- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-27-2023 04:21 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-27-2023 05:09 AM
TL;DR - Treat as a device license, but make sure to exclude those embedded devices from any other non-embedded software titles.
Embedded software is almost always handled with a 'pass through' license; that the user of the device automatically has a right to use the software hardwired into it. That's assuming the user doesn't go and do anything nefarious with that device, i.e.: build a nuclear weapon with it, build a missile guidance system with it, use it to extract or reverse engineer the software, etc. So, technically, you don't have to worry about software licenses for those devices, because it passes from the software publisher to the OEM of the device and then to the end-user.
The trouble is, scanning software has trouble telling the difference between software on these devices and actual installed devices (o/s is probably the worst, followed by drivers, then by data connections like APIs). You still need to track the software, if for no other reason the scans don't try to inflate the count (and required use rights) of the non-embedded software titles. I recommend to my clients to create a separate 'embedded' software title, build the rules around the OEM make/model of the devices with the embedded software in question, then make sure those devices are excluded from the software counter details.
Hope this helps! -J
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-27-2023 05:09 AM
TL;DR - Treat as a device license, but make sure to exclude those embedded devices from any other non-embedded software titles.
Embedded software is almost always handled with a 'pass through' license; that the user of the device automatically has a right to use the software hardwired into it. That's assuming the user doesn't go and do anything nefarious with that device, i.e.: build a nuclear weapon with it, build a missile guidance system with it, use it to extract or reverse engineer the software, etc. So, technically, you don't have to worry about software licenses for those devices, because it passes from the software publisher to the OEM of the device and then to the end-user.
The trouble is, scanning software has trouble telling the difference between software on these devices and actual installed devices (o/s is probably the worst, followed by drivers, then by data connections like APIs). You still need to track the software, if for no other reason the scans don't try to inflate the count (and required use rights) of the non-embedded software titles. I recommend to my clients to create a separate 'embedded' software title, build the rules around the OEM make/model of the devices with the embedded software in question, then make sure those devices are excluded from the software counter details.
Hope this helps! -J
