This project explores process composition tools as applied to elections, concentrating particularly on mail-in and Internet voting. This includes exploration of how to compose systems from pre-analyzed process components, how to analyze the vulnerability of these systems to attacks, and how to guarantee that important security properties are ensured for the resulting composed system. The underlying processes represent aspects of national and local elections, their composition produces an election process, and analysis of the composition gives insight into potential errors or attacks on the election. Elections are human-intensive processes, processes that directly involve humans in important decision-making and coordination activities, including their interactions with hardware and software components. Providing an approach for formally reasoning about human participation extends current security work. The project also breaks new ground by exploring process-based approaches for modeling and defending against attacks. The project works closely with government agencies at both the national and local levels to provide in-depth realistic evaluation of results. Election officials in the U.S. can directly employ the results of this work to make U.S. election processes more verifiably secure, simpler, and easier to change as new technologies, laws, and regulations are imposed. Moreover the technologies developed in this project can be used in most human-intensive processes that have critical security concerns.
EAGER: Collaborative: Process-Based Technology to Support Comparison and Evaluation of the Security of Elections