Advanced Run-time Image Techniques


Microsoft Corporation

May 2009

This technical article describes advanced concepts for improving Windows Embedded Standard 2009 run-time image sustainability, footprint optimization, and configuration.

When you design and develop Windows Embedded Standard 2009 run-time images, you should consider issues such as sustainability and footprint optimization that can have a long-term impact on the usefulness of your image. You can use several methods to achieve a reduced footprint, including configuring settings offline with Target Designer and configuring the run-time image after deployment.

Detailed planning is at the heart of every operating system image built with Windows Embedded Standard 2009. When you carefully plan which components to include, you are more likely to create an image that will be sustainable in the longer term.


The storage media that you use affects the size of the run-time image. For example, if you use a compact flash disk it is likely that the image will have to be much smaller than if you use a hard disk. Storage media can also influence how the device will be serviced. With a compact flash disk, you may need to use a write filter such as Enhanced Write Filter (EWF) or File-Based Write Filter (FBWF) to preserve the life of the compact flash disk. However, when you use EWF or FBWF, then you have to perform additional steps, such as disabling and re-enabling the filters, when you apply updates to the device.

Over time, it is likely that the peripherals, such as printers, mouse devices, and keyboards, that are attached to the device will be replaced by newer models. When you upgrade to newer models, you must install new drivers on the device. To make sure new drivers install correctly, you can include one of the helper macro components in the configuration, such as the Generic Device Driver Support macro or the Class Installers/Hardware Compatibility macro.


The environment where your device is located can influence how the device is serviced. Servicing can range from applying a full image refresh to running Device Update Agent on space-constrained devices, or installing the System Center Configuration Manager (ConfigMgr) client to automatically download updates from a server.

If you apply a full image refresh, you might need to manually intervene by booting from a USB disk or CD-ROM, formatting the device, and then copying over the new image. If you run Device Update Agent on a device with limited disk space, you might need to repackage the updates. If you install a ConfigMgr client, which automatically downloads updates from a server, it might have a significant impact on disk space.

If a device is connected to a network, you should include security components, such as the Windows Firewall/Internet Connection Sharing component. A device on a domain can use the domain’s group policies, but you will need to include the Group Policy collection of components in the image. If a device includes one of the write filters and is located on a domain or connects to a server through Remote Desktop Protocol (RDP), you may want to include the Registry Filter component to enable the Terminal Server license for the device to be renewed and the domain IP address to be refreshed.


One of the less obvious things about creating a Windows Embedded Standard run-time image is that the management utilities for Windows features in the configuration are not automatically included. This is the case with most programs in the Control Panel. For example, if you want to check the properties of the device after it is deployed, you have to include the System Control Panel component.

Control Panel components are as follows:

  • Accessibility Control Panel
  • Add Hardware Control Panel
  • Add or Remove Programs Control Panel
    This feature is available only for non-Microsoft applications that are installed after the device is deployed.
  • Audio Control Panel
  • Control Panel Applet for "Wireless Setup Wizard" and "Home Networking Wizard"
  • Date/Time Control Panel
  • Display Control Panel
  • International Control Panel
  • Keyboard and Mouse Control Panel
  • Phone and Modem Control Panel
  • Power Meter Control Panel
  • Speech Control Panel
  • System Control Panel
  • User Control Panel
  • Windows Firewall Control Panel

You might also want to add the Control Panel Command Line Support component.

When a developer adds a Windows feature to a run-time image, common utilities are not automatically included. However, these utilities might be helpful to the user or administrator after the device is in the field. Examples of utility components include the following:

  • Registry Editor
  • CMD - Windows Command Processor
  • TCP/IP Utilities
  • Net.exe Utility
  • Netshell
  • Windows Clean-up Utilities
  • Administration Support Tools
  • Device Manager
  • Miscellaneous Command Line Tools

For headless devices that do not have a graphical user interface, you must include remote management components such the RPC or Telnet components.

You can also add multiple user accounts and make them members of certain user groups, which then inherit the access permissions for that group, such as Power User or Administrator. You may need to set up an administrator for the device to handle management tasks that require a broader set of permissions.

