Lucinda,
If I understand your problem, you're trying to avoid the situation where a new version of some software product is installed on a node, but not deployed (for want of a better description).
In other words, we copy the files, but don't start it, then the system crashes and before we expected it, the new version is "live"? Yes?
I guess that's a similar situation to someone using SYSGEN to set a CURRENT value for a non-dynamic parameter, then later the system reboots and the new value becomes live.
In an environment like OpenVMS with long uptimes, this is a very real risk as the value change may have occurred months or even years prior to the reboot that makes it live.
For the case in point, I'd put the onus of keeping track back on the installation procedure/process - don't copy any files until you're ready for the cutover to the new version, and make sure the new version is deployed immediately after installation (if that requires a reboot, then so be it).
Other than that, maybe you could write a procedure that examined important application images, and flagged any prior versions found.
If images are known to be INSTALLed, another option is to check at shutdown time. Use INSTALL LIST and/or F$FILE(file,"KNOWN") to identify which file is installed, and make sure it isn't occluded by a newer version. Granted this only helps for a planned shutdown.
A crucible of informative mistakes
