Why use a custom OS image?

While the development activity can be complex, the advantages offered are manifold and concern both the production phase of the solution and the use of the system by the end user.

Some advantages:

  • Exploiting the full potential of the operating system : obtaining the desired behavior for the end user without using third-party software or independently developing a proprietary solution.
  • Engineering of the production phase : the deployment of the operating system on the machine can be performed in certain times and in a replicable and constant manner for all productions.
  • Minimization of human intervention : the installation procedure can be made unattended, minimizing operator intervention and the possibility of human error in carrying out the configuration procedure.
  • Installation maintainability : it is possible to version the archived images and update most of the features in offline mode, without having to reinstall the system on a replica of the original hardware configuration.

TPole’s great experience in developing customized OS images

For over ten years we have been developing customized operating system images for customers operating in different application areas and with different needs, using Microsoft® Windows ™ Embedded operating systems.

TPole is the correct partner for the development of your OS image because:

  • We have a deep understanding of the potential offered by the different versions of the operating system
  • We know how to recommend the best method to obtain the result desired by the customer
  • We have solid high-level technical contacts in Windows ™ Embedded
  • We have a holistic approach in development, we don’t deliver a configuration, we produce real and functional solutions to problems
  • We know how to test and verify the functionality of the solution, having knowledge of the possible problems that may occur

The use of embedded operating systems allows to obtain, both for the features offered and for licensing issues compared to a consumer operating system, substantial changes in terms of interface and end user interaction with the operating system.

Some potentialities offered by Windows ™ Embedded systems:

  • Locked kernel version/strong>: usually, W10 automatically updates the kernel by introducing support for new hardware or new features. To avoid this behavior, which can introduce instability and incompatibility between the operating system and the application software developed, it is possible to use versions W10 1607 LTSB or W10 1809 LTSC, which do not perform the kernel update.
  • Unbranding of the operating system : removal of all logos and animations during the system boot phase, hiding from the operator the real operating system on which the application is based, a topic particularly felt in the medical field.
  • Custom shell : definition of an alternative application in place of Explorer as the operator interface, limiting user interaction only to the features provided during the design phase. TPole is able to guide the customer in defining the specifications and functions to be implemented.
  • Keyboard filter : possibility of blocking key combinations to non-administrator users, limiting the level of interaction to the only functions provided during the project.
  • Write filter : possibility to block writes to disk using FBWF (File Based Write Filter) or EWF (Enhanced Write Filter) on WES7, UWF (Unified Write Filter) on W10. By defining the write lock for critical partitions and files, it allows a more closed and secure system to be available because it cannot be modified and always the same with each restart. This change also allows you to preserve the health of flash-based storage media.

Below we introduce a non-exhaustive series of commonly required configurations:

  • Multilanguage installation : without region constraints, it is possible to equip the system image with optional languages ​​by installing additional language packs.
  • Disabling Windows ™ Update : in addition to the kernel updates, it is possible to inhibit access to any update whether it be a driver or a security via Windows ™ Update, in a completely restorable way.
  • Windows ™ Firewall configuration : Ability to define predefined configurations for each network profile or to completely disable the functionality.
  • Disabling Windows ™ Defender : allows you to disable the malware removal utility integrated into the operating system.
  • Notification center removal : removal of the notification center from the tray menu, allows you to have a more closed system.
  • Removing security toast notifications : Allows you to remove desktop toast notifications regarding security configurations, such as status notifications for Windows ™ Firewall or Windows ™ Defender.
  • Removal of toast notifications : allows you to selectively remove particular categories of notifications on the desktop, such as those for detecting new hardware or changing settings, which can be invasive in normal use.

It is also possible to define further customizations on the basis of particular customer needs, such as the installation of additional software or configurations not present among those previously reported, for which we suggest you contact our technical area.

Management and restore of the production image

Wanting to provide a global solution, the developed image is delivered with tools that allow it to be easily deployed on a test system or in the production phase.

To check the various options available, please refer to dedicated section