LogoLogo
  • Software Independence
  • System Security Architecture Description
    • Access Control
    • Artifact Authentication
      • Hashing of Continuously Exported Cast Vote Records
      • Preserving Voter Privacy
    • System Integrity
    • Networking
    • Password and Credential Policies
    • Defense-in-Depth and Least Privilege
    • Cryptography
  • Procedural and Operational Security
  • Known Vulnerabilities
  • Trusted Build
    • Build Machine Configuration
      • Installing Debian 12 to VxBuild
    • Online Phase
    • Offline Phase
    • Final Configuration
      • Secure Boot Signing
    • Installing an Image via vx-iso
      • Preparing USB Installation Drives
      • Installing a VotingWorks Image
      • Machine Configuration Wizard and VxCertifier
      • Verifying an installed image
    • Hash/Checksum Verification
    • Virt Manager - Network Access & Troubleshooting
  • Reliably Detectable Marks
Powered by GitBook
On this page
Export as PDF

Trusted Build

PreviousKnown VulnerabilitiesNextBuild Machine Configuration

Last updated 1 year ago

This document maps to the following requirements in VVSG 2.0:

  • 3.1.4-A, E, F, G, and H

  • 3.2-B and 3.2-B.1

  • 3.2-D

  • 3.2-E

The VotingWorks build process consists of three distinct build phases: , , and . The build process uses an inventory definition containing all the necessary information for a trusted build. All three phases are executed within a separate virtual machine (VM) managed by the tool, running on a Debian 12 operating system.

In the online phase, the build process utilizes a base Debian 12 VM with network access enabled. All necessary code repositories and build tools are securely retrieved and transferred to a USB for use during the offline phase.

In the offline phase, the build process utilizes a base Debian 12 VM with network access disabled. All necessary code repositories and build tools are transferred from the USB created during the online phase.

In the final configuration phase, the build process utilizes a clone of the offline VM to configure the specific VotingWorks application based on functionality: VxAdmin, VxCentralScan, VxScan, or VxMark.

After completing the final configuration phase, an unlocked installation image has been created. While this image is not appropriate for production use, it can be used for testing and verification of the VotingWorks application created via the Trusted Build process.

For a final production image, an additional process is required to securely sign the installation image for use with Secure Boot enabled systems. That process will be defined between VotingWorks and SLI in more detail, but an initial overview of options can be found in .

online
offline
final configuration
virt-manager
Secure Boot Signing