[Federal Register Volume 70, Number 174 (Friday, September 9, 2005)]
[Notices]
[Pages 53635-53636]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 05-17923]


-----------------------------------------------------------------------

DEPARTMENT OF COMMERCE

National Institute of Standards and Technology


Announcing a Workshop on Developing an Analysis of Threats to 
Voting Systems

AGENCY: National Institute of Standards and Technology, Commerce.

ACTION: Notice of public workshop.

-----------------------------------------------------------------------

SUMMARY: The Help America Vote Act (HAVA) of 2002 has given the 
National Institute of Standards and Technology (NIST) a key role in 
helping to realize nationwide improvements in voting systems. NIST 
research activities authorized by HAVA include the security of 
computers, computer networks, and computer data storage used in voting 
systems, methods to detect and prevent fraud, and protection of voter 
privacy and the role of human factors in the design and application of 
voting systems.
    To assist NIST in its role of developing guidance for the security 
and related usability of electronic voting systems, NIST plans to 
solicit the election community's participation in a workshop to develop 
an analysis of threats to voting systems. The election community 
members include election directors and officials, voting system 
researchers, election system vendors, threat experts in related areas, 
and others in the public and private sector.
    It is anticipated that the workshop will result in a published 
overview and analysis of threats to voting systems, and how in general 
these threats can be mitigated. The goal of the workshop is to gather 
further threat analysis material and input to material already 
developed from participants so that, together, these may be used to 
drive the creation of appropriate requirements for the security of 
voting systems.
    Participants in the workshop are encouraged to submit a position 
paper to the conference by September 30, 2005. Position papers and 
other submitted materials will be made publicly available on the NIST 
voting Web site. There will be time available for open public comment. 
The detailed draft agenda and supporting documentation for the workshop 
will be made available prior to the workshop at the NIST voting Web 
site http://vote.nist.gov/threats/.

DATES: The workshop will be held on October 7, 2005, from 9 a.m. to 5 
p.m.

ADDRESSES: The workshop will be held in Building 820 (NIST North), Room 
152, at the National Institute of Standards and Technology, 
Gaithersburg, MD.

FOR FURTHER INFORMATION CONTACT: Additional information, as available 
may be obtained from the NIST voting Web site at http://vote.nist.gov/threats/ or by contacting Peter Ketcham, National Institute of 
Standards and Technology, 100 Bureau Drive, Stop 8910, Gaithersburg, MD 
20899-8910; telephone 301-975-5456; or e-mail: [email protected].

SUPPLEMENTARY INFORMATION: NIST will lead an outreach effort in 
coordination with election officials, voting system experts, security 
threat experts, and the public and private sector to develop and 
disseminate an analysis of threats to voting systems. Examples of such 
voting systems include Direct Recording Electronic (DRE) systems, 
systems using voter verified audit trail technology, optical scan 
voting systems, and ballot marking devices.
    The goal of the workshop is to solicit and gather threat analysis 
material and to gather critical analysis of the collected threats, 
their plausibility of various scenarios, assumptions made, and what 
lessons can be learned as a result of the analysis. Participants in the 
workshop will be expected to understand the collected materials and 
participate in the critical analysis and conclusions. In particular, 
participants will be asked to comment on the ramifications of the 
threat analysis materials so that this may result in general 
requirements for the security of voting systems. NIST will use the 
results of the workshop to develop security and related usability 
requirements for future iterations of the Voluntary Voting System 
Guidelines (VVSG). The proceedings of the workshop will be published.

Workshop Topics Include

Overview, importance, and goals of a threat analysis
Questions that a threat analysis can answer
Overviews of submitted position papers and threat analysis work
General trends in attacks on information technology systems and 
ramifications to future voting systems security
General requirements for voting system security
Whether on-going voting systems threat analyses should be supported

    State and local election directors and officials, voting systems 
security experts and researchers, election lawyers, experts in threat 
analysis, voting systems vendors, and others from the public and 
private sector are encouraged to present information at the workshop 
describing their analysis of voting system threats and their 
conclusions as to how requirements for voting system security should be 
targeted. Participants wishing to formally present information at the 
workshop should submit proposals by September 16, 2005, and should 
submit any related threat analysis material to [email protected] by 
September 30, 2005. Position papers, and other submitted materials will 
be made publicly available on the NIST voting Web site.
    Because of NIST security regulations, advance registration is 
mandatory; there will be no on-site, same-day registration. To 
register, please see http://vote.nist.gov/threats/ or fax the 
registration form with your name, address, telephone, fax and e-mail 
address to 301-948-2067 (Attn: Developing an Analysis of Threats to 
Voting Systems) by September 30, 2005.

[[Page 53636]]

The registration fee will be $25. Payment can be made by credit card, 
check, purchase order, and government training form.

    Dated: August 31, 2005.
William A. Jeffrey,
Director.
[FR Doc. 05-17923 Filed 9-8-05; 8:45 am]
BILLING CODE 3510-13-P