Software Independence and Voting Standards

Three weeks ago, USACM filed detailed comments with the Election Assistance Commission (EAC) on its draft of the Voluntary Voting System Guidelines. (Quick Review: These are proposed Federal standards for voting equipment, which are voluntary in nature but some states require manufacturers follow them.) Realizing that many people will not be able to read through our filing, we are excerpting portions of our high-level comments on some of key concepts in the EAC’s draft.

Arguably the most important change from previous standards is that all machines must be “software independent” to be in conformance with the standards. The VVSG defines this concept as follows:

“Voting systems SHALL be software independent, that is, an undetected error or fault in the voting system’s software SHALL NOT be capable of causing an undetectable change in election results.” Part I, Section 2.7-A

This can be translated as the voting system has to have some system that allows for verification and/or auditing of an election result without relying on the voting machine’s software. USACM strongly supports this requirement and urges the EAC to retain it in the final document:

“We have mentioned our support for the principle of software independence described in the VVSG. We include with our comments the letter we sent to the then-Chairman of the TGDC, Dr. William Jeffrey, expressing our support for Software Independence and other recommendations made to the TGDC. Given the shortfalls of security testing, it is our long-standing belief that voting systems should also enable each voter to inspect a physical (e.g., paper) record to verify that his or her vote has been accurately cast and to serve as an independent check on the result produced and stored by the system. We are pleased that the TGDC recommends that voting systems must have an independent way of verifying a voter’s selections.

An important part of ensuring a software independent system is developing both an effective test and definition for determining software independence. We find both lacking in this version of the VVSG. We recommend that you define software independence as meaning that an error or fault in the voting system’s software is not capable of causing an undetectable change in election results. This will help provides state and local elections officials, as well as vendors, with the knowledge they need to help ensure that their systems are software independent. Without a specific test or a more specific definition, other groups will object to the principle on the grounds that the concept is too vague and indistinct to be effectively implemented. Given that many states currently do not conduct effective post-election audits, there is a need for software independence, together with clear guidance as to what makes a voting system software independent. We recommend you include in the VVSG a process akin to the hypothetical example we outline in Appendix B — a process that demonstrates both the production of Independent Voter Verifiable Records and Software Independence.”

The concept of software independence may be one of the most controversial proposals in the new standards and is sure to come under fire. How the EAC decides to proceed with it may determine how voting systems will look for the foreseeable future.

Congress Moves in Divergent But Similar Directions on Science Funding

Some events highlight the political silliness often infecting Washington better than others. The current fight over the supplemental war funding bill for this fiscal year is one of those occasions. The Washington Times aptly summed up the silliness when it ran the line: “House Passes War Supplemental Without War Funding.” The issue at hand is the high-stakes budget fight between Congress and the President on providing supplemental funding this year for the wars in Iraq and Afghanistan, and, once again, research funding is caught somewhere in the middle.

Continue reading “Congress Moves in Divergent But Similar Directions on Science Funding”

USACM Issue Briefs Available

We wanted to point out two Issue Briefs available from USACM. The Issue Briefs are intended as short distillations of established USACM policy on various issues. More detailed explanations of USACM positions on these issues can be found in the relevant issue area of our website.

The two new Issue Briefs are on Electronic Employment Verification Systems and REAL ID. We will make additional Issue Briefs available online as they are developed.

ACM Washington Update, Vol. 12.5 (May 16, 2008)


[1] Newsletter Highlights
[2] USACM Chair Testifies on Electronic Employment Verification
[3] USACM Applauds New Voting System Standards
[4] USACM Cautions Against Filtering
[5] Emergency E-Voting Legislation Goes Down In House
[6] Advanced Placement Computer Science Exams Change
[7] National Academies Releases Interim Report on Voter Registration
[8] About USACM
Continue reading “ACM Washington Update, Vol. 12.5 (May 16, 2008)”

USACM Chair Testifies on Electronic Employment Eligibility

We mentioned this last week, but are just getting to posting about the hearing on the blog.

