| Recurring |
one_organization, multiple_organization |
(a) The software failure incident related to the 2016 election in North Carolina involved the company VR Systems, which provided the electronic poll books that experienced issues during the voting process. VR Systems had been penetrated by Russian hackers months before the election, raising concerns about the integrity of the software used in the election [62214].
(b) The incident in North Carolina was not isolated, as it was mentioned that hackers breached at least two other providers of critical election services well ahead of the 2016 voting. However, the names of these companies were not disclosed. This indicates that similar incidents of software breaches or failures occurred at multiple organizations providing election services [62214]. |
| Phase (Design/Operation) |
design, operation |
(a) The software failure incident related to the design phase can be seen in the case of the electronic poll books used in North Carolina during the election. The problems with the electronic poll books, provided by VR Systems, were attributed to factors such as human error, software malfunctions, and potential cyberattacks [62214]. The incident highlighted vulnerabilities in the design and development of the electronic poll book software, especially considering that VR Systems had been penetrated by Russian hackers months before the election. The lack of thorough digital forensic investigation and the failure to address security concerns in the back-end election systems point to design-related issues in ensuring the integrity and security of the voting process.
(b) The software failure incident related to the operation phase is evident in the disruptions faced by voters in Durham County on Election Day. Voters were incorrectly told they had cast ballots days earlier, turned away at the polls, and faced delays due to problems with the e-poll books [62214]. These operational failures, which led to confusion, delays, and disenfranchisement of voters, were a result of issues in the operation and use of the electronic poll books. The rejection of assistance from cybersecurity experts and federal agencies, as well as the decision to revert to paper rolls on Election Day, further exacerbated the operational challenges faced during the election. |
| Boundary (Internal/External) |
within_system, outside_system |
(a) The software failure incident reported in the articles is primarily within the system. The incident involved issues with electronic poll books (e-poll books) used for voter check-in at polling places in North Carolina. The problems included voters being incorrectly told they were ineligible to vote, turned away at the polls, sent to different polling places, and even incorrectly informed that they had already cast ballots [62214].
(b) However, the incident also had contributing factors originating from outside the system. Specifically, the software provider for Durham County's e-poll books, VR Systems, had been penetrated by Russian hackers months before the election. There were concerns about potential cyberattacks or tampering, although no clear-cut evidence of digital sabotage emerged [62214]. |
| Nature (Human/Non-human) |
non-human_actions, human_actions |
(a) The software failure incident occurring due to non-human actions:
The incident in North Carolina involving electronic poll books was suspected to be tampering or a cyberattack, possibly related to the company providing the software, VR Systems, being penetrated by Russian hackers [62214]. The disruptions in the election process raised concerns about the security of the back-end election systems, including voter-registration operations and state and local election databases, which were targeted by Russian hackers [62214]. The hacking of electoral systems, including e-poll books, was more extensive than previously disclosed, with hackers breaching multiple providers of critical election services ahead of the 2016 voting [62214].
(b) The software failure incident occurring due to human actions:
Local officials attributed some of the problems in the election process to human error and software malfunctions [62214]. Despite the suspicions of tampering or cyberattacks, there was no clear-cut evidence of digital sabotage or a Russian role in the disruptions that occurred during the election in North Carolina and other states [62214]. Additionally, the challenges in diagnosing the incident were acknowledged, with experts highlighting the need for thorough forensic investigations to determine the cause of the failures [62214]. |
| Dimension (Hardware/Software) |
hardware, software |
(a) The software failure incident related to hardware:
- The incident involved electronic poll books (e-poll books) which are tablets and laptops loaded with check-in software [62214].
- The e-poll book vendor, VR Systems, was targeted by Russian hackers who breached the company's computer systems [62214].
- Russian hackers sent spear-phishing emails from a fake VR Systems account to election jurisdictions, attempting to take over their computers [62214].
- The National Security Agency (NSA) report indicated that Russian hackers had penetrated VR Systems' computer systems and targeted state and local election jurisdictions [62214].
- Russian hackers focused on internet-accessible targets like election websites, e-poll book vendors, and other back-end election services [62214].
(b) The software failure incident related to software:
- The incident involved problems with the e-poll book software used in Durham County, North Carolina, supplied by VR Systems [62214].
- The software malfunction led to voters being incorrectly told they had cast ballots days earlier, turning away eligible voters, and causing disruptions at polling places [62214].
- The software failure was suspected to be tampering or a cyberattack, although no clear-cut evidence of digital sabotage emerged [62214].
- The software failure raised questions about the auditing of e-poll books and the security of small election vendors [62214].
- The incident highlighted the need for improved defense against hackers targeting election systems [62214]. |
| Objective (Malicious/Non-malicious) |
malicious, non-malicious |
(a) The software failure incident in North Carolina involving the electronic poll books was suspected to potentially be malicious in nature. The incident raised concerns about tampering or cyberattacks, especially considering that the company providing the software, VR Systems, had been penetrated by Russian hackers months before the election [62214].
(b) On the other hand, the software failure incident was also attributed to non-malicious factors such as human error and software malfunctions by local officials. There was no clear-cut evidence of digital sabotage or a Russian role in the disruptions that occurred during the election [62214]. |
| Intent (Poor/Accidental Decisions) |
poor_decisions, accidental_decisions |
(a) The intent of the software failure incident related to poor_decisions:
- The software failure incident in North Carolina involving the electronic poll books was partly attributed to poor decisions made by local officials and software malfunctions [62214].
- Despite prior knowledge of VR Systems being penetrated by Russian hackers, neither VR Systems nor local officials were warned before Election Day, indicating a lack of proactive measures and poor decisions in addressing potential cybersecurity threats [62214].
- Durham County rebuffed help from the Department of Homeland Security and a team of digital election-forensics experts who volunteered to conduct a free autopsy after the problems arose, showcasing a poor decision in not seeking external assistance to investigate the software failure incident [62214].
(b) The intent of the software failure incident related to accidental_decisions:
- The software failure incident in North Carolina was also attributed to accidental decisions, such as human error and software malfunctions, as stated by local officials [62214].
- The report produced on the county's election problems did not include malware analysis or checks to see if the e-poll book software was altered, indicating accidental decisions in the investigation process that led to more questions than answers [62214].
- Some incidents reported in North Carolina were mentioned to occur in every election, suggesting that not all issues were intentional, but rather a result of accidental decisions or random problems with computer systems [62214]. |
| Capability (Incompetence/Accidental) |
development_incompetence |
(a) The software failure incident in North Carolina involving electronic poll books was attributed to various factors, including human error and software malfunctions. The company that provided the software, VR Systems, had been penetrated by Russian hackers months before the election, raising concerns about tampering or cyberattacks. Despite the disruptions and concerns about election security, little digital forensic investigation was conducted to assess the impact on voting in multiple states targeted by Russian hackers [62214].
(b) The incident raised questions about whether the problems were accidental, random issues typical of computer systems, the work of a local hacker, or actual malfeasance by a sovereign nation-state. The lack of comprehensive forensic investigation and research hindered the ability to determine the exact cause of the software failures and disruptions experienced during the election [62214]. |
| Duration |
permanent, temporary |
The software failure incident described in the articles can be categorized as both permanent and temporary:
(a) Permanent: The incident involved a permanent failure in the sense that the software vulnerabilities and breaches by Russian hackers had lasting consequences on the election systems. The breach of election systems, including voter-registration operations, state and local election databases, and e-poll books, was a significant and ongoing issue that raised concerns about the integrity of the election process [62214].
(b) Temporary: On the other hand, the incident also had temporary aspects, as the disruptions and problems experienced on Election Day were specific to that day and were not ongoing in nature. The issues with the electronic poll books causing delays, confusion, and voter disenfranchisement were temporary in the sense that they occurred on a specific day and were not continuous [62214]. |
| Behaviour |
omission, value, other |
(a) crash: The incident in the article does not specifically mention a system crash where the system loses state and does not perform any of its intended functions.
(b) omission: The software failure incident in the article can be related to omission as it caused voters to be turned away at the polls, sent from one polling place to another only to be rejected, and incorrectly told they had cast ballots days earlier. This omission led to disruptions and delays in the voting process [62214].
(c) timing: The software failure incident in the article does not specifically mention a timing issue where the system performed its intended functions but too late or too early.
(d) value: The software failure incident in the article can be related to a value failure as voters were incorrectly told they had cast ballots days earlier, which is an incorrect performance of the system's intended function [62214].
(e) byzantine: The software failure incident in the article does not specifically mention a byzantine behavior where the system behaves erroneously with inconsistent responses and interactions.
(f) other: The software failure incident in the article can be categorized as an "other" behavior as it involved disruptions in the voting process, incorrect information provided to voters, and potential cyberattack suspicions, which may not fit directly into the defined categories of failure behaviors [62214]. |