Comment Re:security (Score 1) 9
If it really is isolated (what the heck are you making that doesn't talk to anything else?) then the VM you talked about is a starting point. Next comes the challenge of tracking it: You have to keep enough copies that you don't lose it, but you also have to keep track of which copy is authoritative so that the bug fix in year 12 starts from the bug fix in year 7, not the bug fix in year 3.
Anyway, you need to keep a living memory of the project. If it goes into dead storage there probably won't be enough findable documentation to resurrect it. This means that at all times there must be someone employed by the company which has touched it before.
So, set aside a staff day every single year, paid up-front by the customer, to literally boot the VM, run a re-compile and send a report to the customer certifying that it was done. Any further apart and you'll lose the living memory of the project.
Hardware is your other foe. I don't know how you move the software compiled software image to the embedded hardware, but if it's a small-run product it won't be around in 5 years, let alone 25. RS232 serial has been remarkably resilient but few of the other popular communications hardware interfaces have survived 25 years. Scsi? Gone. IDE? Gone. Ethernet? The form that existed 25 years ago is gone, hard even to find on the second-hand market.