Section 7 of the VVSG 1.1 contains requirements for security. NIST has completed a set of draft test assertions for the security requirements of Section 7. Section 7 includes, but is not limited to, access control, software setup and validation, polling place security, and use of public telecommunications networks.
Test assertions are measurable expressions that must be tested in order to evaluate conformance of an implementation (in this case a voting system) to a requirement. The goal of creating these test assertions is to make clear, to testing laboratories and manufacturers of voting systems, exactly what conditions of each requirement in the VVSG need to be tested in order to be certified by the Election Assistance Commission (EAC). Different testing laboratories, using this set of test assertions, should arrive at the same pass/fail results for each requirement in the VVSG, thus helping to ensure uniformity in testing among testing laboratories. These test assertions were developed by NIST and distributed to EAC and testing laboratories for their comments.
Please submit your comments to firstname.lastname@example.org . We will examine, and incorporate, all relevant comments, and post the final version at that time. Some laboratory comments were received too late to be incorporated into these assertions but will be incorporated, along with comments we receive, into the final version.
NIST has previously completed a set of test assertions for the VVSG 1.0 security requirements.
A complete version of the VVSG 1.1 can be found at http://www.eac.gov/testing_and_certification/voluntary_voting_system_guidelines.aspx.
Test Assertions for VVSG 1.1, section 7, subsections: