Client Profile
The client is a Swedish industrial manufacturer with operations across seven countries in Europe and North America, employing approximately 12,000 people across manufacturing, engineering, sales, and corporate functions. The company manufactures precision components and subsystems for the automotive, aerospace, and heavy industrial sectors, operating large-scale production facilities with highly automated manufacturing processes and an extensive technology estate supporting production management, quality control, supply chain coordination, and engineering design.
Java is embedded throughout the client's operational technology landscape. The company's manufacturing execution system, ERP-integrated quality management platform, production planning tools, and computer-aided manufacturing support applications all carry Java dependencies — almost entirely through third-party platform vendors. The company also operates an internally developed plant data integration layer that aggregates production telemetry from manufacturing equipment and feeds it into the ERP and reporting environment, which was built on Oracle JDK and had not been reviewed for licence compliance since 2021.
The Challenge
Oracle's compliance engagement was triggered by Oracle's LMS team identifying Java downloads associated with the client's IP address ranges in Oracle's download registry data. Oracle's initial communication asserted that the client's Java deployment across its Swedish and European manufacturing operations was non-compliant with the January 2023 Universal Subscription model and presented an annual subscription demand of €3.6M, based on applying the employee-count metric to the client's European workforce of approximately 9,200 people.
The manufacturing operational technology environment introduced specific complexities. The client's manufacturing execution system — a major third-party platform deployed across all seven production facilities — ran Oracle JDK as part of its certified runtime environment. The platform vendor, a specialist MES supplier to the automotive and aerospace sectors, held an OEM licensing agreement with Oracle for the Java runtime components embedded in its platform. Oracle's compliance team had claimed these instances as the client's direct licence obligation without investigating the vendor's OEM status. The same pattern applied to the client's quality management and production planning platforms, both of which were supplied by vendors with their own Oracle Java agreements.
The client had also, in 2022, migrated its engineering workstation estate from Oracle JDK to Eclipse Temurin as part of a broader open-source software adoption policy — a migration that had substantially reduced the number of Oracle JDK deployments in the corporate IT environment. Oracle's scan had not reflected this migration, treating the engineering workstation population as Oracle JDK-based based on historical download data rather than current deployment evidence. Redress Compliance was engaged to conduct the full independent audit and manage Oracle's compliance process across all relevant geographies.
The Approach
Redress Compliance deployed Java discovery tooling across the client's central IT infrastructure in Sweden, its manufacturing facility networks across seven sites, and its cloud environment in Microsoft Azure. The manufacturing facility networks required dedicated network discovery deployment, as they operated on air-gapped or semi-isolated operational technology networks separate from the corporate IT infrastructure and were not covered by the client's existing ITAM tooling.
The audit results confirmed a four-part Java estate: Oracle JDK on the internally developed plant data integration layer, where the client held a direct licence obligation; Oracle JDK embedded in the MES, quality management, and production planning platforms, excluded by vendor OEM agreements; Eclipse Temurin on the engineering workstation estate, carrying no Oracle commercial obligation; and a small number of Oracle JDK instances on legacy corporate IT servers scheduled for decommissioning within the next 12 months.
Redress Compliance secured OEM licence confirmation documentation from the client's three principal manufacturing platform vendors, establishing that the Java runtimes across all manufacturing facility servers were covered by vendor OEM agreements. This evidence was structured into a formal OEM exclusion analysis presented to Oracle's LMS and Northern Europe commercial teams, together with the engineering workstation migration evidence and the plant data integration layer licence position.
The corrected Oracle JDK estate — after applying OEM exclusions and reflecting the current engineering workstation deployment — comprised the plant data integration layer servers and a limited number of legacy corporate IT servers. The corrected employee-count basis, reflecting only those employees whose work environment included directly licensed Oracle JDK applications, was approximately 850 people — the engineering and IT staff whose work involved the plant data integration platform. The corrected annual subscription was €380,000.
The Outcome
Oracle accepted the corrected licence position. The client's Java subscription was agreed at €380,000 per year — an 89% reduction from Oracle's initial demand of €3.6M. Oracle's back-payment demand was withdrawn in full following its acceptance of the OEM exclusion analysis. Total savings over a three-year horizon exceeded €9.6M relative to Oracle's original demand.
The engagement also accelerated the client's decision to migrate the plant data integration layer from Oracle JDK to Eclipse Temurin, a migration that the client's engineering team had been planning for 2026. Completing this migration eliminates the client's direct Oracle Java subscription obligation entirely and was completed within six months of the audit. The client's forward Oracle Java commercial exposure is now zero.
Key Takeaways
- Manufacturing execution and industrial automation platforms almost universally carry OEM Java licence obligations that eliminate end-user exposure. The major MES, quality management, and production planning platforms supplied to the industrial manufacturing sector are built on Java runtimes licensed through Oracle OEM agreements with the platform vendors. These are not the manufacturing company's Oracle licence obligations, but Oracle's compliance methodology consistently treats them as such unless challenged with OEM documentation.
- Operational technology networks require dedicated Java discovery tooling separate from corporate ITAM systems. Manufacturing facility operational technology networks — MES servers, production planning infrastructure, and quality management systems — are routinely outside the scope of corporate ITAM platforms. Oracle's compliance scans reach them through network-level discovery and download registry data. An independent audit must cover these networks explicitly to produce a defensible licence position.
- Engineering workstation migrations to OpenJDK distributions eliminate a significant portion of manufacturing-sector Oracle Java exposure. Manufacturing and engineering organisations that have adopted Eclipse Temurin, Amazon Corretto, or other OpenJDK distributions for their engineering desktop and workstation environments have largely exited the Oracle Java commercial scope for that population. Documenting the migration — including the date and method of transition — is essential to using it as audit defence evidence.
- Oracle's download registry data is a systematically unreliable basis for current deployment assessments. Oracle's use of historical download data to construct compliance claims is a known methodological weakness. Companies that have migrated away from Oracle JDK are routinely contacted by Oracle on the basis of downloads that no longer correspond to current deployments. Current deployment evidence always supersedes download history in any contractual compliance analysis.
- Eliminating the direct Oracle Java obligation through OpenJDK migration permanently removes future audit exposure. For organisations like the client, where the Oracle JDK footprint is confined to a single internally developed application, migrating that application to Eclipse Temurin or another OpenJDK distribution removes the company from Oracle's commercial Java scope entirely — eliminating not only the current subscription cost but all future audit risk for as long as Oracle's model remains employee-based.
Manufacturing company facing Oracle Java compliance contact?
Redress Compliance has specific expertise in operational technology Java estate audits and manufacturing-sector OEM licence analysis — delivering major reductions in Oracle Java compliance demands for industrial organisations.