Optical scan electronic voting machines employ software components that are customized for each specific election. Such software components are critical from a security and integrity point of view, as they define ballot layout and outcome reporting facilities. The possibility of these components to be tampered with presents a major concern as incorrect election results may be produced due to either malicious interference or accidental corruption. Erroneous results caused by tampering or corruptions can go unnoticed in the absence of testing and auditing, and the errors may not be detectable by election officials/poll workers using the pre-election testing procedures that rely on the machines themselves. This paper presents an actual auditing process for the AccuVote Optical Scan Voting Terminal (AV-OS) (manufactured by Premier Election Solutions) and the ensuing results from a recent statewide audit, showing that thorough auditing of a large sample of voting hardware, specifically the memory cards that contain custom software components, is both practical and informative. We argue that memory card audits are crucial in providing timely information and maintaining the integrity of the electoral process. To substantiate this claim, we present as part of our results hard evidence of inadequate reliability of certain hard-ware components used with the voting terminals, and indications of marginal procedural compliance on the part of the poll workers. These audits were performed without any access to the manufacturer's source code or the documentation regarding the design or the internal workings of the AV-OS terminal. We conclude the paper with several observations based on what was learned during the memory card audit process and offer recommendations aimed at enhancing the integrity of elections.
The audits presented in this paper were performed on request of the Office of the Secretary of the State of Connecticut.
[1]
Aggelos Kiayias,et al.
Tampering with Special Purpose Trusted Computing Devices: A Case Study in Optical Scan E-Voting
,
2007,
Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007).
[2]
David Wagner,et al.
Security Analysis of the Diebold AccuBasic Interpreter
,
2006
.
[3]
Aggelos Kiayias,et al.
An Authentication and Ballot Layout Attack Against an Optical Scan Voting Terminal
,
2007,
EVT.
[4]
Ariel J. Feldman,et al.
Security Analysis of the Diebold AccuVote-TS Voting Machine
,
2007,
EVT.
[5]
Dan S. Wallach,et al.
Hack-a-vote: Security issues with electronic voting systems
,
2004,
IEEE Security & Privacy Magazine.
[6]
Dan S. Wallach,et al.
Analysis of an electronic voting system
,
2004,
IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.
[7]
J. A. Halderman.
Source Code Review of the Diebold Voting System
,
2007
.
[8]
David Chaum,et al.
Evaluation of voting systems
,
2004,
CACM.
[9]
Lawrence D. Norden,et al.
The Machinery of Democracy - Protecting Elections in an Electronic World
,
2007
.
[10]
Aggelos Kiayias,et al.
Security Assessment of the Diebold Optical Scan Voting Terminal
,
2006
.