Incident: Glitch in Georgia Voting Machines Software Update Causes Concerns

Published Date: 2020-10-07

Postmortem Analysis
Timeline 1. The software failure incident with the glitch in Georgia's voting machines and the subsequent software update happened in October 2020 as per Article 106522.
System 1. Dominion Voting Systems touchscreen voting machines 2. Software update for the Dominion Voting Systems touchscreen voting machines [106522]
Responsible Organization 1. Dominion Voting Systems 2. Pro V&V 3. State officials 4. U.S. Election Assistance Commission
Impacted Organization 1. Voters in Georgia [106522]
Software Causes 1. A bug in the touchscreen voting machines [106522] 2. Problem with the display for a high-profile U.S. Senate race due to certain circumstances [106522] 3. Multiple changes to the source code during the software update, increasing the likelihood of unintended side effects and opening the door for hackers [106522]
Non-software Causes 1. The problem with the display for a high-profile U.S. Senate race where not all candidates' names fit on a single screen was identified during preelection testing [106522]. 2. The issue of the display problem was raised by county election officials during an emergency teleconference on Sept. 28 [106522]. 3. Concerns were raised about the severity of the problem and the security of a last-minute fix by lawyers for the activists [106522]. 4. The process of updating the software required completely replacing the core of the Dominion software on every voting machine, which was considered risky from both a correctness and security standpoint [106522].
Impacts 1. The software failure incident led to a problem with the display for a high-profile U.S. Senate race where not all candidates' names fit on a single screen during preelection testing [106522]. 2. The incident caused concerns about the security and effectiveness of the last-minute software fix implemented to address the display issue [106522]. 3. Experts raised worries about unintended side effects and potential vulnerabilities to hackers due to multiple changes in the source code of the software update [106522]. 4. The incident required an emergency update process involving the complete replacement of the core Dominion software on every voting machine, which was deemed risky from both correctness and security standpoints [106522].
Preventions 1. Thorough and comprehensive testing of the software update before distribution to ensure all potential issues are identified and addressed [106522]. 2. Implementing a more robust and rigorous evaluation process for software changes, especially in critical systems like voting machines, to verify the effectiveness of solutions and minimize unintended side effects [106522]. 3. Following a standardized and approved process for making software changes in voting systems, including obtaining necessary approvals from relevant authorities like the U.S. Election Assistance Commission to maintain system integrity and compliance with regulations [106522].
Fixes 1. Conducting a thorough evaluation of the software fix by a third-party laboratory like Pro V&V [106522]. 2. Implementing changes to the source code to address the issue with the display for the U.S. Senate race [106522]. 3. Ensuring that the software update is properly reviewed and approved by the U.S. Election Assistance Commission to maintain certification [106522].
References 1. U.S. District Judge Amy Totenberg 2. State officials 3. Dominion Voting Systems 4. Pro V&V 5. Election integrity activists 6. County election officials 7. University of Michigan computer science professor J. Alex Halderman 8. U.S. Election Assistance Commission 9. Ben Hovland, commission chairman 10. Kevin Skoglund 11. Deputy Secretary of State Jordan Fuchs 12. Marilyn Marks

