The risks of version stagnation are real. But so is skepticism about how vendors want to fix it. Here’s an honest look at both.

Industrial software has a persistent problem that everyone in the field knows but rarely talks about openly: once deployed, systems are almost never updated. Not because people are careless, but because the risks of changing a running system often feel greater than the risks of leaving it alone. 

Compatibility dependencies, validation requirements, downtime windows that never materialize; the original designer having moved on are all factors that keep facilities running software versions that are years, sometimes decades, behind. 

The consequences compound quietly. Aging software increases cybersecurity exposure. It strains integration with modern platforms. It widens the gap between OT and the IT infrastructure it increasingly depends on. And the longer you wait, the harder and more expensive the eventual upgrade becomes. 

This is the version stagnation problem. And if you’re a systems integrator who’s recommended WIN-911 for years, or an engineer who relies on it, it’s worth understanding why it’s getting harder to ignore, and why the way vendors are responding matters. 

The Ecosystem Moves Whether You Do or Not 

Here’s something that catches people off guard: your software doesn’t have to change for it to break. The world around it changes, and that’s enough.

Consider a concrete example. In 2021, Microsoft started deprecating its Basic Authentication system for cloud Exchange users. It completed that deprecation in 2023, moving affected users to OAuth, and is now doing the same thing for SMTP Auth users with the final deprecation happening in early 2026. SmartSights released an update to WIN-911 to add OAuth compatibility in August of 2022.

If your alarm notification system relies on either of those systems to deliver text alerts, this isn’t a theoretical risk. It’s a countdown. Messages that appear sent may never arrive. The software didn’t break; the infrastructure it depended on moved on without it.

For subscription customers, SmartSights is shipping an update transitioning delivery to supported messaging APIs. For facilities running older perpetual versions with lapsed support contracts, the path forward means troubleshooting a critical safety system on your own timeline, often under pressure, and often without realizing the problem exists until an alarm fails to reach someone.

This pattern repeats wherever external dependencies exist. Operating system support windows close. SCADA platforms release major updates. Cloud APIs evolve. Database drivers change. Communication protocols get deprecated. None of these are within your control, and none of them wait for your next maintenance window.

The Cybersecurity Argument Is No Longer Abstract

In 2021, the water treatment facility in Oldsmar, Florida made national headlines when chemical dosing levels were changed via remote access. Sodium hydroxide was briefly increased to potentially dangerous concentrations before an operator caught it in real time. The facility was running Windows 7, which had been out of Microsoft support for over a year.

The full story of what happened at Oldsmar has been debated and revised since. The former city manager later called it a “nonevent,” and subsequent investigation suggested it may have been employee error rather than a targeted external attack. But the underlying point stands regardless of who was at the keyboard: a facility running unsupported software was exposed to a risk that current software and proper access controls would have mitigated. The operator caught it. Next time, someone might not.

For any facility running safety-critical software on aging platforms, the question isn’t whether a vulnerability will be exploited. It’s whether you’ll know about it and have a supported path to address it when it matters.

Let’s Be Honest About Subscription Skepticism

Here’s where we need to level with you, because you’re already thinking it.

The broader software industry has given everyone good reason to be skeptical of subscription models. We’ve all watched vendors force customers onto subscriptions overnight, bundle in products nobody asked for, and jack up prices with no corresponding increase in value. If your first reaction to hearing “subscription” is wariness, that instinct is well-earned, and it didn’t come from anything SmartSights did. It came from the broader market poisoning the well.

We understand that. And we think the right response is honesty about what subscription actually covers and why, rather than pretending the skepticism doesn’t exist.

The truth is, some of what SmartSights delivers is structurally subscription-shaped — not because we decided to move a line item from one column to another, but because the underlying technology genuinely requires ongoing infrastructure and engineering work.

The SmartSights Mobile app routes notifications through cloud infrastructure running on Azure. That infrastructure has real operating costs including servers, security, and uptime monitoring that incur whether you send one alert or ten thousand in a month. It doesn’t exist as a one-time purchase any more than your cell phone plan does.

SCADA connector maintenance is continuous engineering work. When Rockwell releases a new version of FactoryTalk, or AVEVA updates its platform, or GE changes something in iFIX, or Inductive Automation ships a new Ignition build, someone must test, validate, and update those connectors. WIN-911’s value is that it works across all these platforms, and subscription is what funds maintaining that breadth as each platform evolves on its own release schedule.

PEER’s workflow integrations with CMMS and other plant systems depend on always-current API connections. When the systems PEER talks to change, the integrations have to change with them.

The Edge Gateway requires ongoing cloud services to function.

None of these are cases where we took something that worked fine as a perpetual license and stuck a subscription label on it. These are capabilities that live partly or entirely outside your plant network, and subscription covers the parts that exist beyond your on-prem server.

The core WIN-911 notification engine that has connected to your local SCADA server for decades still looks a lot like a perpetual product. And we haven’t pretended otherwise. We’ve designed our subscription model so it earns your business through ongoing value, not because you have no alternative.

What This Means for Systems Integrators

If you’re an SI recommending alarm notification software, you’re the one who gets the call when something stops working. You’re the one explaining to a plant manager why a connector broke after a SCADA upgrade.

Subscription licensing doesn’t eliminate those calls. But it does mean your customer is on a version that’s being actively maintained against exactly those kinds of external changes. It means the Microsoft email deprecation fix ships before the vendor shuts down the service. It means connector updates follow platform releases. It means you’re not reverse-engineering a compatibility problem on a Friday afternoon with a version that’s three years behind.

That’s the practical calculus: not whether subscription is philosophically preferable to perpetual, but whether the surface area of what your customer depends on has grown beyond what a one-time purchase can realistically keep current.

For most connected industrial environments today, it has.

Moving Forward

Version stagnation isn’t a technology problem with a technology-only solution. It’s a combination of real operational constraints, legitimate skepticism about vendor motives, and an expanding dependency surface that makes staying current harder every year.

We think the answer is straightforward: be transparent about what requires ongoing investment and why, deliver tangible value against those ongoing costs, and let the results speak for themselves.

Those concerns are also why going forward, if a subscription license lapses, our software will only disable access to configuration tools, while the core notification capabilities will continue to function. Users won’t be able to change callout rosters or phone numbers, but the runtime will continue functioning as long as necessary, to ensure that they are able to receive critical alerts in real time.

If you’re evaluating WIN-911 or any SmartSights product, or if you’re an SI advising a client on alarm notification: we’re happy to walk through exactly what subscription covers, what it doesn’t, and how the model works in practice. No pitch. Just an honest conversation.

Contact our team or reach out to your SmartSights channel manager to start that conversation.