HT-2021-000363 - [2025] EWHC 532 (TCC)

The allegation is that Winsopia failed to scrub properly a suite of PL/I test programs and, as a result, IBM CSECTs were transferred outside Winsopia’s Enterprise and used on non-designated machines.

Kednos test programs are a PL/I compiler-verification test suite. In early 2015 Winsopia was instructed to convert a suite of Kednos PL/I test programs in source code form into executable programs capable of running on z/OS that could be exported to the SDM to verify that the SDM implementation of PL/I produced the same results as an IBM mainframe. This required Winsopia to modify the source code for the Kednos test programs, so that they could be compiled using the IBM PL/I compiler, and then link-edit them with IBM-supplied PL/I modules on its mainframe.

On 19 December 2016, Mr Bleach of LzLabs UK sent an email to Mr Rastall at Winsopia and others, concerning PL/I Kednos tests sent to OnTarget in St Petersburg. On Target had been sent two versions of the Kednos library, namely, the old stubbed library and the new CPX scrubbed library. Mr Bleach was unable to explain why the old stubbed tests run by On Target worked but the new CPX scrubbed tests did not work.

On 20 December 2016, during an instant messaging exchange between Mr Bleach and Mr Bray, Mr Bray stated:

“BTW I do not think that the Scrubbing process for PL1 is complete! In fact I think it is letting test through with Copyright IBM in it!! … I have told Mr Palmer.

…

Chris has come up with another enhanced Scrubb list --- LZM5.WINCP.JCL(LZSLIST) so maybe the CPX Needs doing again??”

On 20 December 2016 Mr Bray sent an email to Mr Palmer, explaining that he had compared the PL/I z/OS executable load modules using the CPX scrubbing process with executables linked with Winsopia stubs; the CPX version contained a number of IBM copyright statements that did not appear in the stubbed version. In response, Mr Palmer provided an updated and enhanced LZSLIST (scrub list). That proved to be more effective although, as noted by Mr Bray, still it did not scrub all modules containing IBM copyright notices.

In cross-examination Mr Bray agreed that, at this time, the CPX scrubbing process was ineffective in that IBM CSECTs in the PL/I load modules were sent by Winsopia to OnTarget:

“Q. … there may be a question of degree, but I think you're accepting, aren't you –

A. Yes.

Q. -- that the scrubbing process had failed to the extent that at least some IBM –

A. Yes, yes.

Q. -- CSECTs had gone from Winsopia to OTG, possibly via Lz; do you agree?

A. Yes.”

Mr Palmer’s evidence was to like effect:

“Q. Now, if we just take those two emails we've been looking at together, what we see is that OnTarget Group has been sent a scrubbed copy of the KEDNOS library, that it wasn't scrubbed successfully because every module contained copyright statements, but the version that was done the old way was fine, and what the copyright statements that were sent to OnTarget in the scrubbed version showed was that IBM CSECTs hadn't been scrubbed; do you agree?

A. Yes, from the evidence, that's true.”

The link-editing process carried out by Winsopia necessarily introduced into the PL/I modules IBM CSECTs, including z/OS Base version 1 or 2 and/or IBM Enterprise PL/I for z/OS. Those IBM CSECTs were ICA Programs for the purpose of the ICA.

In summary on this item: