Technical
Guidelines Development Committee (TGDC)
Human Factors and Privacy Subcommittee (HFP)*
June 29, 2007
Draft Minutes
Agenda:
1. Administrative
updates and logistics for the July 3 TGDC plenary telecon (Eustis, Wack)
2. Summary of VVPR, Audits and Electronic Records sections (Hastings)
3. Go over final draft of usability benchmark white paper and draft
presentations for the July 3 TGDC plenary telecon. (Sharon)
4. Other issues
Attendees:
Alexia Scott Morrison, Allan Eustis, Alicia Clay, Barbara Guttman,
Bill Burr, Elle Colver (EAC), John Cugini, Secretary John Gale, John Kelsey,
John Wack, Mark Skall, Mat Masterson (EAC), Neal Erickson, Nelson Hastings,
Sharon Laskowski, Wendy Havens, Whitney Quesenbery
Administrative
Updates:
- The agenda
for the July 3rd plenary meeting was reorganized per Secretary Gale's
suggestion to put STS first, then CRT, and HFP. (Note:
the re-scheduling of the TGDC telcon plenary occurred after this subcommittee
teleconference. The July 3 plenary teleconference will now take place
on August 17.)
- A summary
of the May 2007 plenary minutes was prepared at the request of Secretary
Gale. Longer, more detailed background minutes are still available.
- TGDC
members will call in for the plenary teleconference the same way as
for normal subcommittee meetings. The goal is to move the approval process
along and finish the meeting by 5:30.
- Changes
that are made to the VVSG (compared to the copy received by TGDC members)
need to be pointed out. HFP has put a listing of changes on the plenary
meeting website, CRT has an extensive change log, and STS will work
to put something together.
Usability
Benchmarks and Presentations:
Per instructions
from Dr. W. Jeffrey, Sharon is writing an executive summary to clarify
for the general public the benchmarks white paper. A change list of HFP's
changes has been circulated - the new stuff having to do with the benchmarks
material. The TGDC needs to discuss the policy/philosophy of the benchmarks.
The benchmarks may need to be pushed higher, that should be discussed
at the plenary. The benchmarks we've chosen to set are ballot casting
(98%), 100% correct casting rate (70%), and accuracy rate/index (.35 w/possibility
of moving to .4). [NOTE: Benchmark numbers can
be changed during public comment period.]
The two
items that will be covered regarding benchmarks at the July 3rd meeting
will be a discussion on the demographics and the accuracy index. HFP feels
that the accuracy index benchmark can be raised so that vendors strive
for better systems. Full TGDC input will be requested.
Summary of VVPR, Audit, and Electronic Records Sections (Hastings/Clay/Kelsey):
Nelson Hastings
summarized the changes to chapters 7-14. For all STS sections, "voting
equipment" changed to "voting device" as well as other
modifications to harmonize with other VVSG sections. All the security
documentation requirements were moved to volume 4 with other documentation
requirements.
- Cryptography
chapter: Changed audit record to election record. After STS debate it
was decided that multiple keys were not needed for devices used to host
multiple precincts during an election.
- Setup
Validation changed to Setup Inspection chapter. This change was a result
of system integrity management requirements enabling us to relax focus
on setup verification. Removed software verification by external hardware
device requirement. Used clearer, better language.
- Software
distribution and installation chapter: Refocused to software installation
capabilities of a device. All software distribution requirements and
activities related to witness build moved to volume 5.
- Access
control chapter: Refocused to requirements on administration authentication.
Voter authentication requirements were moved to e poll book requirements.
Removed requirements on remote access.
- System
integrity management: Focus here on software integrity verification
on boot up and loading into memory before execution and its affect on
the setup verification chapter. Deleted requirements that are covered
in other chapters. Re-scoped focus of malicious code real-time detection
and backup recovery from election devices to make specific on election
management systems.
- Communications:
Deleted requirements related to limiting remote activities and limiting
number of active interfaces. Added new requirement related to air gap
between networked devices.
- System
event logging: Re-scoped requirements. Added to list of items to be
logged - acknowledged that some items needing logging must be done from
procedural prospective..
- Physical
security: Added requirements about locks based on TGDC discussion.
- OEVT:
New section. Focuses on scope, team composition, level of effort, fail
criteria, and rules of engagement.
- Auditing:
Took out any requirement that was not an equipment requirement or equipment
documentation (removed anything that looked like election procedures).
Removed descriptions of auditing steps - left what requirements were
supposed to accomplish. Removed parallel and spot parallel testing.
Changed what record was being used for final tally audit. Harmonized
with CRT.
- Electronic
records: Deleted overlap with cryptography section. Added report for
ballot counted and vote total.
- VVPR:
Added requirements that all records must be OCR readable. Added requirements
per TGDC for the machine readability of the human readable paper records.
Added requirements about the process of rejecting paper records and
needing election official involvement. Changed requirements on cut-sheet
VVPATs to allow split of cast vote record over more than one sheet.
- SI: Added
SI requirements (that it's required) to Conformance Clause, saying it
"may" be achieved by independent voter verifiable records
which VVPR is one way.
Meeting
adjourned at 12:15 p.m.
[* Pursuant
to the Help America Vote Act of 2002, the TGDC is charged with directing
NIST in performing voting systems research so that the TGDC can fulfill
its role of recommending technical standards for voting equipment to the
EAC. This teleconference discussion serves the purposes of the HFP subcommittee
of the TGDC to direct NIST staff and coordinate its voting-related research
relevant to the VVSG 2007. Discussions on this telecon are preliminary
and do not necessarily reflect the views of NIST or the TGDC.]
****************
Link
to NIST HAVA PageLast updated: July 25, 2007 Point of Contact
Privacy
policy / security notice / accessibility statement
Disclaimer
/ FOIA
NIST is an agency of the U.S. Commerce Department
|