Presentation is loading. Please wait.

Presentation is loading. Please wait.

Demystifying the Independent Test Authority (ITA)

Published byRobyn Flynn Modified over 8 years ago

Similar presentations

Presentation on theme: "Demystifying the Independent Test Authority (ITA)"— Presentation transcript:

1 Demystifying the Independent Test Authority (ITA)
                      Voting Systems Testing Summit 2005 Sacramento, CA November 28-29, 2005 Presented by: Brian Phillips

2 Who is SysTest Labs? Established in 1996
Sole Business Focus is to Provide Test Engineering, Quality Assurance and Certification Services Voting Systems ITA Qualification Testing Independent Verification and Validation (IV&V) Software Test Engineering Consulting and Services Accredited Software Independent Test Authority in 2001 Accredited Hardware Independent Test Authority in 2004 Small and Woman-Owned Business (70+ staff)

3 What is an Independent Test Authority?
ITA Charter from NASED Qualification Testing of DRE Election Systems to Voting System Standards 3 main components Election Management Polling Place Central Count Not Exhaustive Testing

4 Federal Voting System Standards (VSS)
First Developed in 1990 Voluntary Program New Standards over 3 years in making, released April 2003 Technological advances force more changes Election Assistance Commission’s charter to include Accessibility and language components

5 Software ITA Test Standards & Resources
SysTest Labs uses the following to perform ITA Qualification Testing: Federal Election Commission Voting System Standards published April 2002, Released 2003 SysTest Labs Quality Manual & Standard Procedures (Advanced Test Operations Management™) Various review/report forms, databases, templates, and tools

6 HAVA’s Impact on the ITA Process
HAVA Requires that NIST Accredit and Administer ITAs EAC was Established and will Administer the Funding and the VSS However Does not enforce stricter testing Does not Require States to use the ITA Process Does not Impose a State Certification Does not Require Qualification of Statewide Voter Registration Systems

7 Software ITA Process Pre-Qualification Technical Data Package (TDP) review and report Physical Configuration Audit - documentation, source code, test result review Functional Configuration Audit – hardware and software testing to verify logic, results and accuracy Final Qualification Report

8 Physical Configuration Audit (PCA)
PCA Document Review of the Technical Data Package The reviewer the completes the PCA Document Review Form for each submitted document against the requirements of the VSS Includes - System Functionality, Hardware/Software/Design Specifications, Security, Training, Maintenance, User Manuals, Configuration Management and QA Program Documented in the Pre-Qualification Report sent to NASED & the vendor. Verification of Software & Hardware Configuration Examine and set up the system hardware and software components for all documented components. Verify documentation is consistent with configuration used in the hardware ITA.

9 Physical Configuration Audit (PCA)
Source Code Review Identify code to review (New code vs. Changed code). Review vendor coding standards and customize review criteria (if necessary) for the specific programming language Manual source code review, examine the software for: Integrity- No external modification of code Follow each function looking for worms, viruses or Trojan Horses Check for buffer overflows that can lead to security compromise and the execution of malicious code. Absolute logical correctness, modularity, overall construction, and for conformance with VSS requirements and vendor coding standards. Review the system architecture for use of systems that detect intrusion. Automated source code review (if possible). Use an automated tool to obtain metrics of the Logic Control Constructs. Use security tools run to checks for constructs known to be dangerous.

10 Functional Configuration Audit (FCA)
FCA document review of the System Test & Verification Specification and all vendor testing Complete the FCA Vendor Testing Review Form to identify test coverage of: Required Ballot Preparation and Central Count Functionality Optional Features System Level Testing Document the results of the FCA Testing Review in the Pre-qualification Report, sent to NASED and the vendor. Assess the overall adequacy of the vendor’s testing Identify any gaps in testing Identify the scope of functional testing Identify the test tasks and predecessor tasks.

11 Functional Configuration Audit (FCA)
Define scope of testing based upon results of FCA review Create the Test Plan, sent to NASED and the vendor Customize System Level Tests to the voting system Voting Variations: Primary/General Election, Straight Party, Rotation, etc. Security: Access control policies Unauthorized changes to ballot formats, cast votes, and vote totals Alteration of voting system audit trails Access to individual votes (maintaining ballot secrecy) Test election dates 0 to 8 years out, including the presidential election cycles. Accuracy & Reliability: Meets expected results for all tests over required number of votes and time Assess any additional risks for the specific system under test. Augment tests for the specific voting system.

12 Functional Configuration Audit (FCA)
Test Execution: Observe the build of the executable from reviewed source code. Test environment is setup per the PCA - System Configuration. Execute test cases and record results Any discovered issues are logged on the project Discrepancy Report. Discrepancies: user documentation or claims about a system vs.actual system performance. Defects: issue prevents the system from functioning correctly. Vendors must address all issues and resolve issues that impact qualification. Fixes defect or discrepancy that impacts qualification. Sends new code, it’s reviewed, regression tested and issue is closed. Decides not to support functionality or address issue with documentation. Documentation changes are reviewed, verified and issue is closed. Logs a bug for a future release or chooses not to fix if it does not impact qualification. All vendor responses are noted in the Qualification Report.

