Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Test Assertions for VVSG 1.1, Volume 1, Section 7.5.3, September 23, 2016

VVSG 1.1, Vol 1, Requirement 7.5.3: Monitoring and Responding to External Threats

Voting systems that use public telecommunications networks may become vulnerable, by virtue of their system components, to external threats to the accuracy and integrity of vote recording, vote counting, and vote consolidation and reporting processes. Therefore, manufacturers of such systems shall document how they plan to monitor and respond to known threats to which their voting systems are vulnerable. This documentation shall provide a detailed description, including scheduling information, of the procedures the manufacturer will use to:

  1. Monitor threats, such as through the review of assessments, advisories, and alerts for COTS components issued by the Computer Emergency Response Team (CERT), for which a current listing can be found at http://www.cert.org
  2. Evaluate the threats and, if any, proposed responses
  3. Develop responsive updates to the system and/or corrective procedures
  4. Submit the proposed response to the VSTLs and appropriate states for approval, identifying the exact changes and whether or not they are temporary or permanent
  5. After implementation of the proposed response is approved, assist clients, either directly or through detailed written procedures, how to update their systems and/or to implement the corrective procedures within the timeframe established
  6. Address threats emerging too late to correct the system by:
    1. Providing prompt, emergency notification to the EAC, VSTLs and the affected states and user jurisdictions
    2. Assisting client jurisdictions directly or advising them through detailed written procedures to disable the public telecommunications mode of the system
    3. Modifying the system after the election to address the threat, submitting the modified system to a VSTL and the EAC for approval, and assisting client jurisdictions directly or advising them through detailed written procedures, to update their systems and/or to implement the corrective procedures after approval

 

Test Assertions

TA753-1: IF a voting system uses a public telecommunications network THEN that voting system SHALL document all known threats to which the voting system is vulnerable.

TA753-2:  IF a voting system uses a public telecommunications network THEN that voting system SHALL provide documentation explaining how the voting system plans to monitor known threats to the accuracy and integrity of vote recording, vote counting, and vote consolidation and reporting processes to which their voting systems are vulnerable.

TA753-3:  IF a voting system uses a public telecommunications network THEN that voting system SHALL provide documentation explaining how the voting system plans to respond to known threats to the accuracy and integrity of vote recording, vote counting, and vote consolidation and reporting processes to which their voting systems are vulnerable.

TA753a-1:  This documentation SHALL provide a detailed description, including, but not limited to, scheduling information, of the procedures the vendor will use to monitor threats.

TA753a-1-1:  These procedures MAY include the review of assessments for COTS components issued by the Computer Emergency Response Team (CERT), for which a current listing can be found at https://www.us-cert.gov/ncas/ .

TA753a-1-2:  These procedures MAY include the review of advisories for COTS components issued by the Computer Emergency Response Team (CERT), for which a current listing can be found at https://www.us-cert.gov/ncas/.

TA753a-1-3:  These procedures MAY include the review of alerts for COTS components issued by the Computer Emergency Response Team (CERT), for which a current listing can be found at https://www.us-cert.gov/ncas/.

TA753b-1:  This documentation SHALL provide a detailed description, including, but not limited to, scheduling information, of the procedures the vendor will use to evaluate any and all threats.

TA753b-2:  This documentation SHALL provide a detailed description, including, but not limited to, scheduling information, of the procedures the vendor will use to propose responses to any and all threats.

TA753c-1:  This documentation SHALL provide a detailed description, including, but not limited to, scheduling information, of the procedures the vendor will use to develop responsive updates to the system for each and every known threat to which the voting system is vulnerable.

TA753c-2:  This documentation SHALL provide a detailed description, including, but not limited to, scheduling information, of the procedures the vendor will use to develop corrective procedures for each and every known threat to which the voting system is vulnerable.

TA753d-1:  This documentation SHALL provide a detailed description, including, but not limited to, scheduling information, of the procedures the vendor will use to submit the proposed response to the test labs and appropriate states for approval, identifying the exact changes to be made to the voting system.

TA753d-1-1: This documentation MAY reference the EAC emergency certification procedures described in section 3.6 of the EAC Voting System Testing and Certification Program Manual.

TA753d-2:  This documentation SHALL provide a detailed description, including, but not limited to, scheduling information, of the procedures the vendor will use to submit the proposed response to the test labs and appropriate states for approval, identifying whether or not the exact changes to the voting system are temporary or permanent.

TA753e-1:  This documentation SHALL provide a detailed description, including, but not limited to, scheduling information, of the procedures the vendor will use to assist clients on how to update their systems within the timeframe established, after implementation of the proposed response is approved.

TA753e-1-1:  This assistance SHALL occur in one of two ways – EITHER directly OR through detailed written procedures.

TA753e-2:  This documentation SHALL provide a detailed description, including, but not limited to, scheduling information, of the procedures the vendor will use to assist clients on how to implement any corrective procedures within the timeframe established, after implementation of the proposed response is approved.

TA753e-2-1:  This assistance SHALL occur in one of two ways – EITHER directly OR through detailed written procedures.

TA753fi-1:  This documentation SHALL provide a detailed description, including, but not limited to, scheduling information, of the procedures the vendor will use to address threats emerging too late to correct the system by providing prompt, emergency notification to the VSTLs.

TA753fi-2:  This documentation SHALL provide a detailed description, including, but not limited to, scheduling information, of the procedures the vendor will use to address threats emerging too late to correct the system by providing prompt, emergency notification to the EAC.

TA753fi-3:  This documentation SHALL provide a detailed description, including, but not limited to, scheduling information, of the procedures the vendor will use to address threats emerging too late to correct the system by providing prompt, emergency notification to the affected states.

TA753fi-4:  This documentation SHALL provide a detailed description, including, but not limited to, scheduling information, of the procedures the vendor will use to address threats emerging too late to correct the system by providing prompt, emergency notification to the affected user jurisdictions.

TA753fii-1:  This documentation SHALL provide a detailed description, including, but not limited to, scheduling information, of the procedures the vendor will use to address threats emerging too late to correct the system by communicating to client jurisdictions how to disable the public telecommunications mode of the system.

TA753fii-1-1:  This communication SHALL occur in one of two ways – EITHER by assisting client jurisdictions directly OR by advising them through detailed written procedures.

TA753fiii-1:  This documentation SHALL provide a detailed description, including, but not limited to, scheduling information, of the procedures the vendor will use to address threats emerging too late to correct the system by modifying the system after the election to address the threat.

TA753fiii-2:  This documentation SHALL provide a detailed description, including, but not limited to, scheduling information, of the procedures the vendor will use to address threats emerging too late to correct the system by submitting the modified system to a VSTL and the EAC for approval.

TA753fiii-3:  This documentation SHALL provide a detailed description, including, but not limited to, scheduling information, of the procedures the vendor will use to address threats emerging too late to correct the system by communicating to client jurisdictions to update their systems.          

TA753fiii-3-1:  This communication SHALL occur in one of two ways – EITHER by assisting client jurisdictions directly OR by advising them through detailed written procedures.

TA753fiii-4:  This documentation SHALL provide a detailed description, including, but not limited to, scheduling information, of the procedures the vendor will use to address threats emerging too late to correct the system by communicating to client jurisdictions to implement any corrective procedures after approval.          

TA753fiii-4-1:  This communication SHALL occur in one of two ways – EITHER by assisting client jurisdictions directly OR by advising them through detailed written procedures.

 

Created September 22, 2016, Updated October 19, 2016