Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

AVEVA™ PI Server 2024 R2

TABLE OF CONTENTS

AVEVA PI Server 2023 Patch 1 - Release Notes

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedSep 05, 2025
  • 4 minute read

Overview

AVEVA™ PI Server 2023 Patch 1 includes a variety of bug fixes and security remediations to improve the stability and functionality of the PI Data Archive and PI Asset Framework (AF).

The PI Server installation kit 2023 has updated components for PI Data Archive, AF Server, and AF Client. Some of the components including Buffer Subsystem, PI SDK, PI Collective Manager, and PI Module Database Builder will remain at the same version as delivered by the previous release.

New features

The features in this section were introduced in the 2023 GA release of PI Server:

  • TLS and Open ID Connection: OIDC leverages the AVEVA Identity Manager to integrate with AVEVA Connect. When installed, it automatically registers itself with Active Directory (AD) and enables AD claims. TLS certificates are registered on PI Server components and the AVEVA Identity Manager server.

  • PI to Data Hub: The PI to Data Hub agent is now available as a feature in the PI Server installation kit. On a new installation, when the Data Archive server role is selected, the agent feature will also be selected by default. The latest agent has the capability of sending licensed PI point counts to AVEVA Data Hub, allowing customers to take advantage of AVEVA Flex.d

Fixes and enhancements

This table lists all resolved issues in this release.

Product / Component

WI / PLI

Description

Asset Framework

97888

AFTime.ConvertString can throw an exception when being accessed across threads.

Asset Framework

78248

Event frames can be left checked out by the PI Analysis Service.

Asset Framework

79322

PI System Explorer error may occur at initial startup: "The Process does not possess the 'SeSecurityPrivilege' privilege which is required for this operation."

Data Archive

(Archive)

97563

In rare cases, it is possible for the Data Archive to assign an incorrect PI Identity to a connection. This issue has been resolved.

Data Archive (Archive)

99032

When seeking an authorization token in OAuth, the issue with incorrect user identity mapping for end user connections in the PI Server Data Archive was resolved. Now, as users authenticate using the authorization code grant, their identities are accurately assigned, ensuring proper access and data management within the system.

Data Archive (Archive)

99035

An enhancement has been implemented to incorporate audience and utilize user claims for Jason Web Token (JWT) validation, improving security and access control measures within the system.

Data Archive (Backup)

95765

The issue where both messages are logged and the script attempts to create the directory, regardless of its existence, has been resolved.

Data Archive (Message)

96033

Addressed a system failure in the PI message subsystem.

Data Archive (PInetmgr)

79872

PI Data Archive was unable to communicate with the PCS/AIM when configured to use a non-default port. This issue has been resolved.

Data Archive (Pinetmgr)

79915

Resolved the issue where the PI Data Archive could not utilize OIDC authentication if there was no available IMS server during a PI Data Archive restart. The default timeout for this scenario has been set to 30 seconds, as specified in the PI timeout table.

Known issues

The following items are known issues and upgrade compatibility considerations in AVEVA PI Server 2023 Patch 1:

  • Platform Common Services (PCS) generated certificates should not be used as TLS Certificates for PI System services and applications. PCS-generated certificates are refreshed and issued monthly, and this renewed certificate is not propagated to PI System services.

  • If you are using PI Asset Framework to store complex types in AFValue and ExtendedProperties, or using Views or other custom objects in PI OLEDB Enterprise, some functionality may be lost initially on upgrade. This can be remediated by setting enableBinaryFormatter to ‘True’ in the AFSDK.config on PI Clients.

    Note: Additional security protection was added that disables use of the BinaryFormatter. The use of 'enableBinaryFormatter' setting is discouraged.

  • The AFElement.GetAttributeValues and AFEventFrame.GetAttributeValues methods allow an optional WindowsIdentity/ClaimsIdentity to be passed in so that a service, using a trusted subsystem model, can evaluate access for the specified user identity. However, if the service is not mapped to the Administrator Identity on the PI Asset Framework server, the identity parameters are ignored, and the attributes and data are returned with the access rights of the caller (the trusted subsystem). This may result in granting Read Data privilege to the attributes to the end-user.

    The work around is to run the trusted subsystem service with admin rights on the PI System. This issue only affects applications that are trying to impersonate calls to users, such as the PI SQL Data Access Server (Real-Time Query Processing Engine).

Refer to the AVEVA Customer Portal Products page for a complete list of known issues.

Security information and guidance

We are committed to releasing secure products. This section is intended to provide relevant security-related information to guide your installation or upgrade decision.

We proactively disclose aggregate information about the number and severity of security vulnerabilities addressed in each release. The tables below provide an overview of security issues addressed and their relative severity based on standard scoring.

Vulnerabilities fixed

This table lists the number of fixed vulnerabilities in this release by severity category and CVSS base score range.

Severity category

CVSS base score range

Number of fixed vulnerabilities

Critical

9.0 - 10

0

High

7.0 - 8.9

2

Medium

4.0 - 6.9

1

Low

0 - 3.9

1

Vulnerabilities mitigated

Note: There are no identified vulnerabilities mitigated in this release.

Distribution kits

This table provides the list of products included in the distribution kits for this release.

Product

Software version

Microsoft Visual C++ 2022 Redistributables (x86 and x64)

14.36.32532

Microsoft VSTO 2010 Runtime

10.0.60910

OSIsoft MS VB Runtime Redistributables

1.0.2

PI Buffer Subsystem

4.9.0.37

PI Network Subsystem

3.5.500.617

PI AF Client

3.0.1.58

PI AF Server

3.0.1.77

PI Analysis Service

3.0.0.790

PI Notifications Service

3.0.1.74

PI Data Archive

3.5.500.617

PI Software Development Kit (PI SDK)

1.4.7.620

PI System Management Tools

3.7.0.272

PI Collective Manager

1.4.3.25

PowerShell Tools for the PI System

3.0.0.126

PI Module Database Builder

1.3.0.0

Aveva.PI.OIDCConfigurationTool

1.0.1.123

©2023 AVEVA Group plc and its subsidiaries. All rights reserved.

In This Topic
TitleResults for “How to create a CRG?”Also Available in