Event logs

As hardware devices and software systems are used to perform election processes (casting votes, tallying elections, etc), they typically produce event logs to make a record of what is happening.  They are typically divided into two categories: system events and audit records. System events are operational actions performed by voting device components, such as shutting down the voting device, starting a service, usage information, client requests, and other information. Audit records contain security event information such as successful and failed authentication attempts, file accesses, and security policy changes.

The Voluntary Voting System Guidelines version 2.0 (VVSG) recommendation from the TGDC includes good coverage of System Event Logging. See section 5.7 of part 1 (part 1 page 5-159, aka page 235 of 598 of the whole file.

The IEEE's Voting Systems Sponsor Committee (VSSC) started working on a Standard for Event Logging Data Interchange Format in 2013.  See the P1622-3 Project Authorization Request (PAR) and related documents.

For some background, see David Wagner's Voting Systems Audit Log Study of ES&S, Hart, Premier, Sequoia and 2 California-specific systems.  It is a report commissioned by the California Secretary of State. June 1, 2010, available at  http://www.cs.berkeley.edu/~daw/papers/auditlog-ca10.pdf  and the brief summary in his 4-page TGDC slides

Various groups have been analyzing event logs from elections.  See e.g.
Some papers discuss techniques for improved reporting of election event logs, preserving privacy, etc.:
  • Arel Cordero and David Wagner. Replayable Voting Machine Audit Logs. In 2008 USENIX/ACCURATE Electronic Voting Technology Workshop (EVT’08), August 2008. HTML
  • Paul T. Cotton, Andrea L. Mascher, and Douglas W. Jones. Recommendations for voting system event log contents and semantics. In NIST Workshop on a Common Data Formats for Electronic Voting Systems, October 2009. .
  • Andrea L. Mascher, Paul T. Cotton, and Douglas W. Jones. Improving voting system event logs. In RE-Vote’09: First International Workshop on Requirements Engineering for E-voting Systems, August 2009.
  • Sean Peisert, Matt Bishop, and Alec Yasinsac. Vote selling, voter anonymity, and forensic logging of electronic voting machines. In 42nd Hawaii International Conference on System Sciences (HICSS), January 2009.
  • Daniel R. Sandler and Dan S. Wallach. Casting votes in the Auditorium. In Proceedings of the 2nd USENIX/ACCURATE Electronic Voting Technology Workshop (EVT ’07), Boston, MA, August 2007. (HTML)
Much work on data formats for event logging in general has also been done.  See e.g.:
  • EMAP: http://scap.nist.gov/emap/ - an emerging protocol within the NIST Security Automation Program wich will focus on standardizing the data models relating to event and audit management.
  • CEE: Common Event Expression - http://cee.mitre.org/documents.html - a framework to enable collaborative efforts in the creation of an open, practical, and industry-accepted event interoperability standard for electronic systems--