US Election Assistance Commission - Voluntary Voting System Guidelines Vote
EAC Home
Introduction
View Guidelines
View Comments
Glossary

View Comments

Section CommentsGeneral CommentsGlossary Comments
 
Name :   Ron Crane
Organization :   N/A
Post Date :   9/30/2005

Section Comments
Section :  .20.1.3.1.3
Page no. :  
Line no.:  
Comment :  7b.

b. Vol. II, §1.3.1.3 trusts vendors far too much. The focus of software evaluation (code review) is on "completeness, consistency, correctness, modifiability, structuredness and
traceability...along with modularity and construction." There is no mention of "security".

Further on this section compounds this problem by saying:

The test lab may inspect COTS generated software source code in the
preparation of test plans and conduct some minimal scanning or sampling to
check for embedded code or unauthorized changes. Otherwise, the COTS source code is not subject to the full code review and testing. For purposes of code analysis, the COTS units shall be treated as unexpanded macros.

Of course an unscrupulous vendor might classify a given module as "COTS generated", but include malware in it.

The inspection suggested by §1.3.1.3 would not detect this subterfuge.