Why NOTHING of course!<
http://www.wheresthepaper.org/NYSTECtimelineVariances061102.pdf>Analysis of Changes to the Electronic Voting Machine
Implementation TimelineDuring late August and September 2006, SBOE worked with the selected Security Testing Vendor (CIBER) to firm up a schedule for creating security testing plans and security certification testing. Finalizing the scope of work for security testing required knowing how many machines would be tested and what machines would be tested, because individual test plans needed to be developed. SBOE continued to hold weekly status meetings to monitor the timeline and continually followed up with each voting machine vendor to request the necessary equipment, software, documentation, and funding for testing. Despite repeated phone calls, emails, and letters, not one voting machine vendor was able to send in a complete submission during August and September.
-snip-
Unanticipated delays in completing security test plans. In spite of the delay in deciding what machines would be tested, the prime security vendor, CIBER, began creating a draft security master test plan, which was scheduled to be completed by 9/14/06. It was completed on 9/15/06. An independent review of the draft by NYSTEC was scheduled to be completed by 9/26/06 and was actually finished on 9/28/06. The timeline assumption was that CIBER would include all required security regulations in its first draft so the independent review would not need to recommend substantial changes. This did not turn out to be the case. NYSTEC recommended a substantial number of security requirement additions to both the security master test plan and the overall master test plan (which covered both non-security and security test plans). The timeline assumption was three days for CIBER to make final revisions. CIBER actually completed the next security test plan revision on 10/9/06, taking 9 days.
NYSTEC did a second independent review of what was thought to be the final version of the security master test plan and noted that a large number of security requirements were still missing. During a conference call with SBOE, CIBER, and NYSTEC to discuss the situation on 10/11/06, it was decided that CIBER would travel to Albany the following week to work with NYSTEC for two solid days to resolve the document deficiencies. During these meetings, on 10/18 and 10/19, NYSTEC documented and discussed more than 200 security requirements that still needed to be added to the latest documents. CIBER estimated the changes would be completed by 10/24. The latest revision was received on 10/25 and is currently being reviewed by NYSTEC. The initial estimate for making final revisions to the master security test plan was three days. So far, it has taken 18 days (9/28 to 10/24), and NYSTEC is still checking to be sure that the latest revision includes all necessary security regulations. Also during the two-day meeting and subsequent discussions between CIBER and NYSTEC, a new timeline for security planning and testing was created.
Because of the delay in identifying what machines to test and the amount of time it actually took to finalize a master test plan, the ending date for security certification has now moved from the 12/12/06 estimate in the revised timeline (in September 2006) to February 2007.
-snip-
Which reminds me, has anyone noticed that there are NO FEDERAL ELECTIONS in 2007 yet? Hint: HAVA only applies to the federal ones.
Hmmmm...