NIST White Paper Recommendations

NIST White Paper Recommends That New Standards Should Require "Software Independent" Voting Systems

By Warren Stewart, VoteTrustUSA
November 29, 2006
Other Recommendations Include Banning of Wireless Devices, Volume Testing, Software SetupValidation, and Open-Ended Vulnerability Testing

Information on TGDC Meetings Webcast

Several draft white papers have been submitted by the National Institute of Standards and Technology (NIST) to the Technical Guidelines Development Committee (TGDC) including one that recommends that the next iteration of the Voluntary Voting System Standards (VVSG) require that all systems be “software independent”. Systems that are software independent include paper ballot optical scan systems, direct recording electronic (DRE) systems equipped with voter verified paper audit trail (VVPAT) printers, and ballot marking devices like the AutoMARK and VotePAD. The concept of software independence is amplified in a supplemental paper.

Troubling to many election activists were recommendations in the paper for research and development of "End to End" verification systems, i.e. crytographic verification like that developed by Dategrity (formerly, and still frequently referred to as VoteHere). The paper admits that it remains a matter of debate as to whether high-level requirements for software independent verification systems can be written at this point without further research.

If the NIST's recommendations were adopted, the primary effect would be that paperless DREs could not be certified to the next iteration of the VVSG, projected to be adopted late in 2007. The new VVSG would not take effect until two years after their adoption and any currently certified systems or systems certified before then would remain certified. Therefore, jurisdictions that have already purchased paperless DREs would be able to keep them, unless states took some additional action to prohibit this. Likewise, in states that have already certified paperless DREs, those paperless DREs would remain state-certified indefinitely, unless a state took some explicit action to decertify them.

more here
http://www.votetrustusa.org/index.php?option=com_content&task=view&id=2089&Itemid=26