An Integrated Application of Security Testing Methodologies to e-voting Systems

Various technical bodies have devised methodologies to guide testers to the selection, design, and implementation of the most appropriate security testing procedