Taking out the Garbage: Making Windows XP suitable as a HMI Platform
Taking out the Garbage: Making Windows XP suitable as a HMI Platform
by Marty Huff
You’ve finished your design, developed the Human Machine Interface (HMI), and your machine has been installed on the factory floor. The operator clicks the “Start Process” button on the HMI application you created and, lo and behold, a balloon tip pops up at the bottom of the screen telling you “There are unused icons on your desktop.” In Windows Task Manager, you see about two dozen processes running you’ve never heard which are eating up precious processor and memory resources. Not to mention the thought of an operator playing Solitaire or surfing the web, and opening the computer to risks of becoming infected with a virus, spyware or even being hacked. You’re asking yourself why you used Windows XP for an HMI platform in the first place.
Why use Windows XP? In fact, Windows XP can provide a robust HMI environment, and has several advantages over either Windows CE or Linux. Windows XP is compatible with most applications and provides a familiar environment for development. Windows XP is easily configured to go beyond a simple HMI / SCADA platform to provide services such as networking and remote monitoring, remote access, web browser access, database connectivity and many others. Windows XP is also favored by IT departments because of its familiarity and interoperability. There are many HMI development packages that are designed for Windows XP such as Wonderware, Indusoft, Intellution, and others which provide an easy-to-use graphical interface that allows for speedier development than starting from scratch.
Out of the box, however, Windows XP is not suitable to act as a HMI / SCADA platform. The XP OS is made to be an end-user interface to applications, not an application platform running in the background. There are several “tricks” that can be performed to “take out the garbage” thus creating a stable, robust, and secure environment for your application.
Going back to the example used at the beginning of this article, one of the most annoying issues when using XP for an application environment is the “informative” balloon that pops up in the System Tray at the lower right of your screen (Fig. 1).
It’s actually quite simple to get rid of those annoying Windows balloon pop-ups once and for all. Open the Registry Editor by going to Start��Run and typing egedit. Navigate to HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Current Version\Explorer\Advanced. Right click on the Advanced folder and choose New --> DWORD Value (Fig. 2). Name the new value EnableBalloonTips and leave the data field at zero. No more annoying pop-ups. Keep in mind that this entry suppresses not only the annoying pop-ups, but all such pop-ups. This task can also be done by using the Windows Group Policy Editor, which will be discussed later in this article.
Have you ever been annoyed by the beep you hear every time you press more than one key by accident? Or maybe it occurs when the PC freezes and you can’t push any key without hearing it. Well, here is how you disable the sound:
Again from the Registry Editor, navigate to HKEY_CURRENT_USER\Control Panel\Sound. Right click on Beep on the right side of the screen and select Modify. Change the value in the box to No. Exit and reboot the computer. Voila! No more beeping. There are a couple of different ways to accomplish this, including using Device Manger or using the Sounds applet in the Control Panel.
You can do several things in Windows XP to optimize performance, reduce start up times, and create a reliable environment. One measure is to disable unneeded services and programs that are running in the background. A typical Windows XP installation has around 45 running by default. Depending upon the application, up to 30 can be disabled. Many services are obviously not needed, and can be set to start manually instead of automatically upon Windows startup. To see all running services, click on Start ->Control Panel -> Administrative Tools ->Services (Fig. 2). To modify how a service runs, double-click on it to reveal the Properties page. The startup-type options are Automatic, Manual, and Disabled. Setting a service to Automatic causes it to start when Windows boots. Setting a service to Manual allows for the service to start if it’s needed by other dependent services. Disabling a service will not allow it to start, nor will any dependent services start. If you are going to change a service from automatically starting, Manual is usually a safe bet.
Below is a list of services that can usually be set to Manual or Disabled.
Error Reporting Service - This service is responsible for the annoying “This program has encountered a problem” pop-up which gives you the option to send the report to Microsoft.
IIS Admin and World Wide Web Publishing - Unless your application is “web” or “browser” based, these services are not needed.
Automatic Updates - This process is best done manually so that you know exactly what updates from Microsoft are being installed. If, for some reason, an update causes instability, it’s much easier to troubleshoot than when you have no idea what was installed and when.
Remote Registry Service - The capabilities provided by the Remote Registry service are frightening to consider from a security perspective. They allow remote users (in theory, and only under controlled circumstances) to edit the Windows Registry. This Service should be set to “Disabled”.
Routing and Remote Access - This service provides router functionality. It’s unlikely that you will be using the system as a network gateway or VPN server. This service can usually be disabled.
Messenger - Also known as the Windows Messenger Service, this service is highly vulnerable to hackers and should always be disabled.
SSDP Discovery Service / Universal Plug and Play Host - These services are seldom used and introduce a security risk. It is best to disable them.
Telnet - Telnet allows remote access to the computer and is a huge security threat. Always disable this one.
Windows Time Service - This service contacts time servers on the Internet or within a Windows Domain to synchronize your clock’s time. In most cases, for the purpose of and HMI, this service is not necessary and can be set to “Disabled”.
