modeling and analyzing faults to improve election process
play

Modeling and Analyzing Faults to Improve Election Process Robustness - PowerPoint PPT Presentation

Mar 23, 2024 •235 likes •443 views

Modeling and Analyzing Faults to Improve Election Process Robustness Borislava I. Simidchieva (UMass Amherst), Sophie J. Engle (UC Davis), Michael Clifford (UC Davis), EVT/WOTE 2010 Alicia Clay Jones (Booz Allen), Washington, D.C. Sean

  1. Modeling and Analyzing Faults to Improve Election Process Robustness Borislava I. Simidchieva (UMass Amherst), Sophie J. Engle (UC Davis), Michael Clifford (UC Davis), EVT/WOTE 2010 Alicia Clay Jones (Booz Allen), Washington, D.C. Sean Peisert (UC Davis, LBNL), August 9, 2010 Matt Bishop (UC Davis), Lori A. Clarke (UMass Amherst), and Leon J. Osterweil (UMass Amherst) MONDAY, AUGUST 9, 2010 • SLIDE 1

  2. Motivation • Elections are more than machines – A process • Problems arise in the process – Sometimes manifest as machine problems – Sometimes not . . . • Plans for known and anticipated problems – But unexpected problems still arise M ODELING AND A NALYZING F AULTS TO I MPROVE E LECTION P ROCESS R OBUSTNESS MONDAY, AUGUST 9, 2010 • SLIDE 2

  3. Example Problem • Election procedures for validating number of ballots – Count them at polling station – Count them at Election Central – A discrepancy: the two ballot counts are different, or the vote counts disagree with the ballot counts – What happened? M ODELING AND A NALYZING F AULTS TO I MPROVE E LECTION P ROCESS R OBUSTNESS MONDAY, AUGUST 9, 2010 • SLIDE 3

  4. Our Approach: Continuous Process Improvement • Create a precise, accurate model of the real- world election process • Use formal analysis methods to automatically identify potential problems in the model – Here, we focus on single points of failure (SPFs) • Modify process model to ameliorate problems – Verify the modification makes things better • Deploy improvements in real-world process • Repeat M ODELING AND A NALYZING F AULTS TO I MPROVE E LECTION P ROCESS R OBUSTNESS MONDAY, AUGUST 9, 2010 • SLIDE 4

  5. Election Process in Little-JIL • Graphical process definition language with formal semantics; process represented as a hierarchical decomposition of steps conduct election Vote ¡Count ¡Inconsistent ¡ ¡ Excep.on ¡ Precinct+ Precinct+ prepare ¡for ¡and ¡ ¡ pre-­‑polling ¡ ¡ conduct ¡elec.on ¡ ¡ count votes do recount ac.vi.es ¡ at ¡precinct ¡ M ODELING AND A NALYZING F AULTS TO I MPROVE E LECTION P ROCESS R OBUSTNESS MONDAY, AUGUST 9, 2010 • SLIDE 5

  6. Election Process in Little-JIL (2) count votes Precinct+ count ¡votes ¡from ¡ ¡ all ¡precincts ¡ perform ¡ ¡ add ¡vote ¡count ¡ ¡ ballot ¡count ¡ to ¡vote ¡total ¡ Vote ¡Count ¡ ¡ Inconsistent ¡Excep.on ¡ ? ¡ reconcilia.on ¡of ¡ handle ¡ confirm ¡ total ¡ballots ¡and ¡ perform ¡ ¡ ¡discrepancy ¡ ¡ scan votes tallies ¡match ¡ counted ¡ballots ¡ at ¡precinct ¡ random ¡audit ¡ can ¡throw ¡a ¡ can ¡throw ¡a ¡ Vote ¡Count ¡ ¡ Vote ¡Count ¡ ¡ Inconsistent ¡Excep.on ¡ Inconsistent ¡Excep.on ¡ perform ¡ ¡ random ¡audit ¡ rescan override ¡ so>ware ¡ scan votes M ODELING AND A NALYZING F AULTS TO I MPROVE E LECTION P ROCESS R OBUSTNESS MONDAY, AUGUST 9, 2010 • SLIDE 6

  7. Fault Tree Analysis (FTA) • Fault trees show how problems could arise – Like attack trees but intent is irrelevant • FTA can automatically generate fault trees from Little-JIL process model and a hazard • Single Points of Failure (SPFs) can be automatically identified from fault trees M ODELING AND A NALYZING F AULTS TO I MPROVE E LECTION P ROCESS R OBUSTNESS MONDAY, AUGUST 9, 2010 • SLIDE 7

  8. Fault Tree Generated from Model M ODELING AND A NALYZING F AULTS TO I MPROVE E LECTION P ROCESS R OBUSTNESS MONDAY, AUGUST 9, 2010 • SLIDE 8

  9. Cut Sets Computed from Fault Tree • Combination of events such that, if all events in the cut set occur, the hazard occurs – Minimal if removal of any event causes the resulting set not to be a cut set • Can be computed automatically from the fault tree M ODELING AND A NALYZING F AULTS TO I MPROVE E LECTION P ROCESS R OBUSTNESS MONDAY, AUGUST 9, 2010 • SLIDE 9

  10. Our Original Process Model MCSs • MCS #1 (SPF): Step scan votes produces wrong tallies � • MCS #2 (SPF): Step confirm tallies match produces wrong tallies � • Total 16 MCSs – 10 of size 2 or less M ODELING AND A NALYZING F AULTS TO I MPROVE E LECTION P ROCESS R OBUSTNESS MONDAY, AUGUST 9, 2010 • SLIDE 10

  11. Add Exception Declaration to Model count votes Precinct+ count ¡votes ¡from ¡ ¡ all ¡precincts ¡ perform ¡ ¡ add ¡vote ¡count ¡ ¡ ballot ¡count ¡ to ¡vote ¡total ¡ Vote ¡Count ¡ ¡ Inconsistent ¡Excep.on ¡ ? ¡ reconcilia.on ¡of ¡ handle ¡ confirm ¡ total ¡ballots ¡and ¡ perform ¡ ¡ ¡discrepancy ¡ ¡ scan votes tallies ¡match ¡ counted ¡ballots ¡ at ¡precinct ¡ random ¡audit ¡ can ¡throw ¡a ¡ can ¡throw ¡a ¡ can ¡throw ¡a ¡ Vote ¡Count ¡ ¡ Vote ¡Count ¡ ¡ Vote ¡Count ¡ ¡ Inconsistent ¡Excep.on ¡ Inconsistent ¡Excep.on ¡ Inconsistent ¡Excep.on ¡ perform ¡ ¡ random ¡audit ¡ rescan override ¡ so>ware ¡ scan votes M ODELING AND A NALYZING F AULTS TO I MPROVE E LECTION P ROCESS R OBUSTNESS MONDAY, AUGUST 9, 2010 • SLIDE 11

  12. And the Resulting Fault Tree M ODELING AND A NALYZING F AULTS TO I MPROVE E LECTION P ROCESS R OBUSTNESS MONDAY, AUGUST 9, 2010 • SLIDE 12

  13. Our Revised Process Model MCSs • MCS #1’: Step scan votes produces wrong tallies ; Vote Count Inconsistent Exception is NOT thrown by step confirm tallies match � • MCS #2’: Step confirm tallies match produces wrong tallies ; Vote Count Inconsistent Exception is NOT thrown by step confirm tallies match � • Total 16 MCSs (same as before) – Only 2 of size 2 or less (compared to 10 before), no SPFs M ODELING AND A NALYZING F AULTS TO I MPROVE E LECTION P ROCESS R OBUSTNESS MONDAY, AUGUST 9, 2010 • SLIDE 13

  14. General Thoughts • Yolo County, CA, election process modeled – Should work similarly for other jurisdictions • Using fault tree analysis seems effective – Automatic generation of fault trees a big plus! • One model covers many hazards M ODELING AND A NALYZING F AULTS TO I MPROVE E LECTION P ROCESS R OBUSTNESS MONDAY, AUGUST 9, 2010 • SLIDE 14

  15. Conclusion • Continuous Process Improvement can be successfully applied to elections • Defects in the model can guide improvements in the real-world process • Modifications can be evaluated in advance through formal analysis M ODELING AND A NALYZING F AULTS TO I MPROVE E LECTION P ROCESS R OBUSTNESS MONDAY, AUGUST 9, 2010 • SLIDE 15

  16. Future Work • Apply other forms of analysis such as Failure Mode and Effects Analysis (FMEA) • Apply to other jurisdictions’ processes • Derive requirements for components used in the process - specifically, e-voting components • Work with election officials to translate results into something they can use directly, i.e. without us! M ODELING AND A NALYZING F AULTS TO I MPROVE E LECTION P ROCESS R OBUSTNESS MONDAY, AUGUST 9, 2010 • SLIDE 16

  17. Related Work • Direct Recording Electronic (DRE) machines • Research: Compuware; UConn VoTeR Center; ACCURATE; Brennan Center for Justice; RABA; EVEREST; Caltech/MIT Voting Technology Project; Proebstel et al; Yasinsac et al • Statewide reports: CA, MD, OH, … • Verification of Elections • Mercuri & Neumann; Saltman • Requirements for elections • Mitrou; Lambrinoudakis et at M ODELING AND A NALYZING F AULTS TO I MPROVE E LECTION P ROCESS R OBUSTNESS MONDAY, AUGUST 9, 2010 • SLIDE 17

  18. Related Work (continued) • Election Process Modeling – Election Assessment Hearing; Raunak et al; Simidchieva et al; Curtis et al; Antonyan et al; Hall et al • Fault Tree Analysis – Helmer et al; Zhang et al; Rushdi, Ba-Rukab; Yee; Peisert et al; Nai Fovino et al M ODELING AND A NALYZING F AULTS TO I MPROVE E LECTION P ROCESS R OBUSTNESS MONDAY, AUGUST 9, 2010 • SLIDE 18

  19. Thanks! • Artifacts and full fault trees available at http://laser.cs.umass.edu/elections/ • Thanks to NSF for sponsoring work – Especially grant CCF-0905530; any opinions, etc. are ours, and may or may not be those of NSF • Thanks to Yolo County, CA election officials, especially Tom Stanionis and Freddie Oakley M ODELING AND A NALYZING F AULTS TO I MPROVE E LECTION P ROCESS R OBUSTNESS MONDAY, AUGUST 9, 2010 • SLIDE 19

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Analyzing and Modeling Process Balance for Sub- Threshold Circuit Design Joseph F. Ryan, Jiajing

Analyzing and Modeling Process Balance for Sub- Threshold Circuit Design Joseph F. Ryan, Jiajing

Analyzing and Modeling Process Balance for Sub- Threshold Circuit Design Joseph F. Ryan, Jiajing Wang, and Benton H. Calhoun The University of Virginia Department of Electrical Engineering Process Balance: Outline About Process Balance

424 views • 30 slides
Elections and Political Parties G. Elliott Morris Data Journalist DataCamp Analyzing Election

Elections and Political Parties G. Elliott Morris Data Journalist DataCamp Analyzing Election

DataCamp Analyzing Election and Polling Data in R ANALYZING ELECTION AND POLLING DATA IN R Elections and Political Parties G. Elliott Morris Data Journalist DataCamp Analyzing Election and Polling Data in R Measuring party support: the

441 views • 31 slides
Auditors Conference Election Security Legislative Discussion Last years bill 2647/6412 had

Auditors Conference Election Security Legislative Discussion Last years bill 2647/6412 had

Auditors Conference Election Security Legislative Discussion Last years bill 2647/6412 had several parts Improve signature witness information Reorganize and improve post-election audits Update the recount process Protect the

433 views • 18 slides
The 2016 US Presidential Election G. Elliott Morris Data Journalist DataCamp Analyzing

The 2016 US Presidential Election G. Elliott Morris Data Journalist DataCamp Analyzing

DataCamp Analyzing Election and Polling Data in R ANALYZING ELECTION AND POLLING DATA IN R The 2016 US Presidential Election G. Elliott Morris Data Journalist DataCamp Analyzing Election and Polling Data in R Understanding presidential

596 views • 37 slides
The House of Representatives in 2018 G. Elliott Morris Data Journalist DataCamp Analyzing

The House of Representatives in 2018 G. Elliott Morris Data Journalist DataCamp Analyzing

DataCamp Analyzing Election and Polling Data in R ANALYZING ELECTION AND POLLING DATA IN R The House of Representatives in 2018 G. Elliott Morris Data Journalist DataCamp Analyzing Election and Polling Data in R Political prediction as a

509 views • 28 slides
Modeling Microprocessor Faults on High-Level Decision Diagrams R. Ubar, J.Raik, A.Jutman,

Modeling Microprocessor Faults on High-Level Decision Diagrams R. Ubar, J.Raik, A.Jutman,

2nd Workshop on Dependable and Secure Nanocomputing Anchorage, June 27, 2008 Modeling Microprocessor Faults on High-Level Decision Diagrams R. Ubar, J.Raik, A.Jutman, M.Jenihhin Tallinn Technical University, Estonia M.Instenberg, H.-D.Wuttke

