|

 
|
| | Name : | Matt Bishop | Organization : | University of California Davis | Post Date : | 9/30/2005 |
| Section : | 20.1.8.2.4 | Page no. : | | Line no.: | | Comment : | The standards should require the vendor to specify a procedure to verify the integrity of the software and system,
at least throughout the manufacturing process. This procedure should be analyzed by the ITA for correctness.
Such a procedure might be made part of the Witness of System Build and Installation [7, Vol II §1.8.2.4].
Relevant data2 (i.e. hardware serial numbers, cryptographic checksums, signed certificates) could be provided
to election officials, so they can be assured that the system received is the same as the system inspected by the
ITA (e.g. the installed software is unmodified since the witnessed build). More generally, there should be a way
to verify that the complete system from the witnessed build is the same as the system being used, at any point
in its life cycle. | |
|
|