The Defense Advanced Research Program Agency (DARPA) announced in an Aug. 1 news release that it will test defensive hardware it is developing to secure voting ballot boxes at the DEF CON 2019 Hacking Conference later this month in Las Vegas.
DARPA’s System Security Integrated Through Hardware and Firmware (SSITH) program has worked on creating a “secure voting ballot box equipped with hardware defenses,” and is bringing the system to DEF CON to let attendees and hackers publicly assess it.
Although SSITH works on a variety of hardware security concepts and research, DARPA said it chose to pursue voting system security because it’s a system that provides “researchers with an accessible application that can be evaluated in an open forum.” DARPA added that election system security has also become a critical concern area for the security community and the nation as a whole.
“DARPA focuses on creating technologies to enhance national defense, and election system security falls within that remit,” SSITH Program Manager Dr. Linton Salmon said. “Eroding trust in the election process is a threat to the very fabric of our democracy,” he said.
Salmon said SSITH hopes to expand upon its voting security system and apply it to electronic systems more broadly, both in defense systems and commercial devices.
After DEF CON 2019, which will take place from Aug. 8 to 11, DARPA will take the voting system evaluation on a university tour to let more cybersecurity professionals and experts review and try to hack the system. DARPA plans to return to DEF CON in 2020 with a completed voting system with fixes based on findings from the agency’s evaluation efforts.
Salmon said, however, that the 2020 product will not by a deployable system for the 2020 election.
“While the 2020 demonstrator will provide a better representation of the full attack surface, the exercise will not result in a deployable voting system,” he said. “To aid in the advancement of secure election equipment as well as electronic systems more broadly, the hardware design approaches and techniques developed during the SSITH program will be made available to the community as open-source items.”