595 views • 32 slides
Does Mode Matter For Modeling Political Choice? Evidence From the 2005 British Election Study

Does Mode Matter For Modeling Political Choice? Evidence From the 2005 British Election Study

Does Mode Matter For Modeling Political Choice? Evidence From the 2005 British Election Study by Harold Clarke David Sanders Marianne Stewart Paul Whiteley Survey Modes For National Election Studies - Pros & Cons Traditional

641 views • 16 slides
PRESENTATION TO PULASKI COUNTY ELECTION COMMISSION ON THE PROCESS FOR SELECTING ELECTION

PRESENTATION TO PULASKI COUNTY ELECTION COMMISSION ON THE PROCESS FOR SELECTING ELECTION

PRESENTATION TO PULASKI COUNTY ELECTION COMMISSION ON THE PROCESS FOR SELECTING ELECTION OFFICIALS Presented by Shawn Camp Assistant Director of Elections, Pulaski County MISSION OF PULASKI COUNTY ELECTION COMMISSION The Pulaski County

459 views • 17 slides
Leader Election Chapter 3 Observations Election in the Ring Election in the Mesh Election in

Leader Election Chapter 3 Observations Election in the Ring Election in the Mesh Election in

Leader Election Chapter 3 Observations Election in the Ring Election in the Mesh Election in the Hypercube Election in an arbitrary graph - Leader Election = Breaking Symmetry Getting into the restricted world with Unique Initiator so

512 views • 35 slides
Ubiquitous faults T-79.4001 Seminar on Theoretical Computer Science Tero Pietilinen 4.4.2007

Ubiquitous faults T-79.4001 Seminar on Theoretical Computer Science Tero Pietilinen 4.4.2007

Nature of ubiquitous faults Communication Faults and Agreement Limits to Number of Ubiquitous Faults for Majority Unanimity in Spite of Ubiquitous Faults Ubiquitous faults T-79.4001 Seminar on Theoretical Computer Science Tero Pietilinen

685 views • 36 slides
W HAT A BOUT P AXOS ? Paxos tolerates a minority of processing failing by crashing . What

W HAT A BOUT P AXOS ? Paxos tolerates a minority of processing failing by crashing . What

B YZANTINE F AULT T OLERANCE Ellis Michael A H IERARCHY OF F AULT M ODELS No faults Crash faults Byzantine faults People who use tabs instead of spaces B YZANTINE F AULTS Also called "general" or "arbitrary" faults.

563 views • 31 slides
Benefits International Well organized and secure election process Appreciation of

Benefits International Well organized and secure election process Appreciation of

Benefits International Well organized and secure election process Appreciation of information flow and security regarding the handling of the election results Possible basis for similar solutions in other countries

257 views • 11 slides
Streamlining the inbound ballot process COVID-19 and Election Administration: Approaches for

Streamlining the inbound ballot process COVID-19 and Election Administration: Approaches for

Streamlining the inbound ballot process COVID-19 and Election Administration: Approaches for Election Officials June 18, 2020 Housekeeping Be gracious about work-from-home setups Restart Zoom if needed Slides and captioned

790 views • 50 slides
2020 Biennial Officer Election Results AFT Local 1828 Election Process On May 15, 2020 the

2020 Biennial Officer Election Results AFT Local 1828 Election Process On May 15, 2020 the

2020 Biennial Officer Election Results AFT Local 1828 Election Process On May 15, 2020 the membership ratified a temporary amendment to the AFT Local 1828 Constitution to allow for electronic balloting for the 2020 Biennial officer election

258 views • 12 slides
Facing Up to Faults Facing Up to Faults Facing Up to Faults (v.2.0.1) (v.2.0.1) (v.2.0.1)

Facing Up to Faults Facing Up to Faults Facing Up to Faults (v.2.0.1) (v.2.0.1) (v.2.0.1)

Facing Up to Faults Facing Up to Faults Facing Up to Faults (v.2.0.1) (v.2.0.1) (v.2.0.1) Brian Randell Brian Randell Brian Randell WADS-3, May 2004 1 The Menu The Menu The Menu On Dependability Concepts On Fault Assumptions

600 views • 20 slides
Agent-Based Modeling and Simulation Analyzing and Understanding ABMs Dr. Alejandro

Agent-Based Modeling and Simulation Analyzing and Understanding ABMs Dr. Alejandro

Agent-Based Modeling and Simulation Analyzing and Understanding ABMs Dr. Alejandro Guerra-Hernndez Universidad Veracruzana Centro de Investigacin en Inteligencia Artificial Sebastin Camacho No. 5, Xalapa, Ver., Mxico 91000

1.34k views • 61 slides
CONTENTS Introduction 1. Faut Tree Analysis method (FTA) 2. The main steps of fault tree 3.

