Voting vendors submit code to NIST

Voting machine code available from the National Software Reference Library

As Election Day nears and worries about voting machine problems intensify, four companies that develop electronic voting machines have submitted copies of their software to the National Software Reference Library.

E-voting machine vendors filed the software code at the request of the Election Assistance Commission, a federal body established to help implement the Help America Vote Act of 2002. Commission members wanted reference copies of the code so that if any dispute arises about the validity of electronic votes, officials can compare the software in the machines to the reference copy to see if any changes were made.

The library keeps copies of object code, the machine language produced when human-readable source code is compiled and made ready to run, she said.

Diebold Inc.'s Diebold Election Systems, Election Systems and Software Inc., Sequoia Voting Systems and Hart InterCivic have each submitted software for their voting systems. The submissions include both the voting machines and back-end tabulators such as Diebold's GEMS system.

Officials at a fifth company, VoteHere Inc., submitted a copy of their auditing software. VoteHere's system is not a voting machine. Instead, it offers auditing capabilities to the machines made by other companies. And Avante International Technology Inc. officials will submit code for the Vote-Trakker system shortly, said Barbara Guttman, manager of the interoperability group at the information technology lab at the National Institute of Standards and Technology, which manages the software library.

In some cases, the code could be used to verify that the machines used to tabulate votes, such as Diebold's GEMS system, are running software identical to that which the company filed at the library, Guttman said. However, "what most people have focused on is the actual polling place modules," she added. "You can't do it for that because when that stuff's created, it's burned into firmware. You can't read it."

Unlike many software products, voting systems have to be examined and certified by state and federal officials. Companies should not be able to modify the software after it is certified, said Will Doherty, executive director for watchdog group Verified Voting, even to apply a seemingly innocuous patch or "bug fix."

Having the software stored in the reference library is "not all we would ask, but it is a step in the right direction," Doherty said.

Featured

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

  • Comment
    Pilot Class. The author and Barbie Flowers are first row third and second from right, respectively.

    How VA is disrupting tech delivery

    A former Digital Service specialist at the Department of Veterans Affairs explains efforts to transition government from a legacy "project" approach to a more user-centered "product" method.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.