1) The Process; Concept of System Operation (our Scope);
Committee Chair:
I have a process issue listed below.
1) Is there a Concept of (System) Operation document?
I would like to see some bounds placed on the task at hand and
a concept of operation might be the first document to set the bounds.
I think the bounds of our standard should include more than just the
physical
act of voting, it should include more than just the voting station.
I think the standards should consider the preparation of the
information to go into the voting station. The standard should address
the control of the voing operations (voter authentication, etc). The
standard
should address the counting process (to assure no duplicates, no loss
of votes, etc). If not all of these issue in the standard, the standard
should at least assure compatibility at the interfaces.
I am thinking that the standard we are charged with developing
should cover more than a single device that interacts with a
registered voter. When thinking of the flow of data for an election,
it includes a preparation phase, the physical act of voting phase, and
the finalization phase of the election. The phases of the election my
be further expanded to: the initialization phase (e.g., prepare the ballot,
prepare a list of voters), the authentication/authorization of
the voter, the voting, the accumulation of votes, the counting of
votes, and certification of the count. I think the standard
could cover or ensure compatibility with the total election system.
What is the total system we should consider? I think we should
describe the system in a document like a "concept of operation" document.
[Ref: http://www.ucf.edu/redesign/contextsearch/conops.html]
After having a concept of operation document, lines could be drawn around a
subset of issues to better define the scope of the P1583 standards effort.
Example Concept of Operation:
The voting machine "system" block diagram (context diagram) should
be created to describe the bounds of the problem for the P1583
committee.
It seems that the system context might include INPUTs such as:
voter authentication information, ballot details, and voter
ballot selections.
System OUTPUTs might include: a voter receipt,
voter results to a local collection center, forwarding of the voting
information to a higher level authority (from the ballot machine in
the voting booth to the collection machine in the ballot place, and
forwarding results to even higher levels of authority (including
precincts, counties, states, and federal levels of authority).
The following is an example of the voting process auditing
to be considered in the concept of operation document:
At each level of the election/voting process, as voting results
are passed upward, an audit trail must be provided.
The voting process levels would include:
(lowest) voter level,
(mid-level) precinct level
(upper/top-level) election center level
and there my be sub-levels for each of these levels.
The voting system audit trail should start at the level of the
voter (give the voter feedback; possibly the results in an
encrypted format on a very small peace of paper). The audit trail
would end at the top level with summary reports to various
distribution lists (e.g., to the media and to the public).
Robert N. Smith
r.n.smith@ieee.org