University of São Paulo: Electronic voting machine for the 2022 elections maintains all security protections

The 2020 model of the Electronic Ballot Box was tested by professors and researchers from the Polytechnic School of USP (Poli-USP), in an agreement signed by the Superior Electoral Court (TSE) with the University. The person responsible for the project is Professor Wilson Ruggiero, from Poli, who commented to Jornal da USP in Ar 1st Edition that, through the tests, “we can identify improvements that can contribute to improving the tested functionalities”.

The most recent model of the urn became available for testing after the last Public Security Test, the TPS, was completed in November 2021. In her case, the choice of points to be verified was based on the points of attention and those outside the specification or with recommendations of best security practices, to maintain “the secrecy and integrity of a voter’s votes”.

Relevant attacks
The professor justifies that the set of tests aimed to expose the polls to most of the relevant attacks that happened in past public security tests of the TSE. As the 2015 model was already being tested, the procedures considered more “relevant” were also incorporated in the verification of the 2020 ballot boxes. Both models will be used in this year’s elections, the difference is that the previous ballot box had already gone through the TPS process .

Ruggiero also adds that “we welcome suggestions from tests and USP partners in other institutions”, for the definition of a set of tests that “could be considered in such a way that it had passed not only the last TPS, but with all the others before it” .


testing methodology
There was, then, a survey of the histories of the systematic analyzes and of the strategies that the investigators used previously. A second criterion used was the identification of common strategies in the field for the security assessment of computer systems.

In a period of 45 days, tests were applied to verify the hardware and software of the electronic voting machines. In the meantime, it was also possible to have access to the source codes – the sequence of commands that are passed to the ballot box processors –, which made it possible to “dive deeper into electronic voting systems”.

The professor comments on the results obtained: “After applying this set of tests, no vulnerabilities or flaws were found. Five points of attention were located and 19 improvements were identified”. It is important to note that the issue of vulnerability involves problems that can affect the integrity or anonymity of votes.


After the analysis, in terms of security, “the source codes are in a good stage of maturity”, he adds. It was also found that the updated model has a processor “a little faster than previous models”, which makes the traditional functions of the voting system more agile.

“It can be concluded that the 2020 model electronic voting machine preserves all the protections existing in previous models of electronic voting machines that are equipped with security hardware”, concludes Ruggiero.