Abstract
The Help America Vote Act (HAVA) of 2002 has given NIST a key role in helping to realize nationwide improvements in voting systems by January 2006. NIST research activities authorized by HAVA include the security of computers, computer networks, and computer data storage used in voting systems, methods to detect and prevent fraud, and protection of voter privacy and the role of human factors in the design and application of voting systems. Complete details of NIST voting research are available at
http://www.vote.nist.gov. The National Institute of Standards and Technology (NIST) hosted a workshop to allow the U.S. election community to participate in developing an analysis of threats to voting systems. The workshop took place on October 7, 2005, at the Hilton Washington DC North in Gaithersburg, Maryland. The goal of the workshop was to solicit and gather threat analysis material and critical analysis of the collected threats; assess the plausibility of various scenarios and assumptions made; and extract lessons learned as a result of the analysis. State and local election directors and officials, voting system security researchers, election lawyers, threat analysis experts, voting system vendors, and others from the public and private sectors submitted threat analyses of voting systems and participated in the workshop. This workshop summary includes a synopsis of invited presentations and panel discussions as well as audience comments and questions. Audio recordings of the workshop proceedings served as the basis for panelist and presenter comments summarized herein. (Editor?s note: Best efforts have been made to paraphrase the remarks of all participants. The positions expressed are solely those of the presenter, panelist, or audience participant. Threat Analyses papers referenced in the workshop are included as an appendix. NIST encourages the election community to continue the threat analyses dialog begun at the October workshop.