eosl.ai
Methodology

EOSL Exposure Score — how it’s calculated

The EOSL Exposure Score is a transparent 0–100 indicator of how much support-lifecycle runway a hardware family has. Higher means more runway; lower means more exposure. It is derived only from the source-backed dates on the model page — no black box, no hidden inputs — and every score shows its factors.

What it is not. This is not a risk, security, safety or compliance score, and not a certification. It says nothing about whether a device is exploitable, patched, safe or audit-ready — only how its vendor support timeline looks. Use it to prioritise, not to certify.

The bands

ScoreBandWhat it means
90–100CurrentNo immediate EOSL action indicated from the available data
75–89WatchSupported — track the lifecycle
55–74PlanBudgeting or review should begin
30–54Action recommendedSupport runway is short or context-dependent
0–29High exposurePast EOSL, unsupported, or a limited support path

Inputs

EOSL timing (primary)

The worst-case (soonest) end-of-service-life date across the family’s SKU groups. Past EOSL scores lowest; more runway scores higher.

Source confidence

A vendor-published per-model date scores as-is; a date computed from a vendor support-life policy lowers the score slightly and is flagged.

Mixed status

When a family has some SKU groups past EOSL and others still supported, the score is nudged down and the split is noted — because the exact part number decides.

Replacement path

A vendor-named successor is shown as a factor (it clarifies the path forward) but is not scored as a number, to keep the score about the timeline.

The score updates whenever the underlying date does — including on the weekly re-check against vendor sources. It appears on every model page, in the JSON API (exposureScore), and in Stack Monitor and the bulk checker.

About the score

Is the EOSL Exposure Score a risk, safety or compliance score?

No. It is a lifecycle-timing indicator only. It does not assess security risk, patch status, exploitability, safety, or compliance, and it is not a certification. A low score means support runway is short or absent — not that a device is unsafe, and a high score does not mean a device is secure or compliant.

What goes into the score?

Only what's on the model page: the worst-case (soonest) end-of-service-life date across the family's SKU groups, whether that date is vendor-published or computed from a support-life policy, whether SKU groups have mixed status, and whether a vendor replacement is named. Category is shown as context but does not change the number. Every score lists its own factors.

How are computed or unknown dates handled?

A date computed from a vendor's published support-life policy (rather than a per-model bulletin) lowers the score slightly and is flagged in the factors. Current products with no announced end-of-life score high (Current) because the vendor is still shipping and supporting them — that is different from "unknown," which we do not assign to tracked products.

Why show a number at all?

Action Priority (Immediate / Soon / Plan / Monitor) is the plain-language label; the number makes the same signal exportable, comparable across a fleet, and easy to put in a ticket or review. Both come from the same underlying dates.