Elections: Federal Efforts to Improve Security and Reliability of Electronic Voting Systems Are Under Way, but Key Activities Need to Be Completed

In December 2005, the Election Assistance Commission (EAC) finalized the 2005 voluntary voting system guidelines, which improved certain aspects of its standards for voting system security and reliability. Subsequently, EAC began efforts to further develop the guidelines to incorporate additional security and reliability improvements. In August 2007, the Technical Guidelines Development Committee, with the help of the National Institute of Standards and Technology (NIST), delivered draft standards to the EAC. According to EAC, this draft represents a complete rewrite of the 2005 guidelines and contains new and expanded material for system security and reliability, among other topics. EAC also specified a four-phase approach to finalizing these standards, including two public comment periods. To date, EAC has obtained the first round of public comments on the draft standards and reviewed them in conjunction with NIST. Based in part on the comments submitted, EAC is planning to revise the 2005 guidelines to clarify ambiguities and improve testing processes, and has developed an implementation plan that includes specific tasks, discrete products, milestones, and contributing organizations. It plans to complete this latest revision of the 2005 guidelines by October 2009. The implementation plan provides similar detail for completing development of the draft 2007 guidelines, which are to be issued by May 2011.

The Election Assistance Commission (EAC) adopted policies and procedures for interim certification of voting system modifications in July 2006. To support its certification efforts, EAC also began operating its national voting system testing laboratory accreditation program in August 2005, when it received the first laboratory applications. As of October 2008, the joint EAC-NIST accreditation program had resulted in national accreditation of five laboratories. In January 2007, EAC terminated the interim system certification program and issued policies and procedures for a full certification program, followed by issuance of a certification management guide for election officials in August 2007. We reported in September 2008 that EAC had made significant progress in implementing this full certification program. Specifically, it had registered 12 voting system manufacturers under the conditions of the program, accepted 9 system certification applications, approved 2 system test plans, and reviewed one test report. We also reported, however, that three areas of the program needed additional definition and implementation to achieve full operational capability -- voting system testing and certification review, the repository for certified systems, and tracking and resolution of problems for the certified systems. In November 2008, EAC described for us its plans for and progress in defining and implementing these remaining certification capabilities.

The Election Assistance Commission (EAC) has developed and implemented three mechanisms to share information on the problems and vulnerabilities of voting systems, and has collaborated with the Technical Guidelines Development Committee (TGDC) and the National Institute of Standards and Technology (NIST) in doing so. As of January 2009, EAC has established: (1) the federal voting system certification program, (2) a national voting system reports clearinghouse, and (3) federal voluntary voting system guidelines. First, the certification program includes provisions to track and resolve problems with EAC-certified voting systems and to share the information with election officials. Second, the voting system reports clearinghouse on EAC's website provides access to voting system reports and studies that have been submitted to EAC by a state or local governments?including studies conducted on systems not certified by EAC. To date, EAC has posted 7 submissions, and several of these identify problems and vulnerabilities with voting systems. Third, EAC, in collaboration with TGDC and NIST, has solicited input from a variety of interested parties in developing the voluntary voting system guidelines, including outreach to those with experience in the problems and vulnerabilities of voting systems, such as through the meetings and workshops conducted from March 2006 to March 2007.

The Election Assistance Commission (EAC) has taken three actions to satisfy this recommendation. First, EAC issued several publications that provide recommended practices related to security and reliability management throughout the system life cycle. These included (1) the 2005 voluntary voting system guidelines, which includes certification criteria for assessing security and reliability throughout the voting system life cycle; (2) the June 2006 Quick Start Management Guide for New Voting Systems which includes several security and reliability practices for election officials to use in the operations and maintenance phases of the voting system life cycle; and (3) the August 2007 Quick Start Management Guide for Voting System Certification which includes information on acceptance testing and security procedures. Second, EAC took steps to ensure that its guidelines incorporate practices that address the problems and vulnerabilities of voting systems. For example, in October 2005, NIST collaborated with EAC to host a threat analysis workshop to reach consensus within the election community on plausible threats to voting systems, and thus inform the development of security requirements for future iterations of the voluntary voting system guidelines. Third, EAC's draft Strategic Plan for 2009-2014 committed to compiling an inventory of potential research projects by July 2009 aimed at improving the administration of elections, which would include practices for managing the security and reliability of voting systems.