> For the complete documentation index, see [llms.txt](https://docs.voting.works/vxsuite-tdp-v4/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.voting.works/vxsuite-tdp-v4/system-performance-and-specifications/safety-security-privacy-and-continuity-of-operation.md). # Safety, Security, Privacy, and Continuity of Operation The following article and linked related articles are intended to cover VVSG 2.0 3.1.2-A.4. ## Safety Per VVSG 2.0 8.1-K - Eliminating Hazards, devices associated with the voting system are certified in accordance with the requirements of UL 62368-1. See [Audio Visual & Display Screen Settings](/vxsuite-tdp-v4/audio-visual-and-display-screen-settings.md#eliminating-hazards). VxSuite hardware is designed to eliminate hazards from shock, radiation, heat, and mechanical dangers when used and maintained in accordance with the [VxSuite User Manual - v4.0](https://docs.voting.works/vxsuite-user-manual-v4/). ## Security The system's provisions for security are detailed in the [System Security, Auditing & Logging](/vxsuite-tdp-v4/system-security-auditing-and-logging.md) section. ## Privacy The provisions for voter privacy on VxScan are described in [Preserving Voter Privacy](/vxsuite-tdp-v4/system-security-auditing-and-logging/software-security/artifact-authentication/preserving-voter-privacy.md). The provisions for voter privacy on VxMarkScan are described in [Broken mention](broken://pages/aCjqkzRflt37c8Qg81IX#voter-privacy). ## Continuity of Operation ### Error Recovery The voting system is designed to recover from errors as gracefully as possible. Displayed error messages, as enumerated in the error message sections in the [VxSuite User Manual - v4.0](https://docs.voting.works/vxsuite-user-manual-v4/), are written to guide users to address the error. If the user encounters a recoverable error, the error message will instruct them to how to properly continue operation. For example if a smart card is inserted backward, the message will prompt the user to insert it correctly. If the user encounters an unrecoverable software error, the error message will prompt the user to restart the machine. The vast majority of problematic software states are resolved by a restart. After restarting, operation can continue. ### Machine Replacement If a machine is damaged to the point of being inoperable, a replacement machine of the same type can be used. For larger customers, VotingWorks recommends that customers buy and maintain their own backup machines. For smaller customers, VotingWorks can provide replacement machines. If a replacement takes place in the middle of an election, users can take the following steps to substitute equipment: * **VxScan -** Switch to scanning on the replacement VxScan and, at the end of the election, aggregate the cast vote records from both the damaged and replacement VxScans. * **VxMarkScan** - Voters should start new voting sessions on the replacement VxMarkScan. * **VxCentralScan** - The document scanner can simply be swapped. If the laptop is damaged and cast vote records were never exported, the scanned ballots should be re-scanned with the replacement laptop. * **VxAdmin** - If the laptop is damaged, the laptop should be reconfigured with the election package and any cast vote records should be reloaded from the various USB drives. ### Paper Processes VxSuite is ultimately a paper-based voting system and in the case of multiple overlapping failures, a part or the whole of the election can be transitioned to run on paper. If VxScan is damaged, ballots can be deposited in a ballot box and scanned later on VxCentralScan. If VxCentralScan is damaged, ballots can be fed into VxScan. If all scanners are damaged, ballots can be hand-counted. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.voting.works/vxsuite-tdp-v4/system-performance-and-specifications/safety-security-privacy-and-continuity-of-operation.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.