On March 7, 2018, U.S. Senator Amy Klobuchar and U.S. Senator Jeanne Shaheen sent a letter to all three leading manufacturers of voting systems used in the United States. Their letter raised two specific questions about certain (non-election) software companies’ practice of allowing their source code to be reviewed by Russian entities: whether any of that software is used in our election systems and whether any elements of our voting systems are submitted for that type of review. They also asked a third, more broad-reaching question about what we are doing to deploy modern technologies to increase election security.
Hart InterCivic takes the topic of election security very seriously and we are happy to engage in this important conversation. Please see our response below.
March 9, 2018
The Honorable Amy Klobuchar
United States Senate
302 Hart Senate Office Building
Washington, D.C. 20510
The Honorable Jeanne Shaheen
United States Senate
506 Hart Senate Office Building
Washington, D.C. 20510
Dear Senator Klobuchar and Senator Shaheen,
Thank you for your letter seeking information regarding the security of voting systems in the United States and details regarding Hart InterCivic’s voting systems.
Below are Hart’s responses to your questions:
1) Have you shared your source code or any other sensitive data related to your voting machines or other products with any Russian entity?
Response: No. Hart has not and will not share any sensitive information in this manner. We only share sensitive information about our voting systems as required for testing and certification by the U.S. Election Assistance Commission (EAC) and by certain U.S. state election divisions which have similar testing and certification protocols.
2) To your knowledge, has any of the software that runs on your products been shared with any Russian entity?
Response: No. None of the software referenced in your letter as having been shared with Russian entities is used in any of our voting systems. Beyond the specific lists of software referenced in the articles in your letter, none of the software used in Hart’s voting systems has been shared in this way.
3) What steps have you taken or will you take in order to upgrade existing technologies in light of the increased threat against our elections?
Response: The most significant step Hart has taken to improve election security is to design and build an all-new voting system which incorporates the most modern security technology and security best practices. Verity is Hart’s latest-generation voting system and is available to election officials now. It has undergone rigorous testing by an independent, accredited Voting System Test Laboratory (VSTL) and has attained certification from the U.S. Election Assistance Commission (EAC). Separately, Verity has successfully passed multiple states’ independent testing and certification processes. Verity has never failed a test at the federal or state level.
Representative examples of safeguards that are used to protect the security of elections conducted using Verity:
- All Verity components operate in a closed workflow that is not connected to any other non-Verity software infrastructure.
- Verity is not connected to the internet.
- Verity is separated by an “air gap” from online elements of election management such as voter registration systems/databases and Election Night reporting systems.
- Verity software cannot be accessed remotely by Hart or anyone else.
- All election data is secured with National Institute of Standards and Technology (NIST)/Voluntary Voting System Guidelines (VVSG)-compliant Federal Information Processing Standards (FIPS) 140-2 cryptography.
- Multiple, redundant data backups protect against data loss and provide comparisons to test against attempted data manipulation.
- Verity systems run in “kiosk” mode, which limits users’ access to only those elements of the system they are authorized to use. No user has access to operating system files, and no other programs or files can be loaded onto systems or devices running Verity software.
- Verity employs “whitelisting” security which prevents any and all unauthorized software from running on the voting system.
- Verity election management software requires two-factor user authentication.
- Verity devices are protected with tamper-evident security seals. Voters cannot insert external cards, drives, devices or cables, and no executable code can be hidden and run on the devices.
- Verity tracks every user action, including logins, data entry, ballot resolution steps and other system events, providing comprehensive, plain-language audit logs that make it easy for all stakeholders to monitor how the system is used.
- Verity supports the most thorough and sophisticated post-election auditing to provide complete transparency into the accuracy of election results.
Election security requires more than using modern technology with the latest protocols. It also requires properly trained election staff using well-defined processes. Hart assists our customers in conducting secure elections by providing thorough training on all aspects of the system and by sharing best practices for procedures such as managing and documenting equipment chain-of-custody and using and logging physical security seals.
We also provide instructions and training in conducting tests to validate our customers’ voting systems are operating properly throughout the ownership lifecycle. Tests include user acceptance testing, logic and accuracy testing prior to each election to ensure the system performs as required, and post-election audits to assure stakeholders that results are accurate. Hart stays in constant contact with our customers to ensure we are sharing the latest intelligence and best practices regarding election security.
Finally, Hart is actively engaged in multiple broad efforts at analyzing and improving election security in the U.S. We meet regularly on these topics with the EAC, the National Academies of Science, Engineering and Medicine (NASEM), the Joint Election Officials Liaison Committee (JEOLC) of the Election Center, the National Association of Secretaries of State (NASS), and the National Association of State Election Directors (NASED). Hart is a founding member of the new Department of Homeland Security (DHS) Sector Coordinating Council which partners with its sister organization the DHS Government Coordinating Council to identify potential security risks and implement the measures to eliminate those risks.
We appreciate your questions and the opportunity to provide this information. We are committed to continuing to do our part to protect the integrity of the election process.
President and Chief Executive Officer