Footprint may mean different things to different device developers. Some developers may have no image size constraints because they use a hard disk, whereas others may be restricted to a certain size compact flash disk because of budgeting constraints. Frequently, a smaller footprint is preferred for embedded devices for several reasons:


  • Fewer features mean fewer vulnerabilities.


  • A smaller bill of materials (BOM) may dictate USB or compact flash media. Therefore, an image has to be created that fits the size constraints of this media.
  • Servicing fewer features reduces the overall device cost and may result in improved uptime of that device.

You can trim space requirements at several points in the development cycle: when creating or importing a .pmq file, when creating a configuration, after building the image, and after testing the image.

Optimize When Creating or Importing a .pmq File

Do not include software-enumerated devices. Software-enumerated devices are device drivers for virtual devices and are generally not needed on most embedded devices.

Software-enumerated device components include the following:

  • ACPI Fixed Feature Button
  • ACPI Sleep Button
  • Audio Codecs
  • CD-ROM Drive
  • Communications Port
  • Creative AudioPCI (ES1371,ES1373) (WDM)
  • Direct Parallel
  • Floppy disk drive
  • Game Port for Creative
  • ISAPNP Read Data Port
  • Legacy Audio Drivers
  • Legacy Video Capture Devices
  • Microsoft Kernel Acoustic Echo Canceller
  • Microsoft Kernel Audio Splitter
  • Microsoft Kernel DLS Synthesizer
  • Microsoft Kernel DRM Audio Descrambler
  • Microsoft Kernel GS Wavetable Synthesizer
  • Microsoft Kernel System Audio Device
  • Microsoft Kernel Wave Audio Mixer
  • Microsoft Streaming Clock Proxy
  • Microsoft Streaming Quality Manager Proxy
  • Microsoft Streaming Service Proxy
  • Microsoft WINMM WDM Audio Compatibility Driver
  • NVIDIA GeForce
  • Printer Port
  • Printer Port Logical Interface
  • RAS Async Adapter
  • Standard floppy disk controller
  • System Speaker
  • System Timer
  • Terminal Server Device Redirector
  • Terminal Server Keyboard Driver
  • Terminal Server Mouse Driver
  • WAN Miniport (IP)
  • WAN Miniport (L2TP)
  • WAN Miniport (PPPOE)
  • WAN Miniport (PPTP)

To make sure that these components do not come into your image, run Tap.exe with the "/I" switch. This instructs Tap.exe to ignore all software-enumerated devices so they are not added to the .pmq file. If you are not sure if you will need a software-enumerated device driver, you can import a .pmq file (created without the switch) into Component Designer, then disable the software-enumerated device components. These components can be re-enabled if you need them in the future. A more elegant implementation is to add a membership for your custom hardware component on the Selector Prototype component in Component Designer. After this custom hardware component is imported into the database, you can select or clear any of the drivers in the configurable UI of the component in Target Designer.

Optimize When Creating a Configuration

When you are creating your configuration, you can reduce space requirements several ways. An obvious one is to select smaller components. For example, you might include Minlogon instead of Windows Logon (Standard), FAT file system instead of NTFS, or a Command or custom Shell instead of Explorer Shell. However, NTFS offers compression capabilities that reduce the image size, and Windows Logon (Standard) provides authentication for users, which helps make the device more secure. Keep in mind that every choice has advantages or disadvantages. You can choose to leave out a page file or the Help files (both default options), or to omit control panel components and other utilities. You can also remove any unnecessary components that are added to the image after a dependency check is run. Unnecessary components may include Indexing Service, Volume Manager, Logical Disk Manager, or Windows Firewall/ Internet Connection Sharing.

We strongly recommend that you keep Internet Connection Sharing in your image if the device will be connected to the Internet.

Deleting components that are added to a configuration by a dependency check is referred to as breaking the dependency chain. Typically, we do not recommend that you delete components that have been added to resolve dependencies. Therefore, if you choose to remove components added during a dependency check, you must thoroughly test the device to make sure that the dependent component is really not required.

If the full dependency chain is not resolved, a subsequent dependency check may add a removed component back to the configuration if any other component has a dependency on it. To prevent this from occurring, delete components only after all other dependencies for the configuration are satisfied. Do not run the next dependency check before you build the configuration in Target Designer. You can also turn off the Auto-resolve setting.

