Secure output points using a whitelist file

For enhanced security, create a whitelist of output points to specify authorized point updates to the data source. When using a whitelist, the interface verifies an output point against the list before updating the data source.

The whitelist file is a comma-separated values (.csv) file that contains a list of valid output points and any attributes necessary to specify the output points and their intended location within the data source.

Additionally, the zero and span attributes can be used to specify the minimum and maximum values allowed by the output point.

For more information about UniInt security, see Interface security configuration overview.

1. Extract a list of output tags from Data Archive using the PI Builder add-in for Microsoft Excel.

   The output tags open in a spreadsheet.

2. Delete any output points that you want to disable.

3. For whitelist output points, delete any columns for point attributes that the interface does not use to associate the output point to the data source.

4. Export the spreadsheet as a .csv file.

5. Copy the whitelist .csv file to the desired location. The default file location is in the interface installation directory.

   Edit the file permissions so that the interface service account can read the file and only authorized users can read and write to it.

6. Use PI ICU to select the Enable Output Point Security option on the UniInt page, or edit the .bat file for the interface to add the /whitelist=path\filename parameter, specifying the location and name of the .csv file.

7. Restart the interface.