So what about when it's a SaaS like Google Search, and you just leave BETA plastered across it for over a decade?
There’s a lot of software being written in these big companies that never ship due to politics, deprioritization, product mismanagement, change in company directions etc.
There is also a lot of software that never ships because it’s intended to be internally used exclusively. 174 makes no distinction between internal/external products. I do not know if it makes a distinction between products and products-that-never-reach-market. I suspect it does not, since a core tenet of the regulation is that there must be some uncertainty of outcome in order to be research and development. Products that fail before reaching the market seem to fall in that zone of uncertainty and are likely deductible.
For example, developing windows 11 might count as R&D up until it ships. Spending a decade supporting it, doing bug fixes, and patching security holes in the already-shipped product would not count as research or development.
This “the research is done when the product shipped” might work for tangible objects but it does not seem coherent given the way the software lifecycle works.
It might be wise to revisit this; giving companies a tax break when they do security upgrades after release might be a good way to incentivize more secure software.