A Risk Assessment Model for Voting Systems using Threat Trees and Monte Carlo Simulation

Abstract

There continues to be a requirement for better models, tools, and techniques for conducting risk assessment of voting systems. We propose a model of risk and a technique for risk assessment, which builds on threat trees and Monte Carlo simulation. The goal is to provide a means of facilitating informed decisions regarding voting system security standards through a rational and parsimonious quantification of intuition or estimation of risk. Such a means should support an evaluation of trade-offs, sensitivity analysis, cost-benefit analysis, and estimation of residual risk of current and proposed voting systems, technologies and controls.