CostOS Architecture
- 1 Introduction
- 2 System Components
- 3 Deployment Suggestions
- 4 How the Components Connect
- 5 Backing Up the Application
- 5.1 Data Recovery
- 5.2 Disaster Recovery
- 6 User Authentication
- 7 Inside CostOS — How the Layers Work Together
- 8 CostOS Workstation — Modules and Connections
- 9 How CostOS Keeps All Users in Sync
Introduction
CostOS is made up of three main components: a desktop estimating application, an application server that manages users, data and business logic, and a database where all project information is stored.
All communication between components is encrypted. Each organization is responsible for providing and installing their own SSL/TLS security certificate, which activates encrypted connections across the entire system. Once a certificate is in place, all data moving between the desktop application, the server and the database is fully protected against interception.
Security certificates are required to enable encrypted connections. CostOS supports standard SSL/TLS certificates issued by your organization or a trusted certificate authority (CA). Your IT team installs the certificate during the initial setup of the application server. No certificate is provided by Nomitech — each customer manages and renews their own certificate according to their internal security policies.
System Components
CostOS Workstation
The CostOS Workstation is the main desktop application used by estimators and project teams. It is responsible for all cost estimating tasks including building up bills of quantities, managing resources, running assemblies, performing takeoffs and calculating project costs. It connects to the application server for authentication and data synchronization, and supports a wide range of file imports and exports for both estimating data and design files.
CostOS Enterprise Server
The CostOS Enterprise Server is the central engine of the system. It is responsible for managing all user sessions, enforcing access rights, executing business logic and coordinating communication between the desktop application, the web interface and the database. All data changes pass through the server, which ensures consistency across all connected users and keeps a full log of every action performed in the system.
SQL Server Database
The database is where all project data, user information, settings and files are permanently stored. It is responsible for the reliable and consistent storage of everything from project estimates and resources to BIM models and action history logs. It is split into a master database for global settings and user management, and one or more project databases for individual project data.
Deployment Suggestions
CostOS can be deployed in different ways depending on the size of your organisation, your IT infrastructure and how your teams work. For organisations with a central office and a dedicated IT team, an on-premise installation on your own servers is the most straightforward option and gives you full control over the environment. For organisations with remote teams, multiple locations or limited on-site infrastructure, a cloud or remote desktop deployment is recommended as it removes the need to install the application on individual user devices. In both cases, all three components — the workstation, the application server and the database — should ideally run on separate machines to ensure performance and stability. Nomitech recommends discussing your specific setup with your IT team before installation to choose the option that best fits your environment.
A fast and stable network connection between all three components is essential for a smooth experience. CostOS is a data-intensive application and relies on constant communication between the workstation, the server and the database. Connecting to an on-premise server over a home or external network through a VPN is not recommended, as the additional network overhead and reduced bandwidth typically cause noticeable lag and slow response times. For remote users, the preferred solution is a cloud or remote desktop deployment where all components are hosted together in the same network environment and users connect to a single remote session rather than routing all application traffic through a VPN.
Standard Installation (On-Premise)
In a standard on-premise installation, CostOS is deployed entirely on your company's own servers and infrastructure. The CostOS desktop application is installed on each user's PC and connects directly to the CostOS application server over the company's internal network (LAN). This is the most common deployment model and gives the IT team full control over the environment, configuration and security.
Cloud / Remote Desktop Installation
For organizations with remote teams, multiple office locations, or a preference for cloud-hosted infrastructure, CostOS can be deployed on cloud virtual machines. In this model, users connect to CostOS through a secure remote desktop session from their browser — no local installation is required on the user's device. All three components — the desktop application, the application server and the database — run on separate virtual machines within the cloud environment, keeping them isolated and independently scalable.
CostOS desktop application, application server and database run on the company's own servers. All connections between components are encrypted using a certificate provided and managed by the customer's IT team.
How the Components Connect
The table below summarizes the connections between each component of CostOS. Each connection can optionally be secured with encryption by installing an SSL/TLS certificate. Ports are configurable and can be adjusted to meet your organization's network policies.