CONTENTS Introduction 1. Faut Tree Analysis method (FTA) 2. The main steps of fault tree 3.

th 13 Annual System of Systems Engineering Conference Q UANTITATIVE AND Q UALITATIVE R ELIABILITY A SSESSMENT OF R EPARABLE E LECTRICAL P OWER S UPPLY S YSTEMS USING F AULT T REE A NALYSIS M ETHOD AND I MPORTANCE F ACTORS Authors: Dallal.

972 views • 28 slides
Dynamic Positioning System (DPS) Risk Analysis Using Probabilistic Risk Assessment (PRA) Eric

Dynamic Positioning System (DPS) Risk Analysis Using Probabilistic Risk Assessment (PRA) Eric

DYNAMIC POSITIONING CONFERENCE OCTOBER 911, 2017 TESTING/RISK Dynamic Positioning System (DPS) Risk Analysis Using Probabilistic Risk Assessment (PRA) Eric Thigpen, SAIC ; Michael A. Steward, Roger L. Boyer NASA; Pete Fougere, Consultant

796 views • 33 slides
Quantum Computing & Experience with D-Wave system Dr. Thierry Botter 12 April 2018 We are a

Quantum Computing & Experience with D-Wave system Dr. Thierry Botter 12 April 2018 We are a

Airbus perspective on Quantum Computing & Experience with D-Wave system Dr. Thierry Botter 12 April 2018 We are a worldwide leader in aeronautics, space and related services : We make it fly! Airbus by numbers (end of 2017) Airbus

404 views • 13 slides
The Role of NHDPlus as a Geospatial Framework for USGS SPARROW Modeling John Brakebill, USGS

The Role of NHDPlus as a Geospatial Framework for USGS SPARROW Modeling John Brakebill, USGS

The Role of NHDPlus as a Geospatial Framework for USGS SPARROW Modeling John Brakebill, USGS NAWQA Program September 24, 2015 1) SPARROW Background, Required Framework 2) Spatial Data Referencing Thanks : Greg Schwarz, Steve Preston, Craig

661 views • 26 slides
The Illusion of Method: Challenges of Model-Based Safety Assessment Oleg Lisagor Linling Sun

The Illusion of Method: Challenges of Model-Based Safety Assessment Oleg Lisagor Linling Sun

The Illusion of Method: Challenges of Model-Based Safety Assessment Oleg Lisagor Linling Sun Tim Kelly Overview Why do we trust safety assessment? Why do we trust FTA? Can we trust current MBSA techniques on the same basis? What do we need

196 views • 18 slides
Risk assessment methodologies of hydrogen applications in a socio-technological context Frank

Risk assessment methodologies of hydrogen applications in a socio-technological context Frank

Risk assessment methodologies of hydrogen applications in a socio-technological context Frank Markert Systems Analysis Department Ris National Laboratory Technical University of Denmark 2nd European Summer School on Hydrogen Safety Belfast,

1.56k views • 36 slides
Development of Level-2 PSA Software AIMS-L2 Sang Hoon HAN and Jaehyun Cho Korea Atomic Energy

Development of Level-2 PSA Software AIMS-L2 Sang Hoon HAN and Jaehyun Cho Korea Atomic Energy

Transactions of the Korean Nuclear Society Virtual Spring Meeting July 9-10, 2020 Development of Level-2 PSA Software AIMS-L2 Sang Hoon HAN and Jaehyun Cho Korea Atomic Energy Research Institute, 111, Daedeok-daero 989Beon-gil, Yuseong-gu,

553 views • 6 slides
The Confirmation for the Assumption of Full Seismic Correlation in multi-unit Seismic

The Confirmation for the Assumption of Full Seismic Correlation in multi-unit Seismic

Transactions of the Korean Nuclear Society Virtual Spring Meeting July 9-10, 2020 The Confirmation for the Assumption of Full Seismic Correlation in multi-unit Seismic Probabilistic Safety Assessment Geon Gyu Choi . a , Woo Sik Jung . a .

221 views • 4 slides

More recommend