USACM's Chair, Dr. Eugene Spafford, testifies on employment verification systems

On May 6, Eugene H. Spafford, chair of USACM, testified before the Social Security Subcommittee of the House Ways and Means Committee on electronic employment verification systems (EEVS). USACM has testified before on this issue, with Dr. Peter Neumann speaking to the same subcommittee on the same topic last June. Citing several potential problems, some already evident, in a pilot system (E-Verify) operated by the U.S. Department of Homeland Security’s (DHS) to electronically check on employee work eligibility. Dr. Spafford urged Congress to include sufficient safeguards to ensure that both employers and employees are adequately protected from technical failures and abuses of the system.

Dr. Spafford identified three major concerns regarding E-Verify: the accuracy and timeliness of system results; the security and privacy protection afforded to information kept in the system; and the technical feasibility of multiple approaches to creating such a system. He added that these concerns are also applicable to related programs such as the REAL ID Act, which established standards for state-issued driver’s licenses, and US-VISIT, a U.S. immigration and border management system.
Continue reading “USACM Chair Testifies on Electronic Employment Eligibility”

USACM Applauds New Voting System Standards

We are doing a bit of catchup as we are behind on posting to the blog. On Monday USACM filed detailed comments with the Election Assistance Commission (EAC) on the draft 2007 Federal Voluntary Voting System Guidelines. Calling the standards a welcome step forward, USACM supported several important concepts in the draft — including software independence — and noted the improved accessibility and usability provisions.

So what are the Voluntary Voting System Guidelines? Some background might be useful to start.

The Help America Vote Act (HAVA) created the Technical Guidelines Development Committee (TGDC), staffed by NIST and chaired by its Director, to recommend Federal voting system standards to the EAC. These standards are used as the basis for certifying voting systems. While voluntary, many states have mandated vendors follow them.

Since HAVA was enacted the TGDC released the 2005 Voluntary Voting System Guidelines, which were an incremental update of the 2002 Federal Election Commission standards. The 2007 draft is a sweeping and fundamental change from the 2005 standards, incorporating several new important concepts such as software independence, innovation class, and open-ended vulnerability testing. Many of these concepts have been the subject of intense debate for the past year and were the focus of USACM’s comments.

The TGDC submitted the standards to the EAC last year, and the EAC has the power to modify, reject and/or adopt the standards. Monday was the end of the public comment period on the standards, and USACM commented on numerous parts of the draft. Below is a press release highlighting the major points and we encourage you to read the complete draft of our comments.

The EAC now has to process the reportedly 2000+ comments it received on the draft standards. In doing so, the EAC could adopt the TGDC draft as is, make changes, or reject the entire document. The first and the third scenarios seem unlikely, so we can expect the EAC to makes changes, but what they will be and in what time frame is anybody’s guess. Stay tuned to our blog for more coverage.

Continue reading “USACM Applauds New Voting System Standards”

USACM Chair Will Testify on Electronic Employment Verification Systems

USACM Chair Dr. Eugene Spafford will testify tomorrow before the Social Security Subcommittee of the House Ways and Means Committee. His testimony is part of a hearing on Electronic Employment Verification Systems (EEVS). The hearing is scheduled to begin at 10 a.m. on May 6, in B-318 of the Rayburn House Office Building.

This will be the second time USACM has presented testimony on EEVS, following Dr. Peter Neumann’s testimony from a hearing in June 2007.

The hearing is, in part, responding to recent legislation to expand the E-Verify program, an electronic system of employment verification used on a relatively small scale. USACM has some specific concerns about large database systems, including the proposed expansion of E-Verify. Those concerns are summarized in an Issue Brief we prepared last year on the topic.

We will have more after the hearing tomorrow, including a link to Dr. Spafford’s testimony.

Hill Tech Happenings, Week of May 5

May 6
The Subcommittee on Telecommunications and the Internet of the House Energy and Commerce Committee will hold a hearing on the Internet Freedom Preservation Act of 2008, HR 5353.
9:30 a.m., 2322 Rayburn Building

The Social Security Subcommittee of the House Ways and Means Committee will hold a hearing on electronic employment verification systems and their impact on the Social Security Administration. USACM Chair Eugene Spafford will testify at this hearing.
10 a.m., B-318 Rayburn Building