Simple File Sharing - Simple File Sharing, which provides blanket access to shares without exceptions, is not what we want to use for sharing file system resources. The Simple File Sharing service is active by default. This Service cannot be disabled from the Services Management Console, but can be disabled at My Computer -> Tools -> Folder Options, then clicking the View tab and clearing the Use Simple File Sharing (Recommended) check box in the Advanced settings pane.
Help and Support - This service is pretty much useless for anyone who has used a computer at all, and is nothing but an annoyance. Even if you disable this service, it will change back to automatic startup if you accidentally click on Help and Support on the start menu.
Obviously, there are many more services that can be disabled. Any service that is not being used poses security risks, and uses resources. Disabling these services will not only increase overall performance and reduce startup and shutdown times, but will also provide a more secure and stable environment. Try an experiment by timing how long it takes for Windows to start, then disable the services mentioned above and time it again. You’ll be surprised by the result.
A very useful tool for optimizing Windows Performance is the System Configuration utility (Fig. 4). You can access it at Start --> Run, then typing msconfig. You can change service startup types here, but you can only disable services and not change them to manually start. You can also stop programs from running at start-up on the Startup tab. Some applications will add an executable to the startup directory to make them start faster or get updates. These programs can decrease overall performance. You can safely uncheck all programs to stop them from running at boot time. The only applications that you may want running are your anti virus software, and perhaps the HMI application you’re using.
An additional method of increasing performance is to optimize the environment. Rightclick on My Computer and choose Properties. On the Advanced tab, under Performance, choose the Settings button. Click the Adjust for best performance radial dialog box, which will disable all of Windows’ visual effects. The only one of these worth re-checking is Use drop shadows for icon labels on the desktop, which appears second-from-bottom on the list and is helpful for reading desktop icon names.
You can also place the Windows Kernel into RAM to make the system run faster. It’s a given that anything that runs in physical memory will be faster than a process that is cached to the hard drive as Virtual Memory. Running the foundation of Windows directly in RAM will obviously speed up operations. The following Registry edit will perform this task. It’s recommended that you perform this registry edit only if the system has 512MB or more of installed RAM. Set the Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\DisablePagingExecutive to 1 to disable paging and have the kernel run in RAM. Exit the Registry Editor and reboot.
Our last step in increasing the performance of your application is to set it to run at a higher priority than other applications and processes. From time to time you may see your application pause intermittently because another process is starting or running. These “glitches” can be avoided. You can grant your application priority over other applications by using the Task Manager. While your application is running, press Ctrl+Alt+Delete and choose Task Manager or right-click on the taskbar and choose Task Manager. On the Processes tab, right-click on the name of your application. When you mouse over Set Priority, you will have the option to choose from six different priority types (Fig. 5). Use caution when choosing the Realtime option, however, because it could affect other programs and processes adversely.
One potential issue with Windows XP is the vulnerability to the end user. Sure, you can configure it so that the application runs on start-up and the user never sees the Windows background, but there are usually ways that the user can get access to windows such as plugging in a USB keyboard and striking Ctrl+Alt+Delete.
One powerful XP tool is the Group Policy Editor. GPE is a friendly interface to the Windows Registry. Here you can turn off CD auto-play, hide desktop icons, customize the start menu, and make many other customizations to increase security such as limiting control-panel access either completely, or on an icon-by-icon basis.
To access Group Policy Editor, click Start --> Run and type gpedit.msc. If it is not already installed on your computer, you can add it easily. Again, at the Run prompt, type mmc. On the File menu, choose Add/Remove Snap-in, then click Add. Under Available Stand-alone Snap-ins, click Group Policy, and then click Add.
The two categories of policies are Computer Configuration and User Configuration. Most of the settings that can be changed are under the Administrative Templates folder in both categories. Choosing the Extended tab at the bottom of the console will display detailed descriptions of each item. As you will see by expanding the folders on the left and double clicking on the items, GPE is a very user-friendly and simple-to-use tool. Your only choices for the state of each setting are Not Configured, Enabled, or Disabled, each of which is self-explanatory.
There are several trends in the manufacturing industry that are driving the increased popularity of Windows XP as a HMI and SCADA platform. Windows XP can provide a robust, secure, and stable HMI environment with a bit of customization. This article has only skimmed the surface of Windows XP “IT-guy tricks” that can be used to create a suitable environment for your HMI. Following the above procedures to “take out the garbage” will assist you in creating an efficient platform for your applications, not to mention avoiding some common XP annoyances.
About the Author:
Marty Huff is an IT professional with MSI Tec specializing in Industrial Computing and Networking. Marty can be reached directly at 720-875-9835 or via email at [email protected] MSI Tec is a provider of intelligent machine control components and systems, and the value adding engineering resources for the successful identification and implementation of their use. Marty is responsible for assisting customers with intelligent machine interfaces, device connectivity, and systems design and is available for dedicated training programs and seminars. http://www.msitec.com