Skip to Main Content
AVEVA™ PI System™ Feedback Portal

Welcome to our feedback site!


We created this site to hear your enhancement ideas, suggestions and feedback about AVEVA products and services. All of the feedback you share here is monitored and reviewed by the AVEVA product managers.

To start, take a look at the ideas in the list below and VOTE for your favorite ideas submitted by other users. POST your own idea if it hasn’t been suggested yet. Include COMMENTS and share relevant business case details that will help our product team get more information on the suggestion. Please note that your ideas and comments are visible to all other users.


This page is for feedback specifically for AVEVA PI System. For links to our other feedback portals, please see the tab RESOURCES below.

Status No status
Categories Security
Created by Kenneth Barber
Created on Aug 20, 2022

Maximum security should be the default for the PI Data Archive and PI System Management Tools

Maximum security by default would help encourage security best practices by:

  • Making the best decision for customers that do not know or care about security

  • "Rewarding" security-conscious customers with not having to expend effort to maximize security

  • "Punishing" customers that practice suboptimal security by requiring extra effort to make their PI system less secure

  • Sending the message that "secure" is the new normal and "insecure" is the odd one out

Please make the following changes to the PI Data Archive and PI System Management Tools:

  • All built-in PI Users should have the "User is disabled", "User cannot be used in a Mapping", "User cannot be used in a Trust", and "User cannot be used for an explicit login" check boxes checked by default on new installations. These should also be the default for new PI Users.

  • All built-in PI Groups should have the "Group is disabled", "Group cannot be used in a Mapping", and "Group cannot be used in a Trust" check boxes checked by default on new installations. These should also be the default for new PI Groups.

  • All built-in PI Identities should have the "Identity cannot be used in a Trust" check box checked by default on new installations. This should also be the default for new PI Identities.

  • The default value of the AutoTrustConfig tuning parameter should be 0. When upgrading an existing PI system, if AutoTrustConfig uses its old default value, this value should be preserved after the upgrade as a custom, non-default value.

  • Max out the Security Setting slider by default (i.e. the default value of the Server_AuthenticationPolicy tuning parameter should be 51). When upgrading an existing PI system, if Server_AuthenticationPolicy uses its old default value, this value should be preserved after the upgrade as a custom, non-default value.

  • Attach files