Certification on the ballot
Commission, NIST work on new guidelines, uniform testing suite
- By Wilson P. Dizard III
- Mar 18, 2007
The security features of electronic voting systems will undergo upgraded certification testing in the latest round of election technology reforms Congress mandated following the 2000 presidential election.
The federal Election Assistance Commission, which Congress created as part of the Help America Vote Act of 2002, has been overseeing the development of voting-system testing as well as a $500 million federal grant program to help states purchase voting IT [GCN.com/741].
The commission is working with the National Institute of Standards and Technology to develop two key upgrades to voting system certification: an overhauled version of the federal government's 2005 Voluntary Voting System Guidelines, and a group of standard public testing suites for use by accredited test laboratories.
The new testing suites will replace existing proprietary testing methods.Out with the old
Donetta Davidson, commission chairwoman, said the overhauled voting system guidelines would include much more stringent security provisions.
'They are looking at the security process in depth, especially at methods of using software-independent technology, which would push it up a great deal,' Davidson said.
The software-independent technology method calls for voting systems to maintain completely separate internal audit trails to verify voting data.
The software-independent technology is distinct from the increasingly popular voter-verified paper audit trail systems, which provide proof to voters that their ballots were correctly recorded, Donaldson said.
Donaldson said NIST likely would present its overhauled version of the voting system guidelines this summer, but that the commission likely wouldn't approve them until next year. The commission will receive evaluations of the new guidelines from technical advisory committees and later request public comments.
'The last time we did this, for the 2005 guidelines, it took us seven months [to go through the approval process],' Donaldson said.
The 2005 guidelines included some limited improvements to the accessibility and security provisions of a previous 2002 standard developed under the auspices of the National Association of State Election Directors, Donaldson said, but the next version of the guidelines will comprehensively revise the security provisions.
Meanwhile, NIST also is preparing a public, uniform test suite for accredited laboratories to use when certifying voting systems. 'The test suite builds on the credibility of the labs, because in that way the labs will be using the same practices [rather than proprietary test methods],' Donaldson said.
Mary Saunders, chief of NIST's standards services division, said the uniform public standards would help the testing laboratories assure that their customers'the voting system vendors'as well as the public have better insight into how voting systems are evaluated.Labs certified
On Feb. 21, the commission announced that it had accepted NIST's recommendations to accredit two testing labs, iBeta Quality Assurance LLC of Aurora, Colo., and SysTest Labs LLC of Denver, as compliant with HAVA's provisions.
NIST staffers checked how the labs have developed and implemented tests assuring that voting systems create activity logs and carry out other functions as specified in the systems documentation, Saunders said.
After evaluating a lab, NIST can recommend that the commission issue an accreditation assuring that the lab complies with the HAVA requirements for certifying voting systems. The law specifies that NIST re-evaluate each accredited lab every two years.
Carolyn Coggins, director of voting system quality assurance for iBeta Quality Assurance, pointed to the change that is expected to take place once NIST and the EAC develop a uniform public testing suite.
'The difference today is that each lab interprets the [voting system] standard,' Coggins said. 'That process does allow for differences in methodology.'
As for the difference between testing voting systems and testing other types of IT, Coggins said, 'With every type of system you look at there is always a unique challenge.
'One of the unusual aspects of testing a voting system is the secrecy of the ballot,' Coggins said. 'In other types of IT auditing situations, you don't remove the identity of [the person entering data into the system]. But in testing voting systems, you have to pull your audit trail apart.'
Coggins said her lab has developed tests for the code used in voting systems that assure its compliance with the current 2005 Voting System Guidelines.
Donaldson said the election commission also is developing recommendations to state election authorities on how to create secure processes for removing names from statewide voter registration databases.
The HAVA law required states to build the voter databases by January 2006. But nearly half of all states missed either that HAVA deadline or others, such as that for accessible voting systems, according to the nonpartisan Electionline.org watchdog group.
States continue to work to improve election system security by meeting those and other HAVA requirements, according to the commission.
'Now, the public sees not only updates on the voting system guidelines, and additional security built in, but for the first time we have a federal government voting-system certification process,' Donaldson said.