Upload
wilfrid-tucker
View
213
Download
0
Embed Size (px)
Citation preview
NIST Voting Program ActivitiesUpdate
February 21, 2007
Mark SkallChief, Software Diagnostics
and Conformance Testing Division
Page 2Voting Program Activities Update
Deliverables to the EAC Next iteration of Voluntary Voting
System Guidelines Test materials for new VVSG
Delivered separately from new VVSG Delivered incrementally over the next few
years List of recommended test laboratories
NVLAP (National Voluntary Laboratory Accreditation Program)
Page 3Voting Program Activities Update
Background Help America Vote Act (HAVA) of 2002
Created TGDC 15 members, different disciplines Chaired by NIST Director
NIST performs research and technical support Initial TGDC recommendations required within 9
months TGDC/NIST delivered VVSG 2005 to EAC
Limited, based on 2002 standard Enhanced areas: security, human factors
Decided to develop more comprehensive guideline Next iteration of the VVSG
Page 4Voting Program Activities Update
Next Iteration of the VVSG Complete re-write of VVSG 2005 in all areas
Usability and Accessibility Security Core Requirements
Deliver to EAC in July, 2007 NIST performs research for the EAC’s TGDC
(Technical Guidelines Development Committee) TGDC makes recommendations to the EAC NIST does not make recommendations
NIST does the technical writing of the VVSG
Page 5Voting Program Activities Update
Dec 4-5 TGDC Meeting The meeting was perhaps the most important to date Major items for next iteration of the VVSG approved by the
TGDC included: Software-independence - must use verifiable voting records
for independent audits Process to include new and innovative voting systems with
greater usability, accessibility, and security Prohibiting RF wireless Improving the methods for measuring reliability and accuracy
of voting systems Improving and updating the usability and accessibility
requirements Improving requirements for the overall reliability of VVPAT
voting systems
Page 6Voting Program Activities Update
Usability & Accessibility Updates to Usability requirements
Usability performance benchmarks are being researched Result will be more accurate and realistic usability
performance metrics - voting systems will be easier to use Research and requirements to be completed by 4/2007
Updates to Accessibility requirements Relatively minor updates from VVSG 2005
Updates to other requirements for Alternative languages Documentation Plain language Voter and system response timing
Page 7Voting Program Activities Update
Security New VVSG will require new voting systems to be software-
independent: Accuracy of the election will not rely exclusively on the accuracy of the
voting system software Accuracy of the system’s electronic records will be able to be
independently audited against a voter-verified record Systems that do this currently are paper-based e.g., optical scan, VVPAT
New VVSG will include an Innovative Class TGDC is including a method for researchers or developers to create new
and innovative, possibly paperless, voting system approaches that would still be independently auditable and conform to the new VVSG
This may include newer, cryptographic-based systems that potentially promise greater usability and accessibility as well as security
Page 8Voting Program Activities Update
Security (cont) Requirements to improve the accessibility of paper-based
systems Requirements to improve the reliability and usability of VVPAT Radio-Frequency (RF) wireless will no longer be permitted for
use on voting systems Requirements for test labs to conduct open-ended
vulnerability testing on voting systems to search for vulnerabilities
Setup validation requirements being updated to permit inspection of whether a voting system’s installed software is the correct software
Other security areas: access control, auditing, cryptography, event logging, and physical security
Page 9Voting Program Activities Update
Core Requirements Voting system quality, reliability (MTBF), and accuracy
requirements being updated To improve voting system design and testing techniques To ensure that voting systems are robust and work properly
To promote quality systems, requirements for vendors to comply with ISO 9000/9001
COTS testing requirements being written To make clearer whether to exclude certain COTS products from in-
depth source code reviews COTS grouped into several categories Each category has its own testing requirements
Conventions for software coding being examined E.g., requiring software languages that contain improved integrity
and security constructs
Page 10Voting Program Activities Update
Summary of TGDC Resolutions
Innovation class - TGDC to include in new VVSG a class for new, innovative voting system approaches, NIST to research high-level requirements
Wireless security - no RF wireless in future voting systems
Software Independence
Page 11Voting Program Activities Update
Summary (cont) Recommendation to ICDR - TGDC recommends
Interagency Committee on Disability Research include voting as topic of future conference
Principal criteria – New VVSG to include a stmt that voting systems should be reliable, secure, accurate, usable, accessible, fit for use
Moving away from MTBF metric - TGDC directs NIST to research new reliability metric to replace older MTBF metric
Page 12Voting Program Activities Update
List of Proposed Test Labs NVLAP assesses potential voting system testing
laboratories NIST Director proposes them to the EAC EAC makes decision whether to accredit
them to test voting systems Proposals made to EAC on January 18, 2007
Proposed two test laboratories for accreditation to test to VSS 2002 and VVSG 2005
IBeta Quality Assurance Sys Test Labs
Page 13Voting Program Activities Update
Plans for Next Few Months For new VVSG:
1-2 additional TGDC meetings; roughly 40 teleconferences Research will be completed for usability performance
benchmarks Requirements for implementing software independence and
other security improvements will be completed Requirements for voting systems to be more reliable and usable
both for voters and election officials will be completed Delivery to EAC in July 2007
NVLAP will continue to investigate potential applicants for accreditation
Test suite development for new VVSG will start based upon FY07 fiscal appropriations
Funding Currently, testing laboratories develop tests Need comprehensive, transparent set of test suites
Page 14Voting Program Activities Update
Plans Post-New VVSG NIST is prepared to assist the EAC in vetting the
VVSG 2007 with other organizations, including: the EAC’s Standards Board the Access Board other voting-related organizations, e.g., NASS, NASED
NIST is prepared to assist the EAC, if requested, to perform research in response to public comments
Continued development of test suites for new VVSG
Page 15Voting Program Activities Update
Discussion