The PC performacne must also match the requirements of the SCADA application itself.
If the touch screen is used, then it is advisable to include calling the software keyboard that enables the user to enter values without the real keyboard into the PROMOTIC application. See: How to use screen keyboard for setting values by mouse (touchscreen).
Running the applcation on a virtual computer see PROMOTIC system and virtual computers.
Running the application using remote desktop see PROMOTIC system and Windows remote desktop.
If it is required not to enable the operator to get into the OS Windows (i.e. for example, he couldn't delete files, play games, etc.), it is advisable to install and use the SafeOper PROMOTIC component.
Next suitable setting in the OS Windows is the automatic user login into the OS Windows. Then on this setting, for example, on the start (restart) the computer doesn't prompt for entering the user and the specified user is automatically set without any dialog. This setting is implemented for OS Windows 7/Vista/XP/XPe/2003-12Server as follows:
In the Windows registers (where you can get, for example, by the regedit.exe program) in the [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] section set (optionally create) the following values of the REG_SZ type:
After setting, reset the computer.
From the security point of view it is reasonable to start the application in a non-administrator mode. It means to:
Because the application is installed under the user Administrator but operated under the user Promotic, all files and folders of the application must be accessible to the user Promotic for read and write. This is accomplished in the file system FAT32 where it isn't possible to set rights for files and folders but in NTFS this condition must be ensured (it wouldn't be accomplished by default).
If the OS Windows is installed on a stand-alone computer (outside a domain), then the Windows use simplified security model. Then it isn't possible to set manually the user access rights for files and folders but a shared Windows folder exists (C:\Documents and Settings\All Users\Documents) that has preset rights so that folders and files stored in it are accessible to all Windows users for read and write. From this reason it is suitable to place the application, including the folder with the application data files, into the shared folder.
If the OS Windows is located in a domain, then the application can be installed in any location but it is necessary to allow the Promotic user to read and write into the folders and files of the application and also to read from the PROMOTIC system folder (C:/Pm) including all subfolders. If necessary, the simplified security model of sharing files in the OS Windows that are not in the domain, can be switched off in 'Local security settings' of the computer.
All this points aren't connected with the PROMOTIC application. It goes only about the OS Windows setting. The PROMOTIC application needn't be changed.
In the OS Windows it is also possible not to activate the desktop at all and instead of it to start the PROMOTIC application. But on this setting the OS Windows cannot be used in a normal way any longer and this system is "degraded" only to running the PROMOTIC application. This setting can be made as follows:
@ echo off