Source | Destination | Protocol | Port (Default) | Configurable | Encryption | Purpose |
|---|---|---|---|---|---|---|
Desktop Workstation | TomEE Application Server | HTTP/HTTPS | 8080 | Yes | TLS 1.2 | REST API / Web Interface |
Desktop Workstation | TomEE Application Server | TCP/SSL (JMS) | 61616 | Yes | TLS 1.2 | JMS Messaging (ActiveMQ) |
Desktop Workstation | SQL Server | TCP | 1433 | Yes | TLS 1.2 | Direct Database Access |
TomEE Application Server | SQL Server | TCP | 1433 | Yes | TLS 1.2 | Server-side Database Access |
Note: Encryption is activated by installing an SSL/TLS certificate on the application server. All connections support TLS 1.2 or higher. Without a certificate, connections remain unencrypted. Nomitech recommends enabling encryption for all production installations.
Backing Up the Application
https://knowledge.support.nomitech.com/wiki/spaces/COST8/pages/79396873
All CostOS data — projects, estimates, resources, user settings, BIM models and action history — is stored entirely in the database. The desktop application and the application server do not hold any project data themselves, which means that keeping regular database backups is all that is needed to fully protect your data. Nomitech strongly recommends setting up automated daily database backups and storing copies in a separate location from the application servers. The frequency of backups should be decided based on how critical the data is and how much work your organisation can afford to lose in a worst-case scenario.
The setup, scheduling and safekeeping of database backups is the sole responsibility of each organisation's IT team. Nomitech does not manage, monitor or store backups on behalf of customers. It is the customer's responsibility to ensure that backups are performed regularly, stored securely and tested periodically to confirm they can be successfully restored.
Data Recovery
In the event of accidental data loss or the need to roll back to a previous state, recovery is straightforward. Replace the current database with the chosen backup, restart the application server service and the system will immediately reflect the restored data. No reinstallation or reconfiguration is needed. Users can resume work as normal with the data exactly as it was at the time of the backup.
Disaster Recovery
In the event of a full disaster where all machines are lost, the system can be fully restored from a database backup alone. Install a fresh SQL Server instance and restore the database backup, then install a fresh CostOS application server and point it to the restored database. The system will be fully operational again with all project data intact, exactly as it was at the time of the last backup. No project data is lost beyond what was not yet included in the most recent backup.
User Authentication
Before accessing CostOS, every user must log in. Authentication is managed by the application server and is verified before any data or functionality becomes accessible. CostOS does not store passwords in plain text — all credentials are encrypted and handled securely.
CostOS supports the following login methods, which can be configured independently for each deployment:
Method | Description |
|---|---|
Local Account | Username and password managed directly inside CostOS. Suitable for organizations that do not use a central directory. |
Company Directory (Active Directory) | Login using existing Windows or LDAP company credentials. Users log in with the same username and password they use for other company systems. |
Single Sign-On (SSO) | Login via your organization's SSO provider (for example Microsoft Azure AD, Google Workspace, Okta or similar). Users access CostOS without entering a separate password. |
Windows Login (Kerberos) | Automatic login using the user's current active Windows session. No additional login step is required when working on a Windows domain. |
Inside CostOS — How the Layers Work Together
CostOS is organized into three distinct layers. The desktop application and web interface sit at the top, communicating with the application server through secure channels. The application server is the central layer of the system — it handles all user sessions, business logic, event processing and data synchronization between connected users. At the bottom, the database stores all project data, files and models. External tools and reporting applications can connect through published APIs on the left and right sides of the application server. Each layer is independent, which means components can be updated or scaled without affecting the rest of the system.
CostOS Workstation — Modules and Connections
The CostOS desktop application is built around a central project calculation engine, supported by dedicated modules for assemblies, takeoffs, resources, project variables and data import and export. It communicates with the CostOS Enterprise Server to handle user authentication, session management, action logging and real-time collaboration between users. A direct connection to the database supports high-performance data operations. A wide range of file formats is supported for importing and exporting estimate data, design files and reports, with built-in integration for project planning tools such as Primavera and Microsoft Project. The Plugin SDK allows organizations to extend the workstation with custom-built integrations.
How CostOS Keeps All Users in Sync
Multiple users can work on the same or different projects simultaneously without interfering with each other. When a user makes a change, the application server processes the update, recalculates the affected project data and immediately notifies all other connected users who are working on the same project. Each workstation listens for relevant changes and refreshes automatically, so every user always sees up-to-date information without needing to manually reload. All actions are logged in real time, building a full history of changes across all projects and users.