More than High Assurance; It’s About Reliability & Sustainability
Gregory Miller
Whew, what a day its been.
Monitoring so many channels of information has as of 7:15PM this evening informed us that "problems" with election systems go far beyond the trustworthiness of the devices. The challenges and issues touch and concern all aspects of the voting ecosystem. While so far issues have been reportedly minor, there have nevertheless been glitches reported. One of our team whose been monitoring CNN News filed this report with me minutes ago, and prompts the following thoughts…
A Monitor wrote me this evening:
> …keeping machines working during voting is also important and
> causes a lot of problems since you have to call the manufacturer
> to fix and the folks manning the booth have no technical skills.
>
> Wonder if the "spec" also needs to account (if it doesn’t already) for
> what controls are in place after you flip the switch – how do you
> make sure that stuff works soon enough so people dont leave
> the line and go home.
>
We absolutely agree with his observations, and appreciate his monitoring efforts. Our CTO, John Sebes, has spent at least 14 hours so far working a Polling Station in the Silicon Valley today. And I look forward to his report too… directly from the trneches.
The "Spec" our team-mate is referring to, is nowhere close to even being a straw-man draft (although I know John is working on laying out how that will come together). The "spec" will ultimately be a library of specs (RFCs) for each piece of the next generation digital voting ecosystem. For now, the Lab presents some important components or elements for that end-goal.
While many advisers and supporters are encouraging us to stay focused on ground-up new design and specification for the entire ecosystem, (rather than spending too much time on assessment guidelines as those are being addressed by the Fed Government) …one of our charter items is also establishing various guidelines: integrity assessment guidelines, usage guidelines, guidelines for proper and careful troubleshooting, etc.
But you know, what our Monitor is suggesting really goes simply to building systems that have a very high degree of reliability. While we speak of "high assurance" and "hardened systems" we also are speaking of "fault tolerance…" perhaps fault "intolerance" might be a more fair characterization.
[News Flash: extraordinary weather (Tornados) forcing premature closure of Polls in TN; Dorm collapse at Union University in TN trapping 32; one fatality in Fayette County so far.]
Anyway, someone today inquired of me (a supporter from Sweden) as to if/whether the OSDV Foundation will build and provide resources for "technical support" and "poll-care."
So, yes we will have a primary focuse on re-inventing digital voting technology to bring about high assurance and trustworthiness.
However, we will nevertheless also (by necessity) focus on those collateral elements that complete a digital election ecosystem and provide for complete support.
We’re working on a road-map and a sort of "vision map" that illustrates the entire ecosystem of voting with a new vision for systems. That actually gets us ahead of ourselves, because our first step is to map and diagram the general conceptual system as it exists today (noting significant variations where they exist). I covered some of this in our Year End Review.
Anyway, because of "Balkanization" (see John’s blog post this past Sunday), this "conceptual vision map" will necessarily paint a picture of a generalized architecture, and avoid implementation nuances or outright differences made possible by the myriad different polling processes.
But it will also paint a picture of a "system" which if properly designed and implemented will present an alternative to what people must rely on today. Part of that system will address these important issues raised above about reliability and sustainability.
So, coming full circle, this ecosystem in our minds, must address what happens AFTER you "flip the switch."
The coarse grain of that ecosystem should address voter registration, ballot design, voter "check-in," vote capture and verification, voter "check out" and on through to canvassing and results auditing.
As you can see, this is a huge under-taking that is going to require a sizable, scalable team — staff and volunteers. It is, in our minds, an unprecedented digital public works project.
Your turn. Speak up by joining the conversation here, or contacting me directly.
GAM|out
So rather than start another post, I’m adding a comment to my own regarding an experience relayed to me from an OSDV supporter in L.A., Ori Neidich. Ori is an independent. In California that means he is registered as "Decline to
State"
So here is his recount on what happened when he arrived to vote in California’s primary this past Tuesday (edited for a family audience 🙂
From Ori Neidich:
As you’ve probably already heard, LA uses the ink-a-vote system.
I’m
a "decline-to-state" voter like 750,000 other LA voters. I walk in and
ask to vote for Democratic candidates. The person in front of me was also DTS
and asked for a Republican ballot which is not allowed but they gave
her one anyway!
The process continues…
Then you go to to a democratic machine and on the
first page, where all the presidential candidates are listed, there are two
extra bubbles above them saying: "are you voting for an American
Independent Party candidate or Democratic" which makes no sense as THIS IS THE DEMOCRATIC BALLOT.
[The key here: failure to make a choice likely invalidated the ballot.]
Talking with others afterwards, it was astounding that many people didn’t see, or didn’t know
about these bubbles (and required choice), or if they saw it, not clearly understanding it (due to for instance its redundancy in identifying the ballot as for the Democratic primary race) …they were afraid marking it would somehow "register them as Democrat."
BY the time I got back into my car to drive to work and started hearing the horror stories as reported on the radio, I realized hundreds of thousands of votes had just
been "%&@#!" (which is "disenfranchised" for family audiences).
–Ori Neidich
As you can see, no amount of technology can prevent people-based process problems. This particular issue could probably be addressed by a well-thought through "check-in" process. And certainly machinery can use programmed logic and "process rules" to properly route voters into the process of vote casting. But that is quite some distance from this reality point. At OSDV we believe that the first step is to make certain the processes as they exist today are well designed.
The old adage prevails that if one attempts to automate flawed processes, they will most certainly end up with flawed automated processes (garbage in; garbage out).
Certainly it can be argued that the process of automating involves codifying process or business rules, which in most software engineering instances will weed out the nuances of people-processed rules or guidelines. But only if the flaws in the allowed judgments (if any) are properly detected in "use case" analysis and result in reliable decision tree logic. This will become a hallmark challenge and opportunity in projects at the Foundation: engaging ALL stakeholders in the process of requirements gathering and use case analysis. This, of course, means elections administrators as well as voters.