  1. On the Tools menu, click Options.

  2. Select the Dependency Check tab.

  3. Clear Auto-resolve dependencies.

This prevents components from being automatically added to a configuration during a dependency check. Instead, Target Designer will create a task for each dependency in the Task pane, which you can resolve manually to include the dependent component. If you do not complete a task, the warning will persist. However, the warning does not prevent the configuration from building correctly in Target Designer.

It is not clear from viewing the components in Target Designer what dependent components they will bring in. There are two ways to find dependencies:

  • Add the component to a blank configuration, turn off auto-resolve dependencies, and run a dependency check
    The task pane will show you the first level of dependencies that the component has. Be aware that each component that you add to the configuration to complete a task also has its own collection of dependencies.
  • Use the command-line script file, Xpecmd.wsf, located in \Program Files\Windows Embedded\Bin on the development computer, to list the dependencies of the component
    The syntax is as follows:
    • dbopen (local)
    • deptree /2 'comp:^<component name>|<component revision>'
      The |Rxxxx after the component name indicates the specific version of the component.

All versions of components are stored in the database even though only the most recent version is visible in Target Designer.

You can view seven levels in the dependency tree by adjusting the value for the switch /2. Usually, one or two levels provide sufficient information.

Post-Build Optimization

After the run-time image is built, you can optimize the image size in several ways. If you did not include Control Panel components or utility components and you want to use one or more of these small features, you can copy over only the Control Panel .cpl file, or the utility file, such as Tasskill.exe, from the repository to the appropriate location on the image.

You must make sure that the feature has no additional dependencies that are left unsatisfied in the image or the utility will not work correctly. If you want to make sure that dependencies are satisfied, add the component that contains the utility file to the configuration, then disable all the other files owned by that component that you do not want brought into the run-time image.

Another way to reduce footprint is to delete the setup log files (Setupapi.log, Fbalog.txt) and the Windows\FBA folder after the image has completed First Boot Agent (FBA).

Post-Test Optimization

After the image is thoroughly tested you can remove troubleshooting and testing components, such as Error Reporting, Dr. Watson Debugger, Event Log, Safe Mode Support, and Task Manager, from the configuration if they are not required for management and monitoring of the device after it is in the field.

Additional Considerations

Other things to consider when you design a space-constrained device include the following:

  • Choose a small servicing agent such as Device Update Agent, instead of the ConfigMgr client.
  • Running applications that do not require the .NET Framework provides a large space savings.
  • If you are building a device for multiple regional markets and require the multilingual user interface (MUI) components to be part of the configuration, including multiple languages in one configuration will result in a significantly larger image. Instead, maintain separate smaller configurations for each region or language.

One of the advantages of using Windows Embedded Standard 2009 over a desktop operating system such as Windows XP Professional is that many settings and options can be configured offline in Target Designer. When the run-time image starts for the first time, these settings are already applied. This saves work for the developer or administrator of the device.

Some common things that can be configured include the following:

  • Activate the device
    Enter a retail PID in the Settings node of the configuration, under the Run-time Image Licensing section.
  • Prevent Windows logo splash screen from displaying on startup
    In the Settings node of the configuration, expand the Other Settings section and select the Do not display GUI boot screens check box.
  • Specify whether Help files should be copied to the device
    In the same section, select or clear the Do not copy Help files for this configuration check box.
  • Add a pagefile
    In the hardware abstraction layer (HAL) component under the Settings node (for example, the Standard PC or ACPI Multiprocessor PC component), expand the System Pagefile section and select the Enable pagefile support check box.
  • Specify computer name
    In this same component, under the System Identification section, enter a computer name and other owner-specific information if you want.
  • Enable hibernate
    Also in this component, under the Power Management Settings section, select the Enable hibernation support check box. If it is required, select a power management policy form the list.
  • Automatic logon
    In the Settings node of the Automatic Logon component specify the domain, user name, and password to automatically log on with. You have to make sure that this user account is included in the configuration, with the same credentials.
  • Set up user accounts
    Add one or more User Account components. Under the Settings node of each enter a user name and password and select the option button for the user group.
  • Configure video settings
    Under the Settings node of the graphics driver component, (for example, NVIDIA GeForce 256, Radeon 7000 - Microsoft Corporation, Intel 82810-DC100 Graphics Controller), set the screen resolution, color quality, and screen refresh rate by selecting values from the lists.
    If the required setting is not located on the default list, you can set the video settings by clicking the Advanced button on the Details pane of the component. Enter the required values in the cmiScreenResolution, cmiColorQuality, and cmiScreenRefreshRate fields.
    When you enter custom values and go back to the configurable UI to view the settings in the drop-down list, the list will be blank. This is expected. These custom values will be applied if your driver supports the custom settings that were entered.

