Features, discussions, tips, tricks, questions, problems and feedback

Windows Updates in a Process Control Environment

The unplanned download and installation of Windows Updates have been a cause for concern in several Process Control / OT Projects.

Users / Integrators often do not realise that the “standard” behaviour of Windows for updates can often result in degraded PC performance (while the updates are being installed) OR an unscheduled reboot.

Since this is not desirable in a real-time / process control environment, it is very important to consider the timing and selection of Windows Updates carefully as part of a running system:

  1. Windows Desktop OS’s (such as Windows 10) often do not allow for any fine-grained control over Windows Updates and are therefore NOT recommended for OT projects.
  2. Windows Server OS’s allow for a better control of the type and timing of Windows Updates and are therefore far more suitable for OT projects.
  3. Furthermore, it is important to be selective in considering the list of Windows Updates (for example security patches only). A running system may be negatively affected by Windows Updates and should therefore be limited to critical updates only (especially after the commissioning phase of a project).
  4. In general, if Windows Server OSs cannot be implemented, or is unnecessary for the size of the project, it is recommended to use Windows IoT Enterprise LTSC versions (in fact, the LTSC version of any selected Windows OS is preferable).