Windows XP Embedded Reliability and Medical Devices
Posted February 28, 2003
Chat Date: January 30, 2003
Please note: Portions of this transcript have been edited for clarity
Chat Participants:
- Frances Cohen (Pacific Systems Solutions), Director of Engineering
- Robert Lusinsky (Pacific Systems Solutions), Principal Engineer
- Marc Sandusky (Pacific Systems Solutions), Principal Engineer
- Anil Ingle (Microsoft), Development Manager for Windows XP Embedded
- Brad Williams (Microsoft), Test Lead for Windows XP Embedded
- Michael Fosmire (Microsoft), Community Program Manager
Moderator: Mike Fos (Microsoft)
Welcome to today's chat with Pacific Systems Solutions about Windows XP Embedded Reliability and Medical Devices! Questions, comments, and suggestions are welcome.
Moderator: Mike Fos (Microsoft)
Let’s introduce our hosts for today.
Host: Robert (Microsoft PSS)
Hi, Robert Lusinsky. I'm a principal engineer with PSS.
Host: Marc (Microsoft PSS)
Hi, Marc Sandusky, also a principal engineer with PSS
Host: Frances (Microsoft PSS)
Hi, Frances Cohen. Director of engineering with PSS, system software consulting
Host: Anil (Microsoft)
Hello, I am the Development Manager for Windows Embedded here at Microsoft
Moderator: Mike Fos (Microsoft)
Welcome everyone, let’s get started!
Host: Anil (Microsoft)
Q: EWF is broken in SP1, this is required for reliability. When is the QFE to be made available? Is there a test plan/procedure for EWF?
A: We are working on a QFE. We will post a schedule soon.
Host: Frances (Microsoft PSS)
Q: I cannot afford to turn off auto resolve in Target Designer as the unresolved dependencies are ambiguous. So my image includes Internet explorer etc. How can I test all this?
A: Can you be more specific of what you want to test? You should be able to run IE easily.
Host: Frances (Microsoft PSS)
Q: My question is: How can I assure myself in general that the image I create is reliable? Do I trust auto-resolve to create a reliable OS.
A: I have not seen problems coming when using the autoresolve. If you are not using this, you will need quite a bit of testing to validate dependencies.
Host: Frances (Microsoft PSS)
Q: I am running into trouble trying to build a new component for a PnP driver. Are there any issues I must consider in order to import the .inf file?
A: Can you be more specific about the problem you are running into?
Host: Frances (Microsoft PSS)
Q: I have seen components fail as the dependency tree is guesswork.
A: Do you have autoresolve on? It should take out the guesswork.
Host: Anil (Microsoft)
Q: Many developers want to remove PnP to speed boot as it is typically not needed in an embedded system. Is there an answer to this?
A: Yes you can remove PnP. Don’t include the usermode PnP component
Host: Anil (Microsoft)
Q: So I should include only kernel-mode PnP comp, right?
A: Yes. Also check out Building a Kernel Baseline Configuration and Building a Minlogon Baseline configuration in the doc's.
Host: Anil (Microsoft)
Q: How can I assign resources to the hardware if PnP is not running?
A: Kernel mode Pnp will call your driver. Also check out PnP Device ID & Custom resources in the Documentation
Host: Frances (Microsoft PSS)
Q: Does anyone know of any XPe (or NTe) devices approved by the FDA?
A: Our customers have had their devices (ultra-sound, etc.) approved as required.
Host: Frances (Microsoft PSS)
Q: .NET framework adds boot time. Is this being addressed? I would like to be able to develop applications with this technology.
A: We have done some work to reduce boot time using a hibernate image resume. This is good for some, but does have some caveats.
Host: Anil (Microsoft)
Q: What about newly released hardware? thanks
A: Is there a specific piece of hardware that you would like to see supported?
Host: Frances (Microsoft PSS)
Q: How do you prove the integrity of the data after a power-down event? Is this possible assuming you are not using the read-only filter driver?
A: Assuming you are asking about power loss, we have resolved this issue using a write filter.
Host: Frances (Microsoft PSS)
Q: Follow-up: Doesn't the write filter prevent you from writing to the hard-drive?
A: Yes, but it also allows you to commit writes in a controlled manner.
Moderator: Mike Fos (Microsoft)
Q: I am using MSMQ for IPC and remote desktop for maintenance. These features are what make XPe worthwhile. How mature are these technologies and am I using them as intended?
A: The folks most familiar with this area are not on the chat with us today. You might consider posting to the newsgroups to see what other folks in the community have to say about that.
Host: Frances (Microsoft PSS)
Q: This might be a stupid newbie question, but what is the difference between Windows XP Embedded and Windows CE .NET? Specifically, why can we use Windows XP Embedded in Medical Devices and not Windows CE .NET?
A: Several companies do use CE.NET in their medical devices. It all depends on the features, price point, and hardware required.
Moderator: Mike Fos (Microsoft)
Q: Is the PID I enter into Target Designer to make my image non-evaluation on an XPe license sticker? I hear I have to purchase one sticker to get the PID.
A: We'll be having someone join the chat who can respond to this in a few minutes.
Host: Anil (Microsoft)
Q: How does one test a EWF protected partition?
A: Brian, what kind of tests do you want to run? The EWF partition should prevent any changes.
Host: Anil (Microsoft)
Q: The registry is protected by EWF. Are there any components that need non-volatile storage?
A: EWF will redirect the writes to RAM or to an Overlay. So even components that need non-volatile storage should work.
