Beruflich Dokumente
Kultur Dokumente
com
10/11/2012 03:29
Not even software escapes political partisanship as a newly-installed voting machine software module came under scrutiny on Tuesday due to a lack of software verification. A leaked work order obtained by The Free Press describes the commissioning of an application called EXP that allows users to enter custom codes and interface with the OSs reporting system to produce election results. Multiple news outlets have reported that Ohio Green Party congressional candidate Robert Fitrakis filed a lawsuit on Monday to block the inclusion of results obtained from voting machines that have EXP installed. Fritrakis charge stands on the testing requirements, or lack thereof, described in the work order. According to the work order, EXP is only required to undergo functional testing, which means that it will not require federal or state certification for Customer Acceptance testing.
Husted is confident that EXP is safe. This is because even though it wasnt part of the requirements, Election Systems & Software, a company that makes electronic voting systems used in Ohio, nonetheless developed the software in compliance with VSS2002, the federal standard that describes requirements for voting machine software. But Fritrakis lawyer, James Marsh, argues that the because EXP is a propriety, close-source application, that the only barrier to fraud is the mandated independent code-review process [identified in VSS-2002], which he believes is insufficient to verify that the application is designed to withstand fraudulent activities.
The approaching deadline of the election may have been a factor in deciding to bypass testing requirements associated with the states certification process. According to The Free Press:
Love this
PDF?
blog.parasoft.com
Embedded Software Testing at Center of Voting Machine Row
10/11/2012 03:29
Even in the absence of malicious intent in Ohio, implementing software for a critical use on a tight deadline without ample testing would be a highly unusual, and even suspect, practice among information technology professionals. An unintentional error could corrupt data and change overall results without anyone realizing there was a problem.
Want to learn more about the geek gap? Join us on November 14th, 2012 at 1:00 PM EST for Closing the Geek Gap with a Development Testing Platform.
At the heart of the problem appears to be a lack of sound policy that could have aligned the development/testing teams activities with the expectations of the Secretary of State, and in this particular case, of each organizations legal teams. This gap between the software development department and the business department is referred to as the Geek Gap. Is this another example of what can go wrong when corners are cut in favor of timely delivery or when the requirement gathering process is poorly executed? Is this more evidence that the Geek Gap is not only real, but has potentially dangerous consequences? Its too early to know what went wrong, but it seems evident that it was a process-related incident. Moreover, the deeper our critical activities become steeped in technology, the more scrutiny will (and should) be placed on not only the final product, but the entire SDLC.
http://blog.parasoft.com/bid/110880/Embedded-Software-Testing-at-Center-of-Voting-Machine-Row
***
Love this
PDF?