Rigorous Digital Engineering: The Bedrock For Secure Mobile Voting
How we’re ensuring mobile voting is secure and can scale, using the same software development approach used for critical national security projects
Ever since our work on mobile voting began, the top question we’ve been asked is how to make it secure. Most people like the idea of being able to vote on their phones but obviously they want a system that is safe.
Five years ago, we decided to build our own mobile voting system. We brought on the experts from Free & Fair to develop an end-to-end verifiable system that will power mobile voting in elections, secure it from hackers, and allow voters to confirm that their ballots have been accurately cast.1 Five years and ten million dollars later, we’re just about done.
This week, the Free & Fair team released a new article that not only details how their system works, but explains how the very approach they took to developing the code for it provides assurance that it is secure: Rigorous Digital Engineering: Building Systems We Can Trust.
It’s wonky, so I’m going to share a few high level takeaways. But please dive into the article if you can.
Rigorous digital engineering (RDE) is a new approach to software development. It’s designed for systems where failure — whether in medicine, aviation, or an election — isn’t an option. It’s required by the federal government for products related to national security. It replaces other loosely specified development processes with mathematically precise models and proofs that ensure systems behave exactly as intended.
RDE is the exact approach our expert team used in developing our own mobile voting software. It weaves threat modeling, cryptography, and verification into every layer of design. It is what will make mobile voting secure and verifiable. And because our code is open source and on Github, any other expert can take a look at the code themself and confirm the rigor and security of what we have developed.
And importantly for the future, RDE is the bedrock of what allows mobile voting to securely scale, and our new software development kit is being posted to Github — code that will be free for governments or vendors to use.
In the lead up to that, we are in active conversations with election officials across the country who are eager to benefit from the efficiency, accessibility, and security of mobile voting and want to work with us and vendors to bring it to their voters.
Making mobile voting a reality hasn’t been easy. But something as critical as the way we vote shouldn’t be easy. It needs to meet the same federal standards required for national security projects. It needs to be secure, trustworthy, and rigorous. That’s exactly what the new article details, and that’s exactly what will guide us on the exciting road ahead. Thanks for taking a look.
Free & Fair was a clear choice as they are leading experts in developing and auditing election technology and other critical infrastructure projects nationwide. The team also made the most sense since it includes Dr. Joe Kiniry and Dr. Dan Zimmerman, the lead authors of the US Vote Foundation’s Future of Voting report that in 2015 laid out the steps for the US to implement mobile voting. Shpat Morina is also an author on the new article.
I like free and fair elections. Big fan! But I've been working in national security tech for a long time, and I've never heard of RDE, or any other software development methodology that is "required by the federal government for products related to national security," for that matter. There's a lot about this post that doesn't add up. I think readers should be immediately and forever skeptical of any claims that online voting's cyber threats have been conquered.