Hart’s Verity Voting devices do not run on Windows 7. Recent press coverage on the operating systems of voting machines misidentified Verity’s actual operating system, Windows Embedded 7 (“WES7”). WES7 is a separate operating system from Windows 7 and has distinct features that make it ideal for a voting system.
WES7 is a customizable operating system that provides enhanced security. Hart’s implementation of WES7 employs “attack surface reduction,” a security technique that strips out extraneous components, leaving only the absolutely necessary ones. Verity therefore runs on only a small subset of the components of the standard Windows 7 used in devices like personal laptops. By reducing the number of components – especially high-risk components such as Internet Explorer – WES7 reduces the opportunity for attacks. Verity devices are never connected to the internet, so programs like Internet Explorer aren’t necessary.
Verity is further protected through a security best practice called “whitelisting” – rather than trying to block each new threat, Verity only allows pre-approved software. Any unauthorized programs or software are rejected, and the system is protected from any attempts of modification.
WES7 is not on the same lifecycle as Windows 7. As an operating system designed for use in embedded products, Microsoft has made WES7 available for longer than Windows 7. In fact, Microsoft will not “end-of-life” this product until 2024.
Looking Forward
Verity will transition to a minimized, embedded version of Windows 10 years prior to WES7’s projected end-of-life. The upgrade is planned to move through the federal certification process in 2020.
Hart continues to be an engaged partner to our customers, state and local election officials, sharing knowledge and best practices on how best to secure America’s elections. But we also recognize that our commitment must extend beyond just our direct customers to the citizens and voters of this country. To help protect their votes, we are active partners with the Department of Homeland Security (DHS), the Election Assistance Commission (EAC); and the IT-ISAC (Information Sharing & Analysis Center) and many others.
Hart is also partnering with Microsoft on ElectionGuard, an open-source software development kit and set of support tools that allow voting system vendors like Hart to implement End-to-End Verification (E2EV) within a voting system, enabling members of the public to verify that an election was counted accurately. Hart and Microsoft share a passion for improving and increasing ballot verifiability, election accessibility, auditability and security.
At Hart, protecting the integrity of elections is at the core of everything we do and ensuring the security and performance of our system is a responsibility we take very seriously.