In a Request for Quote for IT Services (RFQ) released Wednesday, the SOS seeks a vendor to provide “electronic poll book test support services” and assist it in evaluating the Tenex Precinct Central 4.5.0 Electronic Poll Book system “for suitability and for use in California.” Among the takeaways:
• The SOS is familiar with Tenex Software Solutions. On May 22, 2018, Secretary of State Alex Padilla granted conditional approval to Version 4.0 of Tenex’s Electronic Poll Book System — warning no changes or modifications shall be made until SOS has been notified and has determined “the proposed change or modification does not impair” the system’s accuracy or efficiency “sufficient to require a re-examination and approval.”
Four state jurisdictions used the Tenex Electronic Poll Book System in California’s March 3 primary, the Secretary of State’s Office told Techwire via email. SOS needs testing support for “new system versions and/or updates to the system,” the office said.
Per the Precinct Central Pollbook 4.0, Tenex’s system was envisioned as migrating the paper voter check-in process to an electronic format, but has evolved into a monitoring platform that lets officials “track and react to issues in the field before they are magnified into larger problems.” Its system includes three core modules — Precinct Central Touchpad, Precinct Central Data Studio, and Precinct Central Console — and other integrated modules including Election Response and Live Results. The company has selected the Apple iPad to run Precinct Central, citing its level of security.
• Written questions on the RFQ are due by Tuesday. Responses to the RFQ, or quotes, are due by 4 p.m. April 21. The anticipated contract award date is May 1, and the agreement term is likely to be May 27 through May 24, 2022 — with an option for the state to extend the pact for up to one year. The contractor selected can subcontract any portion of the RFQ’s scope of work, but not more than 50 percent.
The contract’s estimated value is not specified, but the Secretary of State’s Office said its value will be “solely the responsibility of the respondents.” SOS doesn’t currently have a contract for services for the Tenex system, it said, but its most recent past contract for Tenex was valued at $68,544.
It’s unclear whether this contract could have an impact on the Nov. 3 general election. The Secretary of State’s Office said a test completion date is unknown, and testing can’t begin until a contract is in place and “all associate parties” agree on a test plan and an expected outcome.
• Several of the contractor’s specific tasks and responsibilities focus on vulnerability and security assessment, including conducting a source code review to evaluate the system’s security and integrity and identify security vulnerabilities that could be exploited; and a “Vulnerability Assessment” to tampering or errors that could lead to manipulation of fraudulent reporting, or alteration of voter registration data.
“The Contractor shall conduct the examination in a manner that will provide the California Secretary of State with a basis for evaluating the extent to which the source code meets applicable standards,” according to the RFQ.
• Among technical requirements, applicants must have at least five years’ experience doing source code review and analysis; and three years’ experience doing hardware, software and firmware testing for a government “entity, preferably specific to electronic poll book and/or tablet based computing testing at the state or federal level.”
Among milestones in the project’s timeline, the contractor selected must be prepared to begin within 10 days of the anticipated contract award date. The contractor must deliver a software test plan within 10 business days of SOS notification, provide weekly status reports, and deliver a security and telecommunications test plan within 10 days of SOS notification. The vendor will also be required to sign a non-disclosure agreement.
