[Federal Register Volume 74, Number 105 (Wednesday, June 3, 2009)]
[Notices]
[Pages 26665-26667]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: E9-12831]


=======================================================================
-----------------------------------------------------------------------

ELECTION ASSISTANCE COMMISSION


Proposed Guidance on Voluntary Voting System Guidelines

AGENCY: United States Election Assistance Commission.

ACTION: Notice of proposed updates and revisions to the 2005 Voluntary 
Voting System Guidelines and request for public comment.

-----------------------------------------------------------------------

SUMMARY: The Help America Vote Act of 2002 (HAVA) (Pub. L. 107-252; 42 
U.S.C. 15301 et seq. (October 29, 2002)) established the U.S. Election 
Assistance Commission (EAC). Section 202 of HAVA directs the EAC to 
adopt voluntary voting system guidelines (VVSG) and to provide for the 
testing, certification, decertification, and recertification of voting 
system hardware and software. The VVSG provides specifications and 
standards against which voting systems can be tested to determine if 
they provide basic functionality, accessibility, and security 
capabilities.
    As required by Section 222(d) of HAVA the EAC is placing its 
proposed updates and revisions out for a 120-day public comment period. 
The EAC is asking for comments regarding all sections of the standards 
impacted by the update process. This updated and revised version of the 
VVSG will be known as Voluntary Voting System Guidelines v.1.1 (VVSG 
v.1.1).
    The EAC made the decision to update and revise the 2005 VVSG as a 
result of feedback received through its Voting System Testing and 
Certification Program. As the EAC has worked to test and certify voting 
systems it observed and received feedback from various sources that the 
standards being tested to were at times ambiguous and difficult to 
apply in testing. This ambiguity has led to challenges in making 
testing consist both within a test laboratory and across different 
laboratories. In addition, the EAC has received feedback from the 
National Institute of Standards and Technology (NIST) that the creation 
of formalized test suites for the 2005 VVSG would be aided by a 
clarification of certain portions of document. This information, 
combined with the EAC's issuance of seventeen interpretations of the 
VVSG to clarify various standards,

[[Page 26666]]

led the EAC to propose improvements to the 2005 VVSG.
    Specifically, the EAC determined to implement a number of 
recommendations submitted by the EAC's Technical Guidelines Development 
Committee (TGDC). On March 29, 2006, the TGDC held its first meeting to 
discuss the next iteration of the VVSG. Since that time, the TGDC has 
held numerous public meetings and subcommittee conference calls to 
create a set of draft guidelines for recommendation to the EAC (all 
TGDC meeting materials can be found at http://www.vote.nist.gov). On 
August 17, 2007, the TGDC voted to complete final edits of their 
recommendations and submit them to the Executive Director of the EAC. 
The EAC received the draft guidelines from the TGDC on August 31, 2007.
    After receipt of the TGDC's recommendations for the next iteration 
of the VVSG the EAC opened a one hundred and eighty day public comment 
period. During this public comment period the EAC received over 3000 
comments on the recommendations. In addition, during the comment period 
the EAC conducted a series of seven roundtable discussions regarding 
the TGDC's recommendations.
    After the close of the public comment period for the TGDC's 
recommendations the EAC made the decision to update and revise the 2005 
VVSG with portions of the TGDC's recommendations. The purpose of this 
revision is to clarify and improve the VVSG in order to allow for more 
efficient and consistent testing under the EAC's Testing and 
Certification Program.
    In addition, to the observations and feedback produced by the EAC's 
Testing and Certification Program the gained additional information as 
a of the public comment review of the EAC's Technical Guidelines 
Development Committee's recommendations for the Next Iteration of the 
VVSG. During this comment period, which ran from September 2007 to May 
2008 the EAC received comments praising many of the proposed standards 
as being more testable and less ambiguous as previous versions of the 
standard. Also, during this comment period the EAC held a series of 
seven round table discussions with various sections of the Election 
Community. During these round table discussions there was near 
unanimous agreement that the TGDC recommended standards were a clearly 
written and a more testable standard than the 2005 VVSG.
    Based on all of this information the EAC made the decision to 
revise and update the 2005 VVSG with portions of the TGDC recommended 
version of the VVSG. While the EAC is continuing to work with the next 
iteration of the standards it felt it was important to revise and 
update the 2005 VVSG. The purpose for these revisions and updates is 
to:
    [diams] Improve the clarity and testability of the VVSG.
    [diams] Ensure consistency of testing by accredited test 
laboratories.
    [diams] Aid NIST in the development of test suites for the VVSG.
    [diams] Minimize the need for EAC interpretations of the standards.
    [diams] Update portions of VVSG requirements to reflect 
advancements in voting technology.
    In evaluating which sections of the TGDC recommendations to use to 
update the 2005 VVSG the EAC/NIST used the following criteria:
    [diams] Those sections which would not require hardware changes to 
current voting systems.
    [diams] Those sections which would not require complex software 
changes to current voting systems.
    [diams] Those sections which cause no substantial changes to the 
overall structure of the 2005 VVSG.
    [diams] Those sections which clarify or improve portions of the 
2005 VVSG in order to allow for development of test cases.
    With those criteria in mind the EAC chose to revise the following 
sections of the 2005 VVSG with the following sections of the TGDC 
recommendations:

1. Hardware and Software Performance Benchmarks and Test Method

     Volume I Section 4.1.1 of the 2005 VVSG is replaced by 
Part 1 Section 6.3.2 (Accuracy) of the TGDC Recommendations.
     Volume I Section 4.1.5.1.e.ii (under Ballot Handling) and 
4.1.5.2.f (under Ballot Reading Accuracy) of the 2005 VVSG are replaced 
by Part 1 Section 6.3.3 (Misfeed Rate) of the TGDC Recommendations.
     Volume I Section 4.3.3 of the 2005 VVSG is replaced by a 
condensed version of Part 1 Section 6.3.1 (Reliability) of the TGDC 
Recommendations.
     To update the test method, Volume II Appendix C of the 
2005 VVSG is completely replaced by Part 3 Section 5.3 of the TGDC 
Recommendations. Volume II Sections 4.7.1.1 and 4.7.3 of the 2005 VVSG 
are deleted. Volume II Sections 1.8.2.3 and 4.5 of the 2005 VVSG are 
harmonized with Part 3 Section 2.5.3 of the TGDC Recommendations.

2. Software Workmanship

     Volume I Section 5.2 of the 2005 VVSG is replaced by Part 
1 Sections 6.4.1 through 6.4.1.8 of the TGDC Recommendations.
     Volume II Section 5.4 of the 2005 VVSG is replaced by Part 
3 Section 4.5.1 of the TGDC Recommendations.
     Volume II Section 1.8.2.6 (Certification Test Practices) 
of the 2005 VVSG is harmonized with Part 3 Section 2.5.5 of the TGDC 
Recommendations to clarify the handling of logic defects.
    3. Test Plan and Test Report--Appendices A and B of Volume II of 
the 2005 VVSG are harmonized with the current EAC manuals and NOC 09-
001.
    4. TDP and Voting Equipment User Documentation--Volume II Section 
2.1.1.1 of the 2005 VVSG is revised to include an outline of the TDP 
and the Voting Equipment User Documentation that is based on the TGDC 
Recommendations. Miscellaneous TDP requirements are added or modified 
to correct problems:
     Volume II Section 2.1.3 (Protection of Proprietary 
Information) is harmonized with EAC manuals.
     An obsolete normative reference is removed from Volume II 
Section 2.7.1.
     Volume II Sections 2.2.1 and 2.5.5.2 have new requirements 
to identify the compilers and interpreters used by the voting system.
     Volume II Section 2.2.2 has a new requirement for optical 
scanners, to specify what constitutes a reliably detectable mark versus 
a marginal mark.
     Volume II Section 2.8.5 has a new requirement to detail 
the care and handling precautions necessary for removable media to last 
the statutory 22 months.

5. (Non-EMC) Environmental Hardware

     Volume I Section 4.1.2.13 (Environmental Control--
Operating Environment) of the 2005 VVSG is revised with an operational 
temperature and humidity test requirement, with temperatures ranging 
from 41 [deg]F to 104 [deg]F (5 [deg]C to 40 [deg]C) and relative 
humidity from 5% to 85%, non-condensing.
     Volume II Section 4.7.1 (Temperature and Power Variation 
Tests) is replaced with requirements for testing according to 
appropriate procedures of MIL-STD-810D. Most of the previous text in 
this section was devoted to test materials, including detailed test 
scenarios, which will be included in the test materials for the 2005 
VVSG revision.
    6. Human Factors Requirements--The usability and accessibility 
requirements in Volume I Section 3 of the 2005 VVSG are replaced with 
requirements from

[[Page 26667]]

