Recommendations are provided to promote accuracy, integrity, and security in computerized vote-tallying, and to improve confidence in the results produced. The recommendations respond to identified problems, and concern software, hardware, operational procedures, and institutional changes. It is proposed that the concept of internal control, almost universally used to protect operations that produce priced goods or services, be adapted to vote-tallying, a non-priced service. For software, recommendations concern certification, assurance of logical correctness, and protection against contamination by hidden code. For hardware, recommendations concern accuracy of ballot reading, and design and certification of vote-tallying systems that do not use ballots. Improved pre-election testing and partial manual recounting of ballots are recommended operational procedures. Some recent significant events concerning computerized vote-tallying are reported. These events include development of performance specifications, publication of a series of New York Times articles, and activities in Texas leading to passage of a revised statute on electronic voting systems. Relative vulnerabilities of different types of vote-tallying systems, i.e., punch card, mark-sense, and direct recording electronic, are discussed. Certain recent elections in which difficulties occurred are reviewed, and categories of failures are highlighted.
Special Publication (NIST SP) - 500-158
accuracy, computer, election, integrity, internal control, public administration, security, vote-tallying