This project is developing and evaluating the application of iterative process improvement technology to assure the privacy, security, reliability, and trustworthiness of elections, which are the very cornerstone of democracy. The focus of the project is to locate mismatches between existing voting systems and the processes that are currently using them in the conduct of elections. These mismatches can result in vulnerabilities or inaccuracy in elections. This project demonstrates how to remediate such vulnerabilities through the use of iterative process improvement. The methodology uncovers vulnerabilities by modeling processes and examining how discrepancies between the characteristics of these processes and the behaviors of voting systems that are used by the processes can lead to such vulnerabilities. In this way, this project is making a novel and important contribution to defending one of the most critical processes of democracy.
The project tests the results on the election processes and systems of Yolo County. Part of the research is to model that county's processes using the process definition language, and examining what these processes require and expect from the voting systems they use. The existing voting systems can then be examined to determine whether they meet the requirements and expectations of the processes using them. Where mismatches occur, the vulnerabilities created by such mismatches can be assessed, improvements suggested, and the methodology can show how the suggested improvements address the mismatches and remove the vulnerabilities.
The overall goal of this project was to develop and evaluate the applicability of iterative process improvement technology to analyze the privacy, security, reliability, and trustworthiness of election processes. Elections are the cornerstone of the governing of the United States and of many other nations and organizations. By providing a methodology to improve the processes and computer systems used in elections, this project contributed to the welfare of the public in a very specific way. Thus, for example, our work, with election officials guiding the modeling, helped these officials to check their processes for single points of failure and points of failure where compensations would significantly reduce the probability of, or effects of, the failure. Our work also helped election officials to both anticipate various forms of attacks on the solidity of their elections, and to devise protections from, and countermeasures for, such attacks. All of this should make an important contribution to the welfare of societies that treasure democracy and trust their election processes to safeguard it. The work required the continued development of languages for the precise models of complex processes, and the application of powerful analyzers, originally developed for the analysis of computer software, to these process models. This resulted in the development and improvement of these technologies, which are also applicable to key processes in broad other areas such as business, management, transportation, finance, and government. Thus the achievements of this project, while most directly affecting the domain of elections, promises to support systematic process improvement in diverse other critical domains.