Part 1 Chapter 3 of the TGDC Recommendations, with the exception of 
Chapter 3's performance benchmark requirements. Part 1 Chapter 3 of the 
TGDC Recommendations is primarily a maintenance level upgrade to the 
2005 VVSG with minor modifications, clarifications, and a few additions 
including performance and poll worker usability requirements. (The VSS 
2002 contained almost no usability, accessibility, and privacy 
requirements. As a result, the 2005 VVSG Section 3 was mostly new 
material based on research, best practices, and standards relating to 
human factors and the design of user interfaces as they apply to voting 
systems.)
    7. System Security Documentation Requirements--Security 
documentation requirements in Volume II Section 2.6 (Security 
Documentation) of the 2005 VVSG are revised with requirements from Part 
2 Section 3.5 (System Security Specification) of the TGDC 
Recommendations. The new requirements include high-level security 
descriptions of the voting system and specific areas including
     Access control,
     Software installation security,
     System event logging,
     Physical security,
     Setup inspection, and
     Cryptography.
    8. Electronic Records--Section 2.4.4 (Electronic Records) has been 
added to Volume I Section 2 (Functional Requirements) of the 2005 VVSG; 
it contains requirements from Part 1 Chapter 4.3 (Electronic Records) 
of the TGDC Recommendations. These requirements cover the electronic 
reports generated by the voting system, including specific reports for 
tabulators and Election Management Systems (EMS).
    9. Voter Verified Paper Audit Trails (VVPAT)--VVPAT requirements in 
Volume I Sections 7.9.1 through 7.9.4 (Voter Verifiable Paper Audit 
Trail Requirements) are replaced with requirements from Part 1 Chapter 
4.4.2 (VVPAT) of the TGDC Recommendations.
    10. Cryptography--Cryptography requirements in the 2005 VVSG are 
revised with requirements from Part 1 Section 5.1 (Cryptography) of the 
TGDC Recommendations. When cryptography is used in a voting system, the 
requirements call for the use of a level 1 FIPS 140 validated 
cryptographic module (which allows software as well as hardware 
implementations, whereas the TGDC Recommendations allowed only hardware 
implementations). In addition, the new requirements require the use of 
NIST approved cryptographic algorithms at the 112-bit security strength 
or higher.
    11. External Interface Requirement--Volume I Section 7.4.6 
(Software Setup Validation) of the 2005 VVSG are revised with newly 
developed requirements to allow an alternative method to validate 
software on voting systems. The requirements state that voting systems 
must support one of the two verification methods specified in the 
requirements. The current software verification method allows software 
to be verified after software has been installed. The alternative 
software verification method verifies software as it is being installed 
on the voting system and requires voting systems to have mechanisms to 
protect the software once installed.
    12. EAC Requests for Interpretation (RFI) decisions--Requirements 
and discussion throughout the 2005 VVSG are revised based on the 
current set of EAC RFI decisions, from 2007-01 through 2008-12, located 
at http://www.eac.gov/program-areas/voting-systems/voting-system-certification/interpretations.
    13. General Edits--Several sections of the VVSG were revised to 
improve the consistency of wording or fix errors in the 2005 VVSG. In 
addition, several sections were revised to recognize the creation of 
the EAC's Testing and Certification Program which was not in place at 
the time of adoption of the 2005 VVSG.

DATES: Comments must be received on or before 4 p.m. EST on September 
28, 2009.
    Submission of Comments: The public may submit comments through one 
of the three different methods provided by the EAC: (1) Online 
electronic comment form at http://www.eac.gov, (Please note that the 
electronic comment tool will not be immediately available. The EAC will 
inform the public once the online comment tool becomes available.); (2) 
by mail to Voluntary Voting System Guidelines Comments, U.S. Election 
Assistance Commission, 1225 New York Ave, NW., Suite 1100, Washington, 
DC 20005; and (3) via e-mail at [email protected]. Members 
of the public are encouraged to submit comments electronically to 
ensure timely receipt and consideration.
    In order to allow efficient and effective review of comments the 
EAC requests that:
    (1) Comments refer to the specific section that is the subject of 
the comment.
    (2) General comments regarding the entire document or comments that 
refer to more than one section be made as specifically as possible so 
that EAC can clearly understand to which portion(s) of the documents 
the comment refers.
    (3) To the extent that a comment suggests a change in the wording 
of a requirement or section of the guidelines, please provide proposed 
language for the suggested change.
    To Obtain a Copy of the VVSG Volume Version 1.1: Due to the fact 
that the Voluntary Voting System Guidelines are more than 400 pages in 
length, the entire draft document has not been attached to this notice. 
A complete copy of the draft VVSG version 1.1 is available from the EAC 
in electronic format. An electronic copy can be downloaded in PDF 
format on the EAC's Web site, http://www.eac.gov. In order to obtain a 
paper copy of the TGDC draft recommendations please mail a written 
request to Voluntary Voting System Guidelines Comments, U.S. Election 
Assistance Commission, 1225 New York Ave, NW., Suite 1100, Washington, 
DC 20005.

FOR FURTHER INFORMATION CONTACT: Matthew Masterson, Phone (202) 566-
3100, e-mail [email protected].

SUPPLEMENTARY INFORMATION: Prior to the passage of HAVA, the Federal 
Election Commission (FEC) published the 2002 Voting System Standards 
(VSS). HAVA mandated that the EAC update the VSS. In December of 2005 
the EAC adopted the 2005 VVSG. The 2005 VVSG used many of the same 
requirements as the 2002 VSS but it expanded the security, 
accessibility, and usability sections.

Donetta L. Davidson,
Commissioner, U.S. Election Assistance Commission.
[FR Doc. E9-12831 Filed 5-29-09; 11:15 am]
BILLING CODE 6820-KF-P