Host: Anil (Microsoft)
Q: So there are no components that need registry storage to be non-volatile between power cycles?
A: That's not what I am saying. I am saying that even if there are, they shouldn't know that their writes are being redirected.
Host: Anil (Microsoft)
Q: In other words power down evaporates the RAM overlay, components that have written to the registry lose their data. This is OK?
A: Yes the components will come back to their original state. You should check out EWF in the docs. They also talk about committing data from the EWF volume.
Host: Anil (Microsoft)
Q: Committing is impossible as there is no warning on power-down. EWF Management assumes that I turn it off to configure components, then back on after configuration. How do I make sure no changes occur that are needed between power cycles?
A: Once EWF is on, the changes will not make it to the underlying volume. Alternatively you could use a disk based overlay and do your commit on startup.
Host: Anil (Microsoft)
Q: OF what use then is a RAM overlay? A disk based overlay I believe can add minutes to boot time.
A: You can use the RAM overlay if you don't have the option of a disk based partition. you would need to commit before you loose power. Are you seeing time added to your boot when using disk based overlay?
Host: Marc (Microsoft PSS)
Q: Can you describe the medical devices that make use of XP or CE? Are they therapeutic devices?
A: We have experienced CE utilized, for example, in patient monitoring equipment.
Host: Frances (Microsoft PSS)
Q: In our application we would like to prevent access to the <Ctrl><Alt><Del> key sequence. I've asked in the newsgroups, but nobody has a solution. What can be done?
A: We have done some work in this area. There are a few options, one is a filter driver for the keyboard driver. I believe a key capture service may also be used.
Host: Frances (Microsoft PSS)
Q: Follow up on <Ctrl><Alt><Del>: Are the filter driver and key capture services Microsoft tools, or available from a 3rd party?
A: We have done this as part of our consulting services. Generally they have been too custom to make into products.
Host: Frances (Microsoft PSS)
Q: Have these devices achieved FDA approval? Was any audit performed as dictated by the FDA?
A: Our customers have generally taken care of this, so I cannot give specifics. XPE and our additional code has not caused any issues.
Host Guest_Brad
Q: yes touch-screen in particular
A: There is a version of ELO TouchSystems USB touch screen drivers in the build. Additionally, 3M-Microtouch drivers have been componentized by users posting in the newsgroups. If you search through the Embedded newsgroups you should be able to find posts from other users who have componentized touch screen drivers.
Moderator: Mike Fos (Microsoft)
Q: What is Microsoft's policy on licensing Medical Devices?
A: We don't have any specific licensing terms for any devices. The End User License Agreement outlines the legal parameters for this type of licensing.
Host Guest_Brad
Q: Does anyone know any Touch-Screen producers that distribute their components?
A: Not that I am aware of, but if you search through the Embedded newsgroups you should be able to find posts from other users who have componentized touch screen drivers. We also recommend that you contact product support for the hardware and request that they provide components for their hardware.
Host: Anil (Microsoft)
Q: I have not tried a disk overlay as EWF is broken in SP1. I assumed the commit on powerup copies the entire overlay to the protected partition. Is this not so?
A: Yes the entire overlay is copied. We should have a fix for the SP1 version of EWF soon. EWF has a problem on some chip-sets. If it has a problem on yours, you could just copy the RTM distribution of EWF.SYS over the SP1 distribution to try this out.
Moderator: Mike Fos (Microsoft)
Q: "End User License Agreement" Who/What is this?
A: The EULA is called "licenseagreement.rtf". It should be in the root directorty of Disk1.
Moderator: Mike Fos (Microsoft)
Q: Is the PID I enter into Target Designer to make my image non-evaluation on an XPe license sticker? I hear I have to purchase one sticker to get the PID.
A: To build non evaluation runtimes, two things must be true:
1. Target Designer must be the full retail version (there is no way to upgrade an image created with the evaluation copy of the tools).
2. A purchase runtime PID must be used (it’s different from the PID that comes with the retail tools). These can be purchased from licensed distributors, directly from Microsoft (for those who have direct purchase agreements), or through Enterprise licensing (via your account manager).
If your .SLX has been built with the evaluation tools, it should be reopened in the full product and rebuilt with the runtime PID described above, and the 120day time-out will no longer apply.
Host: Frances (Microsoft PSS)
Q: Are there any other reliability features XPe provides? Automated disk defrag, memory leak monitoring. Application crash recovery etc.
A: Anything you can run on XP you can run with XPE, so all 3rd party reliability tools will work (Bounds Checker...)
Moderator: Mike Fos (Microsoft)
Q: Sorry I meant during runtime in the field.
A: As I understand, the same basic scenario applies. Anything you can run on XP you can run with XPE.
Host Guest_Brad
Q: Could you plz help me in finding a way to join my device to the NT-2000 domain?
A: You should be able to utilize a utility called NETDOM.
Here is a link to a newsgroup posting that will provide you with additional information:
Here is a link to an online article about NETDOM: https://www.win2000mag.com/Articles/Index.cfm?ArticleID=7311
Host: Anil (Microsoft)
A: you should also look at the netsh utility for doing command line stuff.
Host: Frances (Microsoft PSS)
Q: Have any XPe devices made it through European regulations?
A: Some of our customers are major world wide suppliers of medical equipment, but they usually handle this on there own. Unfortunately, I can't answer with specifics.
Moderator: Mike Fos (Microsoft)
Thanks for joining us today and thanks for the questions. A special thank you to all our hosts today: Frances, Anil, Mark, Brad and Robert! It's time for us to go now.
.gif)
Top of page