	6.1
strongciphers.xml	REMOVED: Use of strongciphers.xml is replaced by customizing allvalidciphers.xml and defaultciphers.xml for use with CIPHERS attribute in resource definitions.
DFH$54J	NEW: JCL to output SMF 1154 Subtype 80 records
DFH$1154	NEW: REXX program to output SMF 1154 Subtype 80 records
DFH$MOLS	CHANGED: The UNLOAD function is enhanced to support DFHRMI fields in its output.

Changes to documentation

Table 30. Changes to the documentation provided with CICS TS 6.1.
Documentation	6.1
	6.1
Downloadable (offline) documentation	NEW: IBM Documentation Offline is now automatically translated.
Online documentation	CHANGED: IBM Knowledge Center is renamed to IBM Documentation. NEW: IBM Documentation is now automatically translated.
Fundamentals	NEW: How it works: CICS storage CHANGED after general availability: The reference topics about CICS subpools in CICS DSAs, previously contained in How it works: CICS storage, are moved to System management reference. See Reference: CICS subpools in CICS DSAs.
Developing applications	NEW: Get started with Java in CICS
Security	NEW: structure and information
CICS TS Feature Pack for Dynamic Scripting V2.0	REMOVED: References removed from the documentation.
Scenario: Using business events to analyze application trends	REMOVED: References removed from the documentation.
PDFs	NEW PDF: Security for CICS CHANGED: Configuring CICS The Configuring REXX section has been removed from this PDF. This information is contained in REXX for CICS TS User Guide and Reference. STABILIZED: The following PDF is no longer produced: RACF Security Guide