[E-voting] PTB test reports (side issue)
michael at hexmedia.com
Sun Mar 14 01:08:04 GMT 2004
I've just read the PTB test reports and it seems as if
the testing they did was of a rather superficial nature
and way below what I would have expected.
Throughout their main report, they refer to various functional
and software tests. To me "software tests" would mean that they
write or provide some software which tests the system in question, but
that actually what they are referring to was a software code-review :(
For example, requirement number (10), "following insertion of a programmed
ballot module into the voting machine the voting machine shall carry out
the following functions in sequence .... - and display and/or print contents
of the memory of the primary ballot module.".
I would have expected the PTB to use the voting machine to load a ballot
and then use some independent system to read it back again and verify the
contents. Instead, what they seem to have done was use the voting
for testing, but confirm the correct behavior with a source code review.
The report is vague, but that is how it looks to me.
Other requirements eg. number (4) "in the case of a processor
controlled machine, any alteration of the installed software by an
unauthorised person will be detected", this seems to just repeat the
claims in this regard, and that no meaningful test was actually done.
I'm basing this on the two PTB documents on the electronicvoting.ie web
Has anyone else looked at these reports and come to a similar conclusion,
or do additional test documents from PTB exist?
More information about the E-voting