VxSuite TDP - v4
  • System Overview
    • Election Package
      • VxSuite Election Definition
      • Ballot Definition CDF
    • Hand Marked Ballots
    • Machine Marked Ballots
    • Cast Vote Records
    • VxScan Polls Reports
    • VxAdmin Results Exports
      • Tally Reports
      • Ballot Count Reports
      • CSV Exports
      • Write-In Adjudication Report
      • CDF ERR Export
    • Software Overview
    • User Roles
    • VxAdmin Function
    • VxCentralScan Function
    • VxAdmin & VxCentralScan Hardware
    • VxScan Function
    • VxScan Hardware
    • VxMark Function
    • VxMark Hardware
    • Ballot Interpretation
    • Diagnostics
    • Signed Hash Validation
  • System Performance & Specifications
    • Supported Voting Variations & Languages
    • System Limits
      • Maximum Tabulation Rate
    • Paper Ballot Specifications
    • Reliably Detectable Marks
    • Safety, Security, Privacy, and Continuity of Operation
    • Processing Capabilities
  • System Security, Auditing & Logging
    • System Security Architecture
      • Access Control
      • Artifact Authentication
        • Hashing of Continuously Exported Cast Vote Records
        • Preserving Voter Privacy
      • System Integrity
      • Networking
      • Password and Credential Policies
      • Defense-in-Depth and Least Privilege
      • Cryptography
    • Physical Security
    • Procedural and Operational Security
    • Audit Procedure
    • Logging
    • Vulnerability Management
    • Risk Assessment
    • Hardware Criticality and Supplier Analysis
  • Software Installation
    • Trusted Build
      • Build Machine Configuration
        • Installing Debian 12 on VxBuild
      • Online Phase
      • Offline Phase
      • Final Configuration
        • Secure Boot Signing
      • Hash/Checksum Verification of Dependencies
      • Virt Manager - Network Access & Troubleshooting
    • Imaging Machines
      • Preparing USB Drives for Imaging
      • Imaging
      • Basic Configuration Wizard
      • Verifying the Image Installed on a Machine
      • Software Installation Record Creation
  • System Operations & Training Manual
  • System Inspection & Logic and Accuracy Testing
  • System Maintenance Manual
  • Usability & Accessibility
  • Audio Visual & Display Screen Settings
  • Quality Assurance Manual
  • Warranty Model
  • Public Documents
    • Ballot QR Code Data Format
Powered by GitBook
On this page
  • Safety
  • Security
  • Privacy
  • Continuity of Operation
  • Error Recovery
  • Machine Replacement
  • Paper Processes
Export as PDF
  1. System Performance & Specifications

Safety, Security, Privacy, and Continuity of Operation

PreviousReliably Detectable MarksNextProcessing Capabilities

Last updated 2 days ago

The following article and linked related articles are intended to cover VVSG 2.0 3.1.2-A.4.

Safety

Per VVSG 2.0 8.1-K - Eliminating Hazards, devices associated with the voting system are certified in accordance with the requirements of UL 62368-1. See . VxSuite hardware is designed to eliminate hazards from shock, radiation, heat, and mechanical dangers when used and maintained in accordance with the .

Security

The system's provisions for security are detailed in the System Security, Auditing & Logging section.

Privacy

The provisions for voter privacy on VxScan are described in Preserving Voter Privacy. The provisions for voter privacy on VxMark are described in .

Continuity of Operation

Error Recovery

The voting system is designed to recover from errors as gracefully as possible. Displayed error messages, as enumerated in the error message sections in the , are written to guide users to address the error. If the user encounters a recoverable error, the error message will instruct them to how to properly continue operation. For example if a smart card is inserted backward, the message will prompt the user to insert it correctly. If the user encounters an unrecoverable software error, the error message will prompt the user to restart the machine. The vast majority of problematic software states are resolved by a restart. After restarting, operation can continue.

Machine Replacement

If a machine is damaged to the point of being inoperable, a replacement machine of the same type can be used. For larger customers, VotingWorks recommends that customers buy and maintain their own backup machines. For smaller customers, VotingWorks can provide replacement machines. If a replacement takes place in the middle of an election, users can take the following steps to substitute equipment:

  • VxScan - Switch to scanning on the replacement VxScan and, at the end of the election, aggregate the cast vote records from both the damaged and replacement VxScans.

  • VxMark - Voters should start new voting sessions on the replacement VxMark.

  • VxCentralScan - The document scanner can simply be swapped. If the laptop is damaged and cast vote records were never exported, the scanned ballots should be re-scanned with the replacement laptop.

  • VxAdmin - If the laptop is damaged, the laptop should be reconfigured with the election package and any cast vote records should be reloaded from the various USB drives.

Paper Processes

VxSuite is ultimately a paper-based voting system and in the case of multiple overlapping failures, a part or the whole of the election can be transitioned to run on paper. If VxScan is damaged, ballots can be deposited in a ballot box and scanned later on VxCentralScan. If VxCentralScan is damaged, ballots can be fed into VxScan. If all scanners are damaged, ballots can be hand-counted.

Eliminating Hazards
VxSuite User Manual - v4
VxSuite User Manual - v4
Voter Privacy