|

 
|
| | Name : | Ian S. Piper | Organization : | Diebold Election Systems, Inc. | Post Date : | 9/29/2005 |
| Section : | 6.4.6.2 | Page no. : | 18 | Line no.: | 3 | Comment : | Regarding the requirement, "The vendor shall have a process to verify that the correct software is loaded, that there is no unauthorized software, and that static and semi-static voting system software on voting equipment has not been modified using the reference information from the NSRL or other EAC designated repository.", voting systems are designed not to have ports that could allow access to the installed software as those ports could be used to compromise the integrity of the software installed. There has been discussion, with participation from NIST, regarding the creation of ports that don't also pose a security threat. To date, these discussions have not found a feasible method of providing this access without compromising the security of the system. Currently, only the install files can be verified against the reference information from the NSRL and that function is being performed currently in some states. After installation, physical chain of custody would provide the assurances that the software has not been modified. Otherwise the software could be reloaded from a verified source prior to each election or the vendor's software could be used to verify the software loaded on the device. It is hoped that discussions will continue with NIST and, with their expertise, an acceptable approach can be determined.
Proposed change: Remove, from this requirement, the language "using the reference information from the NSRL or other EAC designated repository." | |
|
|