Many other feature components also contain configurable settings. However, it is not easy to identify these components, other than by looking at them individually.

Some components that contain configurable settings are as follows:

  • ASP.NET 2.0
  • HTML Help Engine
  • Terminal Services Core
  • Text Services Framework
  • User Interface Core
  • WMI Core
  • Dr. Watson Debugger
  • Error Reporting
  • Windows .NET Messenger
  • Internet Explorer
  • Accessibility Control Panel
  • Client/Server Runtime (Console)
  • Windows Firewall/Internet Connection and Sharing
  • All the Embedded-Enabling features (for example, Message Box Default Reply, System Cloning Tool, Enhanced Write Filter)

Another useful feature in Target Designer is the ability to add files and registry keys to the configuration. If your application requires certain files or registry keys to be present on the image, you can add them to the Extra Files and Extra Registry nodes at the top of the configuration. Make sure that the resource option in the View menu is selected to expose the Extra Files and Extra Registry nodes.

Although you can use Target Designer to configure many settings offline, some settings exist that you cannot configure in Target Designer. If you want to configure some of these remaining settings, you can do it after the run-time has been built, but before it is deployed to the device and runs FBA.

To configure settings contained in registry keys, load the registry hive on your development computer.

  1. On your development computer, run Regedit.exe at a command prompt.

  2. Click a hive (for example, HKEY_LOCAL_MACHINE)

  3. Click File and select Load Hive.

  4. Move to the Windows\System32\Config folder of your run-time image.

  5. Select the hive that contains the information that you want to change (for example, Software.sav).

    If you are changing a system before FBA runs, load the .sav hive.
  6. Enter a name for the key (for example, Runtime_Software).

    The new key appears under the HKEY_LOCAL_MACHINE hive of the development computer.

  7. Change the keys and values.

  8. To unload the hive, click the key name, click File, and select Unload Hive.

    The changed values will be processed when FBA runs.

Examples of settings that can be changed by using this technique include the following:

  • Prevent display of the "New Programs are installed" dialog box
    Add the following registry keys:
    Value Name: EnableBalloonTips
    Data Type: REG_DWORD (DWORD Value)
    Value Data: (0 = disabled, 1 = enabled)
    Value Name: Start_NotifyNewApps
    Data Type: REG_DWORD (DWORD Value)
    Value Data: (0 = no, 1 = yes)
  • Set the time zone
    The default time zone is UTC (Greenwich Mean Time). To change the time zone (for example, to Pacific Standard Time), change the following keys:
    "DaylightName"="Pacific Daylight Time"
    "StandardName"="Pacific Standard Time"
  • Change the location of the pagefile
    This is valuable if you have a write filter enabled on drive C, and you want your pagefile to be on another partition that is not protected by a filter. Change the values for this key:
    HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management
    Name: PagingFiles
    Type: REG_MULT_SZ
    Data: C:\pagefile.sys 150 500

If you include the Registry Editor component in the image, you can also change registry values on the run-time image after FBA.

It is important to be careful when you are working in the registry because any corruption in the registry may make the image unusable.

In certain circumstances you can update drivers directly on a device after it has been deployed. Bin place the driver .sys and .inf files directly in the appropriate folder on the run-time image, and then restart the device. Plug and play will then install the driver. This technique works only if the class installer files and libraries for that device driver category, such as network adapters, are already present on the image. More advanced drivers may also have additional services that may not work correctly with this technique if the required dependencies are not already satisfied in the image.

What you have learned

This article focused on planning sustainable images, optimizing footprint, and configuring a number of settings in Target Designer and in run-time images after you have built and deployed them.