Migrate historian from SQL to aahClientManaged SDK and resolve all OPC UA Part 11 gaps

Replace direct SQL queries against Historian Runtime database with the Wonderware
Historian managed SDK (ArchestrA.HistorianAccess). Add HistoryServerCapabilities node,
AggregateFunctions folder, continuation points, ReadAtTime interpolation, ReturnBounds,
ReadModified rejection, HistoricalDataConfiguration per node, historical event access,
and client-side StandardDeviation aggregate support. Remove screenshot tests.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

src/ZB.MOM.WW.LmxOpcUa.Host/Configuration/ConfigurationValidator.cs

@@ -89,10 +89,9 @@ namespace ZB.MOM.WW.LmxOpcUa.Host.Configuration
                 string.Join(", ", config.Security.Profiles), config.Security.AutoAcceptClientCertificates,
                 config.Security.RejectSHA1Certificates, config.Security.MinimumCertificateKeySize);
 
-            if (config.Security.PkiRootPath != null)
-                Log.Information("Security.PkiRootPath={PkiRootPath}", config.Security.PkiRootPath);
-            if (config.Security.CertificateSubject != null)
-                Log.Information("Security.CertificateSubject={CertificateSubject}", config.Security.CertificateSubject);
+            Log.Information("Security.PkiRootPath={PkiRootPath}", config.Security.PkiRootPath ?? "(default)");
+            Log.Information("Security.CertificateSubject={CertificateSubject}", config.Security.CertificateSubject ?? "(default)");
+            Log.Information("Security.CertificateLifetimeMonths={Months}", config.Security.CertificateLifetimeMonths);
 
             var unknownProfiles = config.Security.Profiles
                 .Where(p => !SecurityProfileResolver.ValidProfileNames.Contains(p, StringComparer.OrdinalIgnoreCase))
@@ -115,6 +114,37 @@ namespace ZB.MOM.WW.LmxOpcUa.Host.Configuration
                 config.Security.Profiles[0].Equals("None", StringComparison.OrdinalIgnoreCase))
                 Log.Warning("Only the 'None' security profile is configured — transport security is disabled");
 
+            // Historian
+            Log.Information("Historian.Enabled={Enabled}, ServerName={ServerName}, IntegratedSecurity={IntegratedSecurity}, Port={Port}",
+                config.Historian.Enabled, config.Historian.ServerName, config.Historian.IntegratedSecurity,
+                config.Historian.Port);
+            Log.Information("Historian.CommandTimeoutSeconds={Timeout}, MaxValuesPerRead={MaxValues}",
+                config.Historian.CommandTimeoutSeconds, config.Historian.MaxValuesPerRead);
+
+            if (config.Historian.Enabled)
+            {
+                if (string.IsNullOrWhiteSpace(config.Historian.ServerName))
+                {
+                    Log.Error("Historian.ServerName must not be empty when Historian is enabled");
+                    valid = false;
+                }
+
+                if (config.Historian.Port < 1 || config.Historian.Port > 65535)
+                {
+                    Log.Error("Historian.Port must be between 1 and 65535");
+                    valid = false;
+                }
+
+                if (!config.Historian.IntegratedSecurity && string.IsNullOrWhiteSpace(config.Historian.UserName))
+                {
+                    Log.Error("Historian.UserName must not be empty when IntegratedSecurity is disabled");
+                    valid = false;
+                }
+
+                if (!config.Historian.IntegratedSecurity && string.IsNullOrWhiteSpace(config.Historian.Password))
+                    Log.Warning("Historian.Password is empty — authentication may fail");
+            }
+
             // Authentication
             Log.Information("Authentication.AllowAnonymous={AllowAnonymous}, AnonymousCanWrite={AnonymousCanWrite}",
                 config.Authentication.AllowAnonymous, config.Authentication.AnonymousCanWrite);