Summary
The Help America Vote Act of 2002 established the Election Assistance Commission (EAC) to help improve state and local administration of federal elections and authorized funding for state and local governments to expand their use of electronic voting systems. EAC began operations in January 2004. However, reported problems with electronic voting systems have led to questions about the security and reliability of these systems. GAO was requested to (1) determine the significant security and reliability concerns identified about electronic voting systems, (2) identify recommended practices relevant to ensuring the security and reliability of these systems, and (3) describe actions taken or planned to improve their security and reliability.
While electronic voting systems hold promise for improving the election process, numerous entities have raised concerns about their security and reliability, citing instances of weak security controls, system design flaws, inadequate system version control, inadequate security testing, incorrect system configuration, poor security management, and vague or incomplete voting system standards. It is important to note that many of these concerns were based on specific system makes and models or a specific jurisdiction's election, and there is no consensus among election officials and other experts on their pervasiveness. Nevertheless, some have caused problems in elections and therefore merit attention. Federal organizations and nongovernmental groups have issued both election-specific recommended practices for improving the voting process and more general guidance intended to help organizations manage information systems' security and reliability. These recommended practices and guidelines (applicable throughout the voting system life cycle) include having vendors build security controls and audit trails into their systems during development, and having election officials specify security requirements when acquiring systems. Other suggested practices include testing and certifying systems against national voting system standards. The federal government has begun efforts intended to improve life cycle management of electronic voting systems and thereby improve their security and reliability. Specifically, EAC has led efforts to (1) draft changes to existing federal voluntary standards for voting systems, including provisions addressing security and reliability; (2) develop a process for certifying voting systems; (3) establish a program to accredit independent laboratories to test electronic voting systems; and (4) develop a library and clearinghouse for information on state and local elections and systems. However, these actions are unlikely to have a significant effect in the 2006 federal election cycle because important changes to the voting standards have not yet been completed, the system certification and laboratory accreditation programs are still in development, and a system software library has not been updated or improved since the 2004 election. Further, EAC has not consistently defined specific tasks, processes, and time frames for completing these activities; as a result, it is unclear when their results will be available to assist state and local election officials.
Recommendations
Our recommendations from this work are listed below with a Contact for more information. Status will change
from "In process" to "Implemented" or "Not implemented" based on our follow up work.
Director:
Team:
Phone:
Randolph C. Hite
Government Accountability Office: Information Technology
No phone on record
Recommendations for Executive Action
Recommendation: To improve the potential for benefits to states and local election jurisdictions, the Election Assistance Commission should collaborate with the National Institute of Standards and Technology (NIST) and the Technical Guidelines Development Committee to define specific tasks, measurable outcomes, milestones, and resource needs required to improve the voting system standards that affect security and reliability of voting systems.
Agency Affected: Election Assistance Commission
Status: In process
Comments: The Election Assistance Commission (EAC) plans to develop and issue a new set of voluntary voting system guidelines in 2007 that will include further improvements in security and reliability standards. To support this effort, the National Institute of Standards and Technology (NIST) has segmented the planned changes and allocated them to two time frames. However, EAC and NIST have not yet determined the specific tasks, milestones, or resources needed to manage production of the guidelines. EAC officials expect to develop more detailed plans for the new standards after the 2006 general election.
Recommendation: To improve the potential for benefits to states and local election jurisdictions, the Election Assistance Commission should expeditiously establish documented policies, criteria, and procedures for certifying voting systems that will be in effect until the national laboratory accreditation program for voting systems becomes fully operational, and define tasks and time frames for achieving the full operational capability of the national voting system certification program.
Agency Affected: Election Assistance Commission
Status: In process
Comments: Consistent with GAO's recommendation, the Election Assistance Commission (EAC) adopted a framework for interim certification of voting systems in August 2005, and adopted policies and procedures for certifying voting system modifications in July 2006. According to EAC officials, certification experts under contract to EAC are using the 2002 Voluntary Voting System Standards as criteria to evaluate certification materials submitted by voting system manufacturers. However, no additional criteria or direction has been developed to support interpretation of the standards for this interim certification process. Furthermore, certain categories of voting systems are not addressed in the interim certification process, including systems not previously certified to 2002 standards and systems that manufacturers do not intend to submit for the full EAC certification process. EAC is developing policies and procedures for the full certification program, expects to issue them for public comment in October 2006, and plans to implement the full program in December 2006. However, EAC has not yet established coordinated tasks and timeframes with NIST, manufacturers, and the election community to ensure that the full certification program is implemented in a timely manner.
Recommendation: To improve the potential for benefits to states and local election jurisdictions, the Election Assistance Commission should improve management support to state and local election officials by collaborating with NIST to establish a process for continuously updating the National Software Reference Library for voting system software; take effective action to promote use of the library by state and local governments; identify and disseminate information on resources to assist state and local governments with using the library; and assess use of the library by states and local jurisdictions for the purpose of improving library services.
Agency Affected: Election Assistance Commission
Status: In process
Comments: Election Assistance Commission (EAC) officials told us that there is no mechanism currently in place to systematically update the National Software Reference Library for the 2006 election. However, national certification of voting systems under the 2005 Voluntary Voting System Guidelines--expected to begin in December 2006--will require testing labs to deposit certified voting system software into the library, thereby providing for continuous updates. Although EAC acknowledges current limitations to the use of the library by states and local election jurisdictions, it has not yet developed a plan or taken action to promote the use of the library among these stakeholders, identify and disseminate information on supporting resources, or assess the use of the library to improve this service.
Recommendation: To improve the potential for benefits to states and local election jurisdictions, the Election Assistance Commission should improve management support to state and local election officials by collaborating with the Technical Guidelines Development Committee and NIST to develop a process and associated time frames for sharing information on the problems and vulnerabilities of voting systems.
Agency Affected: Election Assistance Commission
Status: In process
Comments: To support national collection of information on voting system problems and vulnerabilities, Election Assistance Commission (EAC) is requiring voting system manufacturers that undergo interim certification to submit a report that describes problems with performance, technology, security, or accuracy within 60 days of the 2006 general election. EAC officials also plan to institute field surveillance of system performance and assessments of vendor quality management processes. In addition, NIST officials reported plans to convene an ad-hoc group of election officials with first-hand election experience to support improvements to the voting system guidelines. However, EAC has not developed a process or associated time frames for sharing information on voting system problems and vulnerabilities among states and local election jurisdictions, in part, because of the difficulty of collecting such information from widely diverse election jurisdictions and regions.
Recommendation: To improve the potential for benefits to states and local election jurisdictions, the Election Assistance Commission should improve management support to state and local election officials by establishing a process and schedule for periodically compiling and disseminating recommended practices related to security and reliability management throughout the system life cycle (including the recommended practices identified in this report) and ensuring that this process uses information on the problems and vulnerabilities of voting systems.
Agency Affected: Election Assistance Commission
Status: In process
Comments: The Election Assistance Commission (EAC) has issued the 2005 Voluntary Voting System Guidelines that include criteria for voting system certification. EAC has stated that these guidelines address, in part, the assessment of voting system security and reliability throughout the system life cycle. In addition, EAC's Quick Start Management Guide for New Voting Systems--issued in June 2006--included several security and reliability practices for election officials to use in the operations and maintenance phases of the voting system life cycle. EAC officials also stated that they plan to convene working groups of state and local election officials to recommend additional management processes, security practices, and protocols for accepting, programming, operating, and maintaining voting systems after the 2006 general election. EAC has not yet determined whether or how to address voting system problems and vulnerabilities in developing recommended security and reliability practices.
