Guidelines Development Committee (TGDC)
Attendees: Allan Eustis, Angela Orbaugh, Barbara Guttman, David Flater, David Wagner, Donetta Davidson (EAC), Helen Purcell, John Crickenberger (NVLAP), John Kelsey, John Wack, Mat Masterson (EAC), Nelson Hastings, Patrick Gannon, Quynh Dang, Rene Peralta, Ron Rivest, Santosh Chokani, Sharon Laskowski, Steve Freeman (NVLAP), Wendy Havens
Administrative Updates (Allan Eustis):
Innovation Class (John Wack):
The discussion paper prepared by Rene Peralta outlined a general approach that needs to be taken by an EAC review board reviewing submissions to the innovation class. There have been lots of discussion online and off, as well as conversations with the EAC, regarding the innovation discussion paper. We are trying to write requirements for the VVSG that are testable and allow innovation class submissions to start the process of submitting, with adequate documentation, to the review board.
[NOTE: CRT has written a paper on the maintenance of the VVSG. The innovation class requirements may fall under maintenance - which would be looking at the VVSG periodically for errors and/or additions and making them. Innovation class could be handled by writing some initial requirements and making edits/changes periodically.]
John had distributed 3 papers via e-mail with material related to the innovation class. The first one covered the conformance clause. At the end of this document, there are a couple requirements for the innovation class submissions. Some submissions may not conform to the VVSG. Either there are not requirements for the new type of design, the design satisfies the requirements in a different way, or the requirements are not broad enough. Someone submitting a new design should take a look at the hierarchy of the class and decide where the device would reside, letting the review board know where it fits and how, what requirements it does and does not meet, and why the design is innovative. Right now all we have are documentation requirements. It is too early to write functional requirements.
The second item distributed was volume 4 of the VVSG containing documentation requirements. These include core requirements mostly, along with some security. More security and human factors to be added. David Flater has added a lot of requirements here to cover innovation class, including requirements for hardware and design construction.
[NOTE: In the conformance clause David Flater added that innovations are not allowed to collide with existing requirements. There may be new requirements and the submitter should state what they are and make a case for them]
The third item distributed was Rene's original discussion paper which was prepared as guidance to the EAC and how to set up for the review process. EAC felt that this was only one approach and would like to see alternative approaches or a broader general description. EAC wants to meet with NIST to discuss this further. If we approached this submission like any other, it would require a system to meet a lot of requirements. These submissions are likely to come from smaller companies and this may be difficult - should be a choice for them to submit design for approval before further development.
TGDC's scope included development of initial innovation class requirements - the follow on is up to EAC: to implement the review board and associated procedures. TGDC needs to make sure documentation requirement is as comprehensive as possible.
Next steps: NIST needs to revise white paper and start preparing advice white paper to send to EAC in regards to the discussion today. Rene requested guidance on what TGDC members are looking for. Ron suggested framing it in a series of questions about what needs to be addressed. Identifying what needs to be answered for the innovation class to work. E.g., does vendor need to submit hardware, will there be an external review board, at what stage in the design process should the vendor submit. All questions are policy questions and EAC needs to answer. All STS members should submit suggested questions to Rene.
Guttman suggested that STS outline topics that need to have a consensus
reached by the May plenary meeting. They include:
Nelson Hastings will send an email summarizing these topics and when they will be discussed. Barbara asked how the TGDC liked to receive background information on subjects and agreement was short synopsis.
John mentioned the topic of discussing what could be done to activate ballots separate from e poll books. His opinion was that the conclusion was not to restrict e poll books from voting centers and updating databases, but to not use them for ballot activation. If e poll books are not used for ballot activation they are not part of the voting system and are considered registration devices and outside the TGDC scope. If they do activate ballots, they are considered part of the voting system and are subject to the VVSG requirements that say no part of the voting system can be externally networked. Consensus appears that if they are used for ballot activation, they cannot be networked. This appears to be in conflict with what was decided at the March 2007 TGDC plenary. Final decision of STS's recommendation has to be reached so that it can be brought up at the May meeting and clarification made on decision by TGDC as a whole.
John Kelsey has privacy concerns over using e poll books for ballot activation even if they are not networked. This topic will be discussed in detail at an upcoming STS meeting.
May Plenary Meeting:
Topics to be presented currently appear to be innovation class, e poll books, and open ended vulnerability testing.
adjourned at 11:40 a.m.
[* Pursuant to the Help America Vote Act of 2002, the TGDC is charged with directing NIST in performing voting systems research so that the TGDC can fulfill its role of recommending technical standards for voting equipment to the EAC. This teleconference served the purposes of the STS subcommittee of the TGDC to direct NIST staff and coordinate voting-related research relevant to the VVSG 2007. Discussions on this telecon are preliminary and do not necessarily reflect the views of NIST or the TGDC.]
policy / security notice / accessibility statement