You do not need to whitelist the bulletproof security js script because it is a backend plugin script and not a frontloading plugin script. What happens sometimes during the Test Mode process is that the BPS .js script will be logged in your Security Log as being blocked. You can disregard this error. If the error continues to be logged then double check that you are entering valid plugin script whitelist rules and that you are not in Plugin Firewall Test Mode after completing Test Mode testing.
For the correct format and examples of valid plugin script whitelist rules see the Plugin Firewall Blue Read Me help button and this Forum link below.
http://forum.ait-pro.com/forums/topic/plugin-firewall-read-me-first-troubleshooting/