Voting vendors submit code to NIST
- By Michael Hardy
- Oct 28, 2004
Voting machine code available from the National Software Reference Library
As Election Day nears and worries about voting machine problems intensify, four companies that develop electronic voting machines have submitted copies of their software to the National Software Reference Library.
E-voting machine vendors filed the software code at the request of the Election Assistance Commission, a federal body established to help implement the Help America Vote Act of 2002. Commission members wanted reference copies of the code so that if any dispute arises about the validity of electronic votes, officials can compare the software in the machines to the reference copy to see if any changes were made.
The library keeps copies of object code, the machine language produced when human-readable source code is compiled and made ready to run, she said.
Diebold Inc.'s Diebold Election Systems, Election Systems and Software Inc., Sequoia Voting Systems and Hart InterCivic have each submitted software for their voting systems. The submissions include both the voting machines and back-end tabulators such as Diebold's GEMS system.
Officials at a fifth company, VoteHere Inc., submitted a copy of their auditing software. VoteHere's system is not a voting machine. Instead, it offers auditing capabilities to the machines made by other companies. And Avante International Technology Inc. officials will submit code for the Vote-Trakker system shortly, said Barbara Guttman, manager of the interoperability group at the information technology lab at the National Institute of Standards and Technology, which manages the software library.
In some cases, the code could be used to verify that the machines used to tabulate votes, such as Diebold's GEMS system, are running software identical to that which the company filed at the library, Guttman said. However, "what most people have focused on is the actual polling place modules," she added. "You can't do it for that because when that stuff's created, it's burned into firmware. You can't read it."
Unlike many software products, voting systems have to be examined and certified by state and federal officials. Companies should not be able to modify the software after it is certified, said Will Doherty, executive director for watchdog group Verified Voting, even to apply a seemingly innocuous patch or "bug fix."
Having the software stored in the reference library is "not all we would ask, but it is a step in the right direction," Doherty said.