Microsoft and Windows IoT  Same bits – different behavior 

Gunter Logemann, Principal Consultant loT Consulting: “Viele Technologien, die aus dem Consumer-Umfeld stammen, wie Secure Boot oder Bitlocker, werden auch in der Industrie angewendet.”
Gunter Logemann, Principal Consultant loT Consulting: „Many technologies that originate in the consumer environment such as Secure Boot or Bitlocker are now also being used in industry.“

Microsoft now offers special versions of Windows for embedded customers. While the functionality remains identical to consumer versions, device developers are given more possibilities to control the behaviour of the operating system. 

Does the OEM group still exist at Microsoft?

Gunter Logemann: It has hardly changed in terms of personnel, but we now call it the Consumer and Devices Group and the group continues to work with OEMs and ODMs who develop devices and implement technologies in that area. The spectrum of these devices is very broad, ranging from Windows Hello cameras to IoT devices to Hololens. 

…... whereby consumer devices have little to do with industry ..

Logemann: Yes, although many technologies that originated in the consumer environment such as Secure Boot or Bitlocker are also starting to be used in industry. In fact now that Internet connection in manufacturing facilities is opening up more and more, the same security technolo­gies are needed as in the IT environment. 

One specific problem for industrial customers is the long lifespan of machines and plants and the fact that their hardware and software then have to be supported for a correspondingly long time. 

Logemann: We take this into account with the so-called embedded features that we have in the operating system. We have special versions of Windows, such as Windows 10 IoT and Win 10 IoT Core, which we offer with appropriate Long Term Service Agreements. This ensures not only that security updates are available for ten years, but also that the operating system does not undergo any feature updates, as is the case with consumer devices. 

Windows IoT Enterprise and Windows Enterprise use exactly “the same bits”, but the license terms are different and the IoT version also has embedded features that can be adjusted. On a consumer PC, there is no way to control how much computing power certain processes will receive but with the embedded features, OEMs have significantly more control and can intervene in the scheduling of the operating system. 

Does this also apply to activation? – Embedded systems often cannot access Microsoft‘s activation servers. 

Logemann: Agreed, but the activation process is different from normal Windows. Typically the license will be sold through one of our distributors. The entire operating system is so designed that it ships with a device which runs an application making the device a single-purpose device. This goes so far that the device can be so configured with our write filters that the end user cannot change anything at all. 
In the ideal case the customer does not even notice that Windows is running underneath. Depending on the type of device, there are different versions, from Windows IoT Enterprise down to Windows IoT Core, which no longer have a user interface and runs on even smaller devices such as ARM devices. 

Which ARM processors does Microsoft support with Windows IoT Core? 

Logemann: There are certain basic processors that we support, e.g. i.MX6 and i.MX7. However, the Board Support Package must be customized by the board manufacturer. This is a significant effort for ARM systems, which also depends on the way chip man­ufacturers support their customers. 

A further point is the support for additional chips, e.g. WLAN modules. In that case the board manufacturer must ensure that the drivers are integrated. For this support has to come from the actual chipset manufacturer, because we didn‘t develop the hardware. 

In recent years Microsoft‘s strategy has been „Cloud first“. However, many embedded customers cannot or do not want to transfer their data to the Cloud. How does Microsoft take care of them? 

Logemann: There are different ways to solve this. One of them is Azure IoT Edge. Workloads such as a stream analysis are processed in a Docker container locally instead of in the Cloud. However, a temporary connection to the Cloud is still needed here because the system checks the consistency of the Docker containers with the Cloud from time to time and updates them if necessary. 

There are also other solutions but they are more complex. For „very large“ applications this could be for example Azure Stack. In this case, virtually the entire Cloud is run locally. It becomes very interesting where you can‘t connect to the Cloud at all and want to be independent of an Internet connection. One example would be a large cruise ship with a digital signage solution in every room. 

So that could also be a solution for a medium-sized company that says: „My data remains on my company premises“? 

Logemann: Yes, but that‘s not a Raspberry Pi system, but a Data Center rack the size of a refrigerator.