The SET-PROCEDURE-OPTIONS command offers various options for protecting a procedure: both logging and interrupting can be prevented for a procedure. In combination with setting appropriate attributes for the procedure container (e.g. read access restricted via BASIC-ACL or GUARDS), these options can be used to prevent that procedure being read by an unauthorized caller or its execution being modified illegally.

The parameters transferred with a procedure call can either be thoroughly checked within the procedure (e.g. by the CHECK-DATA-TYPE function), or verified by SDF prior to procedure execution by embedding the procedure call in a command (SDF-A command definition with IMPLEMENTOR=*PROCEDURE). The SYSTEM-CALL function can be used to check whether SDF analyzed the call syntax using a system or group syntax file.

Generally speaking, runtime security can be enhanced for a procedure by (preferably) complete declaration of all variables used (including type definitions) and layouts. The implicit creation of variables, e. g. as a result of typing errors, can be prevented by specifying IMPLICIT-DECLARATION=*NO in the SET-PROCEDURE-OPTIONS command.