Not that I know of. You could always use Linux .
It might be possible to enforce that sort of thing via Windows Group Policy. I’ve set up systems that are “only allowed” to run certain applications. This is really a lot more painful than is practical unless you literally only use the terminals for one thing.
Alternatively, you could check out “Key Trapping” applications or those designed to lock users out from doing anything - they usually replace explorer with a custom shell. Your best bet would probably be to buy a cheap one that you can download as a trial first. I remember such a setup at a school. It was effective enough, but you could do things like run applications in VBA script from a Microsoft Office macro, etc.
My opinion is that, in most cases, this is a user education process. Do you have a compelling reason to need to really prevent OS access? If there’s an easy shortcut to get back in your HMI, how bad could it be if operators want to close it? Don’t want them playing Solitare? Uninstall it. There isn’t any installation/configuration that you’re trying to protect in FactoryPMI. All that said, I’ve been personally interested in creating a custom Knoppix build that boots entirely from a CD and loads a FactoryPMI project automatically in a closed environment. Likely to get started anytime soon? Not really.