Election Security

Over the past few years, election security has become even more heightened. Working together, the Elections Division and the Department of Information Technology (DIT) are responsible for maintaining the security and integrity of the election process. The county is committed to using all available resources to administer secure elections and frequently relies upon information from the FBI (Federal Bureau of Investigation), MS-ISAC (Multi-State Information Sharing & Analysis Center), DHS CISA (Department of Homeland Security Cybersecurity and Infrastructure Security Agency), and private security firms. Timely and vetted information from trusted sources such as these further strengthens the county’s existing elections security and incident management practices and to quickly and effectively defend against and thwart active threats.

While specific and detailed information on security protocols is not publicly shared or available, the following provides general information regarding testing and security measures are completed by DIT during each election cycle:

Format Flash Drives

In order to make sure that no viruses or other malware can get into the election networks, there is a group of flash drives that is used only for election purposes, to shuttle data either from the unofficial network to the County network on election night or from the unofficial network to the official network after the election night tabulation.

Each flash drive is used in one direction only and if another file/dataset is needed a new flash drive will be used. The flash drives that have been used in an election are wiped and re-formatted before the next election.

Logic and Accuracy Testing

In order to ensure that all scanning, processing, and tabulation equipment is working as expected, the Elections division conducts a full test of all the equipment used on election day several weeks before the election. The results of that test are then read into ElectionWare to ensure that the number of votes is as expected. This is called Logic and Accuracy testing.

DIT is responsible for loading the results of the test scanning, creating reports, having the Elections division verify that the results are as expected, and then clearing the election results so that the system is ready for election day. This testing is advertised and open to public observation, although pre-registration is required.

Regional Laptop Testing

DIT performs regional VPN connection tests approximately 2 weeks prior to the election. This is to ensure that the regional laptops are working properly and able to connect to the unofficial network.

Test USB sticks (created by Elections) are used to read into the laptops at each regional location while additional DIT staff verify that the results were transmitted correctly. All testing is done by trained DIT staff.

Password Changes

To ensure continued security of the equipment and data in the Election Warehouse, all passwords on all ElectionWare equipment are changed every election cycle. Password changes include official, unofficial and regional laptop Windows log in credentials and passwords. Server passwords are also changed each election cycle.

Air Gap Tests

The county has a contract with an outside security agency to perform a network air gap analysis of the election tabulation network. An air gap is a network security measure employed on one or more computers to ensure that the secure computer network is physically isolated from unsecured networks, such as the public internet or an unsecured local area network.

The Department of Information Technology coordinates the scheduling of the air gap testing with the vendor to guarantee it happens on the day before the election and two days after the election. A report is then issued detailing the tests. The report also contains documentation of security risk mitigation technologies and configurations in detail. Information contained within these reports could provide a roadmap of how to circumvent security measures and potentially compromise the security of the election. As a result, the reports from these tests are not published publicly due to the highly sensitive nature of their content.

ElectionWare Software

System software is installed on hardened computers, which are locked down to only perform the core functions required for an election. Hardened computers will not accept an unauthorized USB flash drive and restricts authorized users to only perform necessary actions.

Election system saves a record of all user actions to the system audit log. The system uses a unique encryption key for each election. This ensures all voting machines will only accept USB flash drives programmed for that election and prevents tampering by unauthorized agents.

Post-Election Verification

DIT performs a post-election read of the backup sticks from the DS200 machines. This ensures that the information that was transmitted through the unofficial network on election night matches the results read in from the back up sticks.

DIT runs reports from ElectionWare to confirm that the vote totals per precinct/contest match the totals from the unofficial network on election night. DIT works with election personnel to assist with any discrepancies.

Counties also conduct a 2% statistical sample analysis and a statewide risk-limiting audit. You can learn more about both efforts on the state's Post-Election Audits webpage.

Parallel Test

The Elections Division has contracted an outside auditing agency to perform an independent test of the voting equipment. The auditor randomly selects a single precinct that they will test all voting equipment to ensure that the voting machines are working properly.

It is the responsibility of DIT (Department of Information Technology) to meet with the auditor after the election to complete the testing and provide the necessary files/documentation to show that the machines worked as expected.

Physical Security Measures

All regional reporting centers are staffed on election night with personnel from numerous departments to ensure voting security and integrity.

To gain access to the elections tabulation room in the warehouse, one must have a key card access to or contact within the warehouse for admission.

Contact

See something wrong, or have a suggestion on other information for this page? Email us at electionsinfo@alleghenycounty.us with your thoughts.