The US Cybersecurity and Infrastructure Security Agency (CISA) and VotingWorks, a non-partisan, non-profit organization, have open-sourced today a tool for the post-election auditing process.
Developed by VotingWorks and named Arlo, the tool is available on GitHub.
It's a web-based app designed specifically for the US election process where votes are tallied electronically using software or special machines.
To safegurd the election process against hacked or faulty voting systems, the US government mandates that all counted votes go through a post-election audit to verify the results, in a process called a Risk-Limiting Audit (RLA).
Arlo is designed to automate this auditing process by automatically selecting random voter ballots for the RLA process, providing auditors with the information they need to find those ballots in storage, helping officials compare audited votes to tabulated votes, and providing monitoring & reporting capabilities so that election officials and public observers can follow the audit's progress and outcome.
"The tool supports numerous types of post-election audits across various types of voting systems including all major vendors," CISA said in a press release today.
CISA did not develop Arlo -- created by VotingWorks on its own -- but the agency has adopted the tool and is currently working on convincing state election officials to deploy it before next year's presidential election.
The agency said Arlo is already part of a pilot program to perform post-election audits, including in verifying the results of the US elections concluded earlier this month.
States where Arlo is currently tested as part of the pilot program include Pennsylvania, Michigan, Missouri, Virginia, Ohio, and Georgia.
"At a time when we know foreign actors are attempting to interfere and cast doubt on our democratic processes, it's incredibly important elections are secure, resilient, and transparent," said CISA Director Chris Krebs.
Earlier this year, Microsoft open-sourced ElectionGuard, an in-house developed software to run on voting machines. The OS maker hopes that voting machine vendors will eventually adopt ElectionGuard and use it to build their own (more secure) products.