This inspection reports any security-role elements of your EJB deployment descriptor that are not referred/linked to from within that file.