# Trusted Build {% hint style="success" %} This document maps to the following requirements in VVSG 2.0: * 3.1.4-A, E, F, G, and H * 3.2-B and 3.2-B.1 * 3.2-D * 3.2-E {% endhint %} The VotingWorks build process consists of three distinct build phases: [**online**](/vxsuite-tdp-v3.1/trusted-build/online-phase.md), [**offline**](/vxsuite-tdp-v3.1/trusted-build/offline-phase.md), and [**final** **configuration**](/vxsuite-tdp-v3.1/trusted-build/final-configuration.md). The build process uses an inventory definition containing all the necessary information for a trusted build. All three phases are executed within a separate virtual machine (VM) managed by the [virt-manager](https://virt-manager.org/) tool, running on a Debian 12 operating system. In the online phase, the build process utilizes a base Debian 12 VM with network access enabled. All necessary code repositories and build tools are securely retrieved and transferred to a USB for use during the offline phase. In the offline phase, the build process utilizes a base Debian 12 VM with network access disabled. All necessary code repositories and build tools are transferred from the USB created during the online phase. In the final configuration phase, the build process utilizes a clone of the offline VM to configure the specific VotingWorks application based on functionality: VxAdmin, VxCentralScan, VxScan, or VxMark. After completing the final configuration phase, an unlocked installation image has been created. While this image is not appropriate for production use, it can be used for testing and verification of the VotingWorks application created via the Trusted Build process. For a final production image, an additional process is required to securely sign the installation image for use with Secure Boot enabled systems. That process will be defined between VotingWorks and SLI in more detail, but an initial overview of options can be found in [Secure Boot Signing](/vxsuite-tdp-v3.1/trusted-build/final-configuration/secure-boot-signing.md). --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.voting.works/vxsuite-tdp-v3.1/trusted-build.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.