13 Qualification Test Report
The Qualification Test Report consists of: Introduction: The vendor’s system, any changes and SysTest. Qualification Test Background: Test Process and Terms System Identification: System, Version, Test Environment System Overview: System Design and Operations Qualification Test Results and Recommendations: Test/Review Results, Deficiencies and Recommendation Appendix – Test Operations , Findings and Data Analysis: Qualification Test Requirements, Source Code Review, TDP Review Summary, Test Results and Discrepancy Report NASED Signatory reviews and signs the report . The report’s sent to the vendor and the NASED Technical Committee. Committee has five days to question the report. Report is revised with NASED Certification Number added. Report is distributed to states or jurisdiction upon request from the vendor

14 Process after ITA State Certification County Acceptance Testing

15 DRE DRE’s, or Direct Recording Electronic devices are NOT Internet voting. Most Election systems are not even wired or networked for transmittal of any results Some burn CD’s with the data, and rely on poll workers or County officials to extract and handle the official data

16 DRE Risk Factors Risk Factors Voter Confidence, e.g., grocery scanning
Now open to potential hacking Control of DRE components Audit Trail Poll Worker training Counterfeit receipts Logistic issues Voter Confidence, e.g., grocery scanning Receipts How does an ITA confirm reliability and accuracy

17 We Test You Succeed Trust the Experts

Download ppt "Demystifying the Independent Test Authority (ITA)"

Similar presentations

Software Quality Assurance Plan

Software Quality Assurance Plan
Systems Analysis and Design in a Changing World

Systems Analysis and Design in a Changing World
Chapter 8: Evaluating Alternatives for Requirements, Environment, and Implementation.

Chapter 8: Evaluating Alternatives for Requirements, Environment, and Implementation.
Chapter 4 Quality Assurance in Context

Chapter 4 Quality Assurance in Context
More CMM Part Two : Details.

More CMM Part Two : Details.
1 WebTrust for Certification Authorities (CAs) Overview October 2011 WebTrust for Certification Authorities (CAs) Overview October 2011 Presentation based.

1 WebTrust for Certification Authorities (CAs) Overview October 2011 WebTrust for Certification Authorities (CAs) Overview October 2011 Presentation based.
TGDC Meeting, July 2011 Review of VVSG 1.1 Nelson Hastings, Ph.D. Technical Project Leader for Voting Standards, ITL

TGDC Meeting, July 2011 Review of VVSG 1.1 Nelson Hastings, Ph.D. Technical Project Leader for Voting Standards, ITL
DoD Information Technology Security Certification and Accreditation Process (DITSCAP) Phase III – Validation Thomas Howard Chris Pierce.

DoD Information Technology Security Certification and Accreditation Process (DITSCAP) Phase III – Validation Thomas Howard Chris Pierce.
Overview Lesson 10,11 - Software Quality Assurance

Overview Lesson 10,11 - Software Quality Assurance
School of Computing, Dublin Institute of Technology.

School of Computing, Dublin Institute of Technology.
Secure System Administration & Certification DITSCAP Manual (Chapter 6) Phase 4 Post Accreditation Stephen I. Khan Ted Chapman University of Tulsa Department.

Secure System Administration & Certification DITSCAP Manual (Chapter 6) Phase 4 Post Accreditation Stephen I. Khan Ted Chapman University of Tulsa Department.
7.2 System Development Life Cycle (SDLC)

7.2 System Development Life Cycle (SDLC)
Computer Security: Principles and Practice

Computer Security: Principles and Practice
8 Systems Analysis and Design in a Changing World, Fifth Edition.

8 Systems Analysis and Design in a Changing World, Fifth Edition.
DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.

DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.
Security Assessments FITSP-M Module 5. Security control assessments are not about checklists, simple pass-fail results, or generating paperwork to pass.

Security Assessments FITSP-M Module 5. Security control assessments are not about checklists, simple pass-fail results, or generating paperwork to pass.
Voting System Qualification How it happens and why.

Voting System Qualification How it happens and why.
Database Auditing Models Dr. Gabriel. 2 Auditing Overview Audit examines: documentation that reflects (from business or individuals); actions, practices,

Database Auditing Models Dr. Gabriel. 2 Auditing Overview Audit examines: documentation that reflects (from business or individuals); actions, practices,
Chapter 7 Database Auditing Models

Chapter 7 Database Auditing Models
TGDC Meeting, July 2011 Overview of July TGDC Meeting Belinda L. Collins, Ph.D. Senior Advisor, Voting Standards, ITL

TGDC Meeting, July 2011 Overview of July TGDC Meeting Belinda L. Collins, Ph.D. Senior Advisor, Voting Standards, ITL

Similar presentations

Ads by Google