Information Resources
Bingo / Raffles
Business Organizations
Charities & Fundraisers
Elections & Voting
Lobbyist
Notary Public
Rules and Regulations
UCC

Industry approved specifications for Electronics and Software

The following approved industry standards shall apply to voting systems certified for use in the State of Colorado pursuant to application as described in Secretary of State Rule 45.

Downloads

  • Common Criteria EAL-4
    All voting systems shall undergo a source code evaluation at Evaluation Assurance Level 4 (EAL-4) for security weaknesses as described in section 45.5.2.4.3.
  • FIPS 140-2
    All cryptography modules of voting system shall be certified to Federal Information Processing Standard (FIPS) 140-2 as described in section 45.5.2.6.1 (C)(VII).
  • FIPS 180
    All cryptography modules of voting system shall be validated to Federal Information Processing Standard (FIPS) 180 as described in section 45.5.2.6.1 (C)(VII).
  • MIL-HDBK-454 - Standard General Requirements for Electronic Equipment
    All electronic components shall be certified to meeting the MIL-HDBK-454 requirements for electronic equipment as described in section 45.5.2.3.19.
  • MIL-HDBK-454 Change Notice 1
  • MIL-HDBK-454 Revision A
  • OSSTMM 2.2
    The Open Source Security Testing Methodology Manual will be used for penetration tests as defined under section 45.5.2.4.3. 
  • RFC 1918
    All voting systems shall use no-routable IP addresses according to the Internet RFC 1918 Address Base as described in section 45.5.2.6.1 (b)(ii).


Voting Systems Databases shall be hardened to the following NSA guidelines as applicable in Section 45.5.2.6.1(c)


Voting Systems Operating Systems shall be hardened to the following NSA guidelines as applicable in Section 45.5.2.6.1(d)


Terms and Conditions