Home Election Security Tools & ResourcesRABET-V

RABET-V

The Rapid Architecture-Based Election Technology Verification (RABET-V^TM) program is a rapid, reliable, and cost-effective approach to verifying non-voting election systems.

RABET-V is designed to introduce testing standards by which election offices can better understand the security, reliability, and risks associated with the technology used for non-voting systems like electronic pollbooks and election night reporting systems.

Addressing the Verification Problem

There is no standard, national-level process for verifying that non-voting election technology is secure, reliable, accessible, and usable. This puts elections jurisdictions at risk, burdens vendors with extra costs, and risks inconsistent and insecure outcomes.

Offering a Trusted Solution

RABET-V is a flexible, rapid, and cost-effective process for verifying vendor-provided and homegrown non-voting election technology. RABET-V assesses a product and the organization responsible for developing it by scoring its development process, architecture, and the product's performance to form a more complete picture of non-voting election technology.

For more details, please see our technical documentation.

Comprehensive view: Conducts a holistic assessment of the technology producer’s development processes, the product’s architectures, and the product's performance.
Actionable results: Provides reports on the assessments that support continual improvement and more clarity in procurements.
Scalability potential: Uses the results from previous assessments and information about product changes to scale the level of testing for future versions.

The Value of RABET-V

Rigorous methodology: A thorough approach to testing non-voting equipment.
Rapidly retest for risks: A risk-based way to rapidly retest products after changes.
Practical assurance: A cost-effective solution for ensuring verified products, and the most up-to-date versions of those products, are deployed in election environments.
No cost to election offices: Election offices can request reports directly from vendors as part of procurement and review processes.
Efficient process: Lowers overall costs to vendors and election offices by removing redundancy across states and streamlining testing.
Confidential scoring: Technology providers receive reports with scores and detailed recommendations for improvement, and can choose how and when to share this information.

About RABET-V

Addressing the Verification Problem

There is no standard, national-level process for verifying that non-voting election technology is secure, reliable, accessible, and usable. This puts elections jurisdictions at risk, burdens vendors with extra costs, and risks inconsistent and insecure outcomes.

Offering a Trusted Solution

RABET-V is a flexible, rapid, and cost-effective process for verifying vendor-provided and homegrown non-voting election technology. RABET-V assesses a product and the organization responsible for developing it by scoring its development process, architecture, and the product's performance to form a more complete picture of non-voting election technology.

For more details, please see our technical documentation.

Comprehensive view: Conducts a holistic assessment of the technology producer’s development processes, the product’s architectures, and the product's performance.
Actionable results: Provides reports on the assessments that support continual improvement and more clarity in procurements.
Scalability potential: Uses the results from previous assessments and information about product changes to scale the level of testing for future versions.

The Value of RABET-V

Rigorous methodology: A thorough approach to testing non-voting equipment.
Rapidly retest for risks: A risk-based way to rapidly retest products after changes.
Practical assurance: A cost-effective solution for ensuring verified products, and the most up-to-date versions of those products, are deployed in election environments.
No cost to election offices: Election offices can request reports directly from vendors as part of procurement and review processes.
Efficient process: Lowers overall costs to vendors and election offices by removing redundancy across states and streamlining testing.
Confidential scoring: Technology providers receive reports with scores and detailed recommendations for improvement, and can choose how and when to share this information.

Advantages Over Traditional Testing

Traditional Testing Approach	RABET-V Holistic Assessment
Struggles to keep pace with technology changes demanded by a continually changing threat environment.	Risk-based approach that is compatible with incremental changes.
Evaluates the product in isolation.	Evaluates the product in the context of the organization and the environment in which it is developed.
Accepts limited de minimis changes. Otherwise, requires full re-testing.	*Scales to accept a variety of change types, from de minimis* to full architecture changes.**
Incurs fixed costs on a regular basis for verification.	Can dramatically lower cost over time.
Saves little to no time with reverification.	Facilitates re-verification in as little as hours depending on the maturity scores and the risk of the change.
Incentivizes large, infrequent changes, reducing responsiveness to an evolving threat environment.	Incentivizes continual improvement and incremental changes by simplifying verification and rewarding security maturity.
Typically requires redundant testing as part of the tailoring process.	Uses modularity by design and a simple delta-based approach to help meet specific state or local requirements, including for homegrown systems.

What The Experts Are Saying

The evolution of the RABET-V project is a great example of what can be accomplished when government and the private sector work together for the benefit of us all.
Tammy Patrick, CEO for Programs, Election Center
I recommend the RABET-V program be expanded and applied for all election technology not already covered by the EAC testing and certification program. Having a second set of professional security testers looking at our product made ES&S and our ePollbook product stronger.
Chris Wlaschin, SVP and CISO, ES&S
A national standard for testing of non-voting technology is long overdue. Election officials need a way to conduct unbiased, standards-based assessments of these systems, whether they are built and managed by state resources or by a service provider. RABET-V is specifically designed and ready to take on this task.
Trevor Timmons, Former Chief Information Officer, Colorado Department of State

Additional Resources

A Better Way to Test and Verify Election Technology

Our two-page handout covers all the major distinctions of RABET-V and includes information on how you can help shape its future.

Learn More

How to Improve Election Technology Verification

This proposal lays out the intent to develop and conduct a RABET-V Pilot Program and evaluate the RABET-V process.

Read the Proposal

RABET-V Program Manual

This documentation covers the goal and scope of the RABET-V program. It also discusses the core three activities and explores the role of the RABET-V Administrator.

Read the Documentation

Assessor Accreditation

This document provides the process and requirements for attaining and maintaining status as an accredited assessor under the RABET-V program.

Read the Document

RABET-V Pilot 1 Summary

In the summary of our first pilot, we explain what a permanent operational program for RABET-V should look like, how it should be administered, and what it would take to run it.

Read the Report

RABET-V Final Pilot Summary

We provide an overview of the pilot process for RABET-V, including what lessons we learned and how we'll use them to make RABET-V a permanent fixture in the election community.

Read the Report