[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Can a machine test itself? + other issues

In a message dated 12/2/2004 8:35:38 PM Eastern Standard Time, sklein@CPCUG.ORG writes:
On Tue, 2004-11-30 at 15:34, Deutsch, Herb wrote:
> If this is on central count equipment or any central site software or
> equipment, it is not covered in our scope.  It would have to be part
> of the polling place unit to be considered.  In that case, since I
> believe you take an image of the entire system including the OS, how
> would you treat that today?
That comment about "an image of the entire system including the OS" intrigues me.  Since the machine itself must be used (I presume) to generate an image of the entire system, couldn't malicious software in the OS or BIOS present a false image of what is there?  (I have been inquiring about a foolproof way to verify a BIOS.  I'm not sure that one exists.)
In the reliability discussions, shouldn't there be a distinction between (1) failures that lose votes or generate erroneous totals, and (2) failures that merely stop a machine's operation?  The latter failure is particularly mild if the machine is easily restarted or replaced without loss of data.
Regarding software bugs:  software doesn't "wear out"; new bugs appear only under some combination of circumstances not previously tested.  The more complex the software, the more possible combinations of circumstances exist.  It is no great feat to make software pass some well-defined, repeatable test.  A realistic test is to have many ordinary people use the system.  The amount of testing required should be in some way proportional to the possible combinations of circumstances.
Malicious software is entirely different from buggy software.  To my mind, there are two steps required to block malicious software:  (1) make the software completely public, so anyone can check it, and (2) have a mechanism to assure that that very software is what is in the machine on election day.  My SAVIOC system can meet both those criteria (except for the BIOS); as far as I know, no other system can.