TGDC Meeting, Jan 2011 Help America Vote Act (HAVA) Roadmap Nelson Hastings National Institute of Standards and Technology
TGDC Meeting, Jan 2011 Page 2 Background Provide a context for current and future TGDC activities in support of the Help America Vote Act (HAVA) HAVA activities include VVSG 1.1 requirements and associated test methods VVSG 2.0 requirements and associated test methods Research to support guideline and test development Framework for evaluating risk among election technology options Common data format Marginal marks Usability performance testing Open ended vulnerability testing
TGDC Meeting, Jan 2011 Page 3 FY11 Goals Complete draft common data format standard to support voting systems Finalize VVSG 1.1 for EAC approval Develop initial guidelines for epollbooks and ballot on demand systems Develop standardized set of marginal marks
TGDC Meeting, Jan 2011 Page 4 FY12 Goals Complete material to support UOCAVA pilot projects Complete draft common data format standard Finalize draft VVSG 2.0 for public comment
TGDC Meeting, Jan 2011 Page 5 FY13 Goals Resolve public comments on draft VVSG 2.0 Finalize VVSG 2.0 for EAC approval
TGDC Meeting, Jan 2011 Page 6 VVSG 1.1 VVSG 1.1 incorporated requirements from the VVSG 2.0 that were not controversial and did not require hardware changes Technical areas included: Accessibility and usability requirements Operational temperature and humidity requirements Electronic records, security specifications, software setup validation, and VVPAT requirements Core functionality, reliability and accuracy requirements
TGDC Meeting, Jan 2011 Page 7 VVSG 1.1 The public comments associated with the VVSG 2.0 requirements where resolved and factored into the VVSG 1.1 requirements VVSG 1.1 was released for public comment Hardware, security, and accessibility and usability requirements text has been completed Finalizing reliability and accuracy requirement text Finalize for EAC approval: March/June 2011
TGDC Meeting, Jan 2011 Page 8 VVSG 1.1 VVSG 1.1 test suite is based on the VVSG 2.0 test methods associated with back ported requirements Complete test suite validation - October 2011 Integrate test suite into certification program - December 2011
TGDC Meeting, Jan 2011 Page 9 VVSG 2.0 At the December 2009 TGDC meeting, the EAC asked the TGDC to provide assistance with developing input to the VVSG 2.0 for: Alternatives to Software Independence Common Data Format Open Ended Vulnerability Testing Accessibility and Usability Research Epollbooks Ballot on demand Vote-by-phone Registration databases
TGDC Meeting, Jan 2011 Page 10 Current Activities Alternatives to Software Independence The audibility working group was formed Resulting in Report of the Audibility Working Group This report sets the stage for the development of new auditability requirements Common Data Format Development of a common data format to support UOCAVA blank ballot delivery Part of a larger common data format effort to address voting system interfaces
TGDC Meeting, Jan 2011 Page 11 Current Activities Accessibility and Usability Research The accessibility and usability working group was formed Accessibility and usability gap analysis conducted Research being conducted in areas of manual dexterity and switch technology Validation of test methods including workflow analysis The results of these activities will influence the accessibility and usability requirements
TGDC Meeting, Jan 2011 Page 12 Current Activities Open Ended Vulnerability Testing Part of the EAC’s UOCAVA pilot project certification process NIST conducting research in the applicability of software assurance case methodology Working to incorporate test method into the VVSG certification process
TGDC Meeting, Jan 2011 Page 13 Finalizing VVSG 2.0 Technical modifications to the VVSG 2.0 have been identified since the August 2007 release and need to be incorporated Develop a baseline of VVSG 2.0 incorporating technical modifications based on: Errata developed since VVSG 2.0 release Lessons learned from VVSG 2.0 test method development Public comments with simple resolutions Lessons learned from VVSG 1.1 development Completed by July 2011
TGDC Meeting, Jan 2011 Page 14 Finalizing VVSG 2.0 Develop draft VVSG 2.0 for public comment starting from the baseline Incorporating technical modifications based on Public comments with complex resolutions Research results New technical areas addressed Common data format requirements Auditability requirements Epollbook requirements Ballot on demand requirements
TGDC Meeting, Jan 2011 Page 15 Finalizing VVSG 2.0 Finalize for public comment by December 2012 Finalize for EAC approval in 2013
TGDC Meeting, Jan 2011 Discussion Page 16