Presentation is loading. Please wait.

Presentation is loading. Please wait.

Standards in Elections: NIST and the Help America Vote Act Lynne S. Rosenthal National Institute of Standards and Technology

Published byBlaise Hutchinson Modified over 8 years ago

Similar presentations

Presentation on theme: "Standards in Elections: NIST and the Help America Vote Act Lynne S. Rosenthal National Institute of Standards and Technology"— Presentation transcript:

1 Standards in Elections: NIST and the Help America Vote Act Lynne S. Rosenthal National Institute of Standards and Technology lynne.rosenthal@nist.gov

2 Did your vote count? 2000: Florida hanging chads 2004: 4,500 votes lost - computer software not updated 22,000 votes missing – vote tabulator has insufficient storage 2008 1500 ‘phantom’ votes – software reliability problems 11,627 votes counted late – tabulator memory failure 590 voters get wrong ballot – software defect Massive machine breakdowns – reliability problems 3 precincts have votes switched – programming defect Lack of ink in coded block – ballot unreadable by op-scan 2

3 Today’s presentation Background 2002 Help American Vote Act (HAVA) NIST and HAVA What was wrong with the old standard? Voluntary Voting Systems Guidelines (VVSG) Conformance section Requirement structure Requirements VVSG status 3

4 Background 2000 election generated concerns over voting system integrity, usability, and security Voting System Standard (VSS) lacked Precision and clarity of requirements Requirements for newer technologies Logical organization of requirements 2002 Help America Vote Act (HAVA) passed to address these concerns Reform voting process Improve voting systems and voter access 4

5 NIST and HAVA National Institute of Standards and Technology Non-regulatory, part of U.S. Dept. of Commerce Promotes U.S. innovation and industrial competitiveness through measurement science, standards, and technology HAVA gives NIST a key role Provide technical support for development of Voluntary Voting System Guidelines (VVSG) Chair VVSG development committee 5

6 What was wrong with the old standard? Outdated or lacking requirements for newer voting activities and technologies Activation cards, e-pollbooks, accessible devices, electronic ballot markers Early voting, provisional voting, vote centers Inadequate security requirements Basically, stated: Thou shalt be secure No usability requirements Inadequate accessibility requirements Inadequate reliability and accuracy requirements Why MTBF = 163? No conformance clause Lacks a high level description of what is required to claim conformance 6

7 Old Voting Standard Requirements Memory hardware, such as semiconductor devices and magnetic storage media, must be accurate. The design of equipment in all voting systems shall provide for the highest possible levels of protection against mechanical, thermal, and electromagnetic stresses that impact system accuracy. 7

8 Old Voting Standard Requirements Memory hardware, such as semiconductor devices and magnetic storage media, must be accurate. The design of equipment in all voting systems shall provide for the highest possible levels of protection against mechanical, thermal, and electromagnetic stresses that impact system accuracy. 8 Bad: uses both ‘must’ and ‘shall’

9 Old Voting Standard Requirements Memory hardware, such as semiconductor devices and magnetic storage media, must be accurate. The design of equipment in all voting systems shall provide for the highest possible levels of protection against mechanical, thermal, and electromagnetic stresses that impact system accuracy. 9 Bad: uses both ‘must’ and ‘shall’ Bad: how is ‘accurate’ measured? Bad: what are the ‘highest levels’ ?

10 Old Voting Standard Requirements To ensure security, all systems shall provide security access controls that limit or detect access to critical system components. Good: access controls to be provided Bad: how strong? A 2-digit PIN would conform In all systems, controls used by the voter or equipment operator shall be conveniently located. Bad: what is ‘convenient’? 10

11 Goal: Build a new voting standard One that gets used, used correctly, and implemented in a consistent manner One that defines: What/who needs to implement the standard What needs to be implemented (shall, should, may) Testable requirements One that is modular with minimal redundancy One that is adaptable as things change One that is technology- and design- independent 11

12 Voting Standard (VVSG) Improvements Total reorganization New conformance section Defines what it means for a voting system to conform Clear, precise, testable requirements New core, security, accessibility, usability requirements measurement requirements Performance benchmarks, accuracy/error rates, reliability requirements for technological advances Activation cards, e-pollbooks, electronic ballot markers, accessible devices requirements to support all voting activities Early voting, vote centers, provisional voting 12

13 VVSG: Conformance Section Audience = manufactures and testing labs Defines what is normative vs. informative Defines normative verbs: SHALL, SHOULD, MAY Conformance is 100%, no partial conformance Classes of voting systems Categorizes requirements by functionality as they apply to voting systems and devices Implementation statement by manufacturer Indicates requirements that have been implemented (via classes) 13

14 VVSG: Conformance Classes Grouped various ways: Equipment type: vote capture device, tabulator, DRE, op-scan Voting variation: straight-party, N of M, primary, in-person 14

15 VVSG: Conformance Classes Grouped various ways: Equipment type: vote capture device, tabulator, DRE, op-scan Voting variation: straight-party, N of M, primary, in-person 15 Voting device E- device Programmed device TabulatorDREOptical scanner Manual mark Elect. Mark Precinct count Central count Central Tabulator

16 VVSG: Requirement Structure Id Requirement Title Requirement Applies to: Test Reference: D ISCUSSION Source: 16 informative normative Indicates a requirement Id: numbered according to section of VVSG Req Title: shorthand description Requirement Applies to: indicates voting system or device class Test Ref: type of testing required, VVSG Part 3 testing requirement cited Discussion: informative supporting info Source: origin

17 VVSG Requirement 17

18 18 Voting Standards: old vs. new Old: Software Standards: Control Constructs Operator intervention or logic that evaluates or stores data shall not re- direct program control within a program routine. Program control may be re-directed within a routine by calling subroutines, procedures, and functions, and by interrupt service routines and exception handlers. New: Core Requirements: Workmanship: Structured Programming Separation of code and data Application logic SHALL NOT compile or interpret configuration data or other input data as a programming language. Extracted from the Description: The requirement in [VSS2002] read "Operator intervention or logic..." That attempt to define what it means to compile or interpret data as a programming language caused confusion. Distinguishing what is a programming language from what is not requires some professional judgment… The reasons for this requirement are (1) mingling code and data is bad design, and (2) embedding logic within configuration data is an evasion of the conformity assessment process for application logic.

19 Voting Standards: old vs. new Old: To ensure security, all systems shall provide security access controls that limit or detect access to critical system components. New: Access Control Section 7 General req. 5 Identification req. 12 Authentication req. 6 Authorization req. 19 Extracted from General Requirements: The voting device SHALL provide access control mechanisms designed to permit authorized access to the voting system and to prevent unauthorized access to the voting system. Within the voting system architecture: a. the voting device SHALL provide controls that permit or deny access to device’s software and files. b.the vote-capture device’s access control mechanisms shall distinguish at least the following voting states: pre- voting, activated, suspended, and post-voting. c.The vote-capture device SHALL allow the administrator group or role to create additional voting states. d.The vote capture device SHALL allow the administrator group or role to configure different access control policies available in each voting state. e.The voting device’s default access control permissions SHALL implement the minimum permissions needed for each role or group. f.The voting device SHALL prevent a lower-privilege process from modifying a higher-privilege process. General Security Requirements: Access Control

20 Current Status VVSG undergoing public review and revisions http://www.eac.gov/vvsg VVSG companion document and tutorials http://www.votingvideos.nist.gov/TrainingVideos/ Test materials being developed http://vote.nist.gov/SystemTesting.htm Lynne S. Rosenthal NIST 20

21 NIST Voting Site http://vote.nist.gov Overview of NIST voting project VVSG versions, presentations, white paper VVSG tutorials and overview information Test materials and information 21

22 22 Lynne Rosenthal National Institute of Standards and Technology lynne.rosenthal@nist.gov

23 Requirements Types Functional: specifies that the object is capable of performing a certain action The voting system SHALL allow the voter to cast a straight party line vote. Performance: specifies not only the object is capable of performing a certain action, but also sets a benchmark for how well it performs The voting system SHALL provide visual feedback within 1 section when the voter makes or changes a choice within a contest. Design: specifies something about the static structure of the object Any control buttons on a voting system SHALL be at least 1 inch apart. 23

Download ppt "Standards in Elections: NIST and the Help America Vote Act Lynne S. Rosenthal National Institute of Standards and Technology"

Similar presentations

CIP Cyber Security – Security Management Controls

CIP Cyber Security – Security Management Controls
Overview of IS Controls, Auditing, and Security Fall 2005.

Overview of IS Controls, Auditing, and Security Fall 2005.
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
Charlie Daniels Arkansas Secretary of State HAVA Compliant Voting Systems Security Considerations General Recommendations to Enhance Security and Integrity.

Charlie Daniels Arkansas Secretary of State HAVA Compliant Voting Systems Security Considerations General Recommendations to Enhance Security and Integrity.
TGDC Meeting, July 2011 Review of VVSG 1.1 Nelson Hastings, Ph.D. Technical Project Leader for Voting Standards, ITL

TGDC Meeting, July 2011 Review of VVSG 1.1 Nelson Hastings, Ph.D. Technical Project Leader for Voting Standards, ITL
© Copyright 2009 TEM Consulting, LP - All Rights Reserved Presentation To Travis County, TX - May 27, 2009Rev 1 – 05/22/09 - HSB US Voting System Conformity.

© Copyright 2009 TEM Consulting, LP - All Rights Reserved Presentation To Travis County, TX - May 27, 2009Rev 1 – 05/22/09 - HSB US Voting System Conformity.
Security in By: Abdulelah Algosaibi Supervised by: Prof. Michael Rothstein Summer II 2010: CS 6/79995 Operating System Security.

Security in By: Abdulelah Algosaibi Supervised by: Prof. Michael Rothstein Summer II 2010: CS 6/79995 Operating System Security.
TGDC Meeting, Jan 2011 VVSG 1.1 Test Suite Status Mary Brady National Institute of Standards and Technology

TGDC Meeting, Jan 2011 VVSG 1.1 Test Suite Status Mary Brady National Institute of Standards and Technology
Voting System Qualification How it happens and why.

Voting System Qualification How it happens and why.
12/9-10/2009 TGDC Meeting TGDC Recommendations Research as requested by the EAC John P. Wack National Institute of Standards and Technology

12/9-10/2009 TGDC Meeting TGDC Recommendations Research as requested by the EAC John P. Wack National Institute of Standards and Technology
TGDC Meeting, July 2011 Overview of July TGDC Meeting Belinda L. Collins, Ph.D. Senior Advisor, Voting Standards, ITL

TGDC Meeting, July 2011 Overview of July TGDC Meeting Belinda L. Collins, Ph.D. Senior Advisor, Voting Standards, ITL
Effectively Integrating Information Technology (IT) Security into the Acquisition Process Section 5: Security Controls.

Effectively Integrating Information Technology (IT) Security into the Acquisition Process Section 5: Security Controls.
Chapter 10: Computer Controls for Organizations and Accounting Information Systems

Chapter 10: Computer Controls for Organizations and Accounting Information Systems
TGDC Meeting, Jan 2011 VVSG 2.0 and Beyond: Usability and Accessibility Issues, Gaps, and Performance Tests Sharon Laskowski, PhD National Institute of.

TGDC Meeting, Jan 2011 VVSG 2.0 and Beyond: Usability and Accessibility Issues, Gaps, and Performance Tests Sharon Laskowski, PhD National Institute of.
EAC-requested VVSG Research Overview and Status June 2008 Mark Skall Chief, Software Diagnostics and Conformance Testing Division National Institute of.

EAC-requested VVSG Research Overview and Status June 2008 Mark Skall Chief, Software Diagnostics and Conformance Testing Division National Institute of.
Computer Based Information Systems Control UAA – ACCT 316 – Fall 2003 Accounting Information Systems Dr. Fred Barbee.

Computer Based Information Systems Control UAA – ACCT 316 – Fall 2003 Accounting Information Systems Dr. Fred Barbee.
Demystifying the Independent Test Authority (ITA)

Demystifying the Independent Test Authority (ITA)
Questions/Comments: Ed Smith VVSG and Requirements Management Ed Smith January 13, 2011.

Questions/Comments: Ed Smith VVSG and Requirements Management Ed Smith January 13, 2011.
Data management in the field Ari Haukijärvi 2nd EHES training seminar.

Data management in the field Ari Haukijärvi 2nd EHES training seminar.
Standards in Elections: NIST and the Help America Vote Act Lynne S. Rosenthal National Institute of Standards and Technology

Standards in Elections: NIST and the Help America Vote Act Lynne S. Rosenthal National Institute of Standards and Technology

Similar presentations

Ads by Google