Software Taxonomy of Faults

Category Option Rationale
Recurring one_organization, multiple_organization (a) The software failure incident related to the glitch in Georgia's voting machines and the subsequent software update can be seen as a recurring issue within the same organization, Dominion Voting Systems. The incident highlighted concerns about the readiness and reliability of the voting machines, with activists arguing that the machines aren't prepared for use due to bugs and hasty software updates [106522]. (b) The software failure incident in Georgia's voting machines also raises broader concerns about the potential for similar issues at other organizations or with their products and services. The incident brought attention to the challenges of ensuring the accuracy and security of election infrastructure, indicating that such issues may not be unique to Georgia but could potentially affect other states or organizations using similar technology [106522].
Phase (Design/Operation) design, operation (a) The software failure incident in the article is related to the design phase. The incident occurred due to a bug in the touchscreen voting machines and a hasty software update that underscored the machines not being ready for use [106522]. The problem with the display for a high-profile U.S. Senate race was discovered during preelection testing, indicating issues introduced during the development phase of the system. Additionally, concerns were raised about the severity of the problem, the security of the last-minute fix, and the multiple changes to the source code, which could lead to unintended side effects and potential vulnerabilities for hackers. (b) The software failure incident is also related to the operation phase. The update containing the software change was distributed to county election officials with instructions to install it on their machines [106522]. This action falls under the operation phase of the system, where the implementation of the software change was carried out by the officials responsible for operating the voting machines.
Boundary (Internal/External) within_system, outside_system (a) within_system: - The software failure incident in Georgia's voting machines was primarily due to a bug in the touchscreen machines and a hasty software update, which were internal factors within the system [106522]. (b) outside_system: - The activists argued that the system places an unconstitutional burden on the right to vote because voters cannot be confident their votes are accurately counted, indicating concerns about external factors impacting the system [106522].
Nature (Human/Non-human) non-human_actions, human_actions (a) The software failure incident in Georgia's voting machines was primarily due to non-human actions, specifically a bug in the touchscreen machines and a hasty software update that led to a glitch in the display for a U.S. Senate race [106522]. (b) Human actions also played a role in the software failure incident as state officials made the decision to implement a software change close to the election, which was criticized by activists for being risky and insufficiently tested [106522].
Dimension (Hardware/Software) software (a) The software failure incident in the article is not attributed to hardware issues but rather to software issues. The incident involved a glitch in Georgia's voting machines, which led to a bug in the touchscreen machines and required a hasty software update to address the problem [106522]. The issue with the display for a U.S. Senate race was also identified as a software problem that could be addressed with a software change [106522]. (b) The software failure incident in the article is primarily attributed to contributing factors that originate in software. The glitch in Georgia's voting machines, the bug in the touchscreen machines, and the display issue for a U.S. Senate race were all related to software problems that required software updates to resolve [106522]. The concerns raised by experts about the software changes, unintended side effects, and security risks also point to software-related issues [106522].
Objective (Malicious/Non-malicious) non-malicious (a) The software failure incident in the article does not indicate any malicious intent behind the failure. It primarily focuses on concerns raised by voting integrity activists regarding the reliability and accuracy of the voting machines due to a glitch in the touchscreen machines and a hasty software update [106522]. The activists argue that the system places an unconstitutional burden on the right to vote because voters cannot be confident their votes are accurately counted. The concerns raised are related to the effectiveness of the software update, the security of the voting machines, and the potential risks associated with the changes made to the software [106522]. (b) The software failure incident in the article is categorized as non-malicious. The failure is attributed to a bug in the touchscreen machines and a problem with the display for a U.S. Senate race, which were identified during pre-election testing [106522]. State officials have described the issues as minor and have emphasized that the problems were quickly addressed through a software change [106522]. The concerns raised by the activists and experts focus on the effectiveness of the solution, the security implications of the changes made to the software, and the potential unintended side effects of the update [106522].
Intent (Poor/Accidental Decisions) poor_decisions, accidental_decisions (a) The software failure incident in the article can be attributed to poor decisions made in the process. The incident involved a glitch in Georgia's voting machines, which led to a hasty software update being installed to address the issue. The activists argued that the touchscreen voting machines were not ready for use and placed an unconstitutional burden on the right to vote due to concerns about accurate vote counting. The state officials defended the system, stating that significant improvements had been made to update and secure the election infrastructure [106522]. (b) The software failure incident can also be linked to accidental decisions or unintended consequences. The problem with the display for a high-profile U.S. Senate race was discovered during preelection testing, where not all candidates' names fit on a single screen under certain circumstances. State lawyers described this as a "very minor issue" that could be addressed with a software change, while activists raised concerns about the severity of the problem and the security of a last-minute fix [106522].
Capability (Incompetence/Accidental) development_incompetence, accidental (a) The software failure incident in Georgia's voting machines was related to a glitch in the touchscreen machines and a hasty software update, which were highlighted by voting integrity activists as signs that the machines were not ready for use [106522]. The activists argued that the system placed an unconstitutional burden on the right to vote due to concerns about the accuracy of vote counting. They raised issues about the severity of the problem, the security of the last-minute fix, and the potential unintended side effects of multiple changes to the source code [106522]. (b) The accidental aspect of the software failure incident can be seen in the discovery of a problem with the display for a high-profile U.S. Senate race during preelection testing. Under certain circumstances, not all of the candidates' names fit on a single screen, leading to concerns about the usability and functionality of the voting machines [106522]. Additionally, the emergency software change made to address this issue was considered risky both from a correctness and security standpoint, indicating that the introduction of this change was not planned but rather a response to an unforeseen problem [106522].
Duration temporary The software failure incident described in the article can be categorized as a temporary failure. The incident involved a glitch in Georgia's voting machines due to a bug in the touchscreen machines and a hasty software update. The problem was identified during preelection testing, specifically related to the display issue for a U.S. Senate race, and was quickly addressed with a software change [106522]. The incident was not described as a permanent failure but rather a specific issue that arose under certain circumstances and was remedied through a software update.
Behaviour value, other (a) crash: The software failure incident in the article is not described as a crash where the system loses state and does not perform any of its intended functions [106522]. (b) omission: The incident does not involve the system omitting to perform its intended functions at an instance(s) [106522]. (c) timing: The failure is not related to the system performing its intended functions correctly but too late or too early [106522]. (d) value: The software failure incident is related to the system performing its intended functions incorrectly, as there was a problem with the display for a high-profile U.S. Senate race where not all candidates' names fit on a single screen under certain circumstances [106522]. (e) byzantine: The incident does not involve the system behaving erroneously with inconsistent responses and interactions [106522]. (f) other: The behavior of the software failure incident in the article is related to a bug in the touchscreen voting machines and a hasty software update that underscored the machines not being ready for use, leading to concerns about the accuracy of vote counting and the effectiveness of the last-minute fix. Additionally, the incident involved multiple changes to the source code, raising concerns about unintended side effects and security risks [106522].

IoT System Layer

Layer Option Rationale
Perception embedded_software The software failure incident reported in the article does not directly point to a specific layer of the cyber physical system that failed. However, it does mention issues related to the software update and potential risks introduced by changes in the embedded software: 1. The incident involved a glitch in Georgia's voting machines that required a software update to address the problem [Article 106522]. 2. The software update was related to a problem with the display for a U.S. Senate race, indicating potential issues with the embedded software [Article 106522]. 3. Experts raised concerns about the security and effectiveness of the last-minute software fix, suggesting potential risks associated with changes in the embedded software [Article 106522]. 4. The process of updating the software required replacing the core of the Dominion software on every voting machine, highlighting the significance of changes in the embedded software [Article 106522]. 5. The experts mentioned the likelihood of unintended side effects and security risks due to multiple changes in the source code, which could be attributed to issues in the embedded software [Article 106522].
Communication unknown The software failure incident described in the article does not directly relate to the communication layer of the cyber-physical system. The focus of the incident is on a glitch in Georgia's voting machines, specifically related to a problem with the display for a U.S. Senate race where not all candidates' names fit on a single screen. The issue was identified during pre-election testing and was addressed with a software change, which was evaluated by a third-party laboratory. The concerns raised by experts and activists were more about the effectiveness of the solution, potential unintended side effects, and security risks associated with the software update process rather than issues at the communication layer of the system [106522].
Application TRUE The software failure incident described in Article 106522 was related to the application layer of the cyber physical system. The incident involved a glitch in Georgia's voting machines due to a bug in the touchscreen machines and a hasty software update. The bug in the touchscreen machines and the subsequent software update were contributing factors that led to the failure, as mentioned by the voting integrity activists who argued that the machines weren't ready for use [106522].

Other Details

Category Option Rationale
Consequence theoretical_consequence The consequence of the software failure incident discussed in the article is primarily related to potential consequences and theoretical concerns rather than actual observed consequences. The articles mention concerns about the accuracy of vote counting, potential security risks, and the impact of last-minute software changes on the voting machines. There is no specific mention of real observed consequences such as death, harm, basic needs being impacted, property loss, or delays caused by the software failure incident. The focus is more on the potential risks and implications of the software issues on the election process and security.
Domain government The failed system in the reported incident was related to the government industry. The software failure incident was specifically related to Georgia's voting machines, which were purchased by the state from Dominion Voting Systems for more than $100 million [106522]. The incident involved a glitch in the touchscreen voting machines, prompting a software update to address the issue before the upcoming general election. The activists challenging the election system argued that the machines were not ready for use due to the bug and the hasty software update [106522].

Sources

Back to List