Doug Fletcher wrote:|
Thank you for the opportunity to contribute at this late date. Susan Eustis is president of WinterGreen Research (http://wintergreenresearch.com), an industry consultant and researcher for software, communication, Internet, healthcare, and energy studies, and an expert in voting machine technology. She has put her long experience with electronic voting machines to work in her company's design of a new voting machine system. She has asked me to help review the P1583 draft and represent WinterGreen Research in the committee. We understand the committee's work is well along, and the draft is nearly ready for release, but we do have one concern about the current text we would like to discuss.
We are most concerned about revision locking of COTS software components of the voting machine. P1583 draft rev 5.3.1 section 5.1 on security and confidentiality looks pretty good; the statement of threats and required countermeasures in particular looks good. However, the software security section (126.96.36.199) does not seem to have a specific requirement for locking the revision of any COTS software components (188.8.131.52.2). There's a reference to firmware revision control in the software installation section above (184.108.40.206.1) that gives some language that should be specifically applied to COTS system software. We suggest changing the first paragraph of section 220.127.116.11.2 as follows:
"18.104.22.168.2 COTS General Purpose Computer System Requirements"
"Further requirements must be applied to COTS operating systems to ensure completeness and integrity of audit data for election software. These systems include both servers and workstations (or "PCs") including the many varieties of UNIX and Linux operating systems, and those offered by Microsoft, Apple, or other operating systems. Other COTS supporting software components, e.g. database subsystems, software libraries, and software drivers for hardware components, may be similar in role in the election system. Such COTS system components in any election system must be constant and unchanged throughout the life of the election system. For each COTS system component:
Please let us know how to proceed with this change request.
-- Alex Brown <email@example.com> +1 617 308 9456