Here are five questions I’d like answers to following the COMELEC (Commission on Elections) source code review that’s supposed to have started on October 1, 2015.
1) How are the Smartmatic vote counting machines built? What are the capabilities of the embedded processor? Does it run an embedded operating system, or is it running “bare metal” code?
2) Did COMELEC arrange that results of the source code review – importantly, findings of code defects that affect the integrity of system operation – get forwarded to the manufacturer for field software update?
3) Is there a way to verify that the version of firmware (loaded into processor flash memory) corresponds to the release version of the software being reviewed?
Another way to ask this question is this: Do the code audit teams have access to the compilers and firmware update tools used by the manufacturer, to install firmware binaries into the device? Note that if the VCMs are not field-reprogrammable, then the usefulness of findings of a code audit are extremely limited. If there are any serious defects and there is no way to update the firmware, then manual procedures need to be put in place to work around those defects.