nist voting program
DESCRIPTION
NIST Voting Program. Barbara Guttman 12/6/07 www.vote.nist.gov. NIST “Help America Vote Act” Responsibilities. Chair Technical Guidelines Development Committee (TGDC) Provide technical support to TGDC in the development of voluntary voting system guidelines including - PowerPoint PPT PresentationTRANSCRIPT
NIST Voting Program
Barbara Guttman12/6/07
www.vote.nist.gov
NIST “Help America Vote Act” Responsibilities
Chair Technical Guidelines Development Committee (TGDC)
Provide technical support to TGDC in the development of voluntary voting system guidelines including
Recommend independent labs to the EAC for accreditation
Page 3Voting Program Activities Update
TGDC Background Created by HAVA
15 members, different disciplines Chaired by NIST Director NIST performs research and technical
support Delivers recommendations to the
EAC
NIST/TGDC Committee Structure & Coordination
TGDC resolution (July ‘04) established 3 subcommittees:
Security and Transparency (STS) Human Factors and Privacy (HFP) Core Requirements and Testing (CRT)
Each subcommittee has NIST staff assigned to it
Page 5Voting Program Activities Update
NIST & the TGDC
NIST performs research for the TGDC TGDC makes recommendations to
the EAC NIST does the technical writing of
the VVSG
NIST/TGDC Activities
July 2004: 1st plenary session of TGDC May 2005: Provided initial recommendations for voting system guidelines (VVSG 2005)
Sep 2007: Provided next set of recommendations for voting system guidelines (Next VVSG)
Page 7Voting Program Activities Update
Why are there two versions of the VVSG?
HAVA required initial recommendations from the TGDC in 9 months
VVGS 2005 limited due to timeframe – incremental improvement to the 2002 VSS
There was a need to develop comprehensive, updated requirements for voting systems
Therefore, TGDC developed two versions: VVSG 2005 is an update of the VSS 2002 Next VVSG is a complete re-write
Page 8Voting Program Activities Update
What is in the Next VVSG? Complete re-write of VVSG
2005 in all areas Usability and Accessibility Security Core Requirements
Page 9Voting Program Activities Update
VVSG Major Re-Organization
Part 1: Equipment RequirementsPart 2: Documentation RequirementsPart 3: Testing
Requirements in Parts 1 and 2 reference general test methods in Part 3
Page 10Voting Program Activities Update
Walk Through of Requirements
Human Factors & Privacy Usability, Accessibility, Other
Security & Transparency SI, Innovation Class, IVVR, Other
Core Requirements & Testing Reliability, COTS, Other
Page 11Voting Program Activities Update
Software Independence Voting systems must be SI
Accuracy of the election must not rely exclusively on the accuracy of the voting system software
Accuracy of the system’s electronic records will be able to be independently audited against an independent voter-verified record (IVVR)
Systems that do this currently are paper-based e.g., optical scan, VVPAT
Page 12Voting Program Activities Update
Innovation Class Next VVSG includes an Innovative Class
The VVSG will allow for developers to create new and innovative, possibly paperless, voting system approaches that would still be independently auditable and conform to the next VVSG
This may include newer, cryptographic-based systems that potentially promise greater usability and accessibility as well as security
Page 13Voting Program Activities Update
Other Security
Radio-Frequency (RF) wireless is no longer permitted for use on voting systems
Requirements for test labs to conduct open-ended vulnerability testing on voting systems to search for vulnerabilities
Requirements to digitally sign electronic records for integrity and to identify each record by machine and election
Requirements for all software to be digitally signed and verified before being permitted to load or run on voting system
Other security areas: access control, auditing, event logging, and physical security
Page 14Voting Program Activities Update
Reliability Benchmarks Voting system quality, reliability (MTBF),
and accuracy requirements updated To improve voting system design and testing
techniques To ensure that voting systems are robust and
work properly Replaced MTBF method with volume
testing (based on CA’s) Worked with NASED to develop number
and types of allowed failures
Page 15Voting Program Activities Update
COTS COTS testing requirements re-written
To make clearer whether to exclude certain COTS products from in-depth source code reviews
Definition of unmodified COTS narrowed Modified COTS grouped into several
categories, each with its own testing requirements
Page 16Voting Program Activities Update
Other Core Requirements
Conventions for software coding were examined E.g., requiring software languages that contain
improved integrity and security constructs To promote quality systems, requirements
for vendors to comply with ISO 9000/9001 Updated electrical, clarified requirements
for all voting activities
Page 17Voting Program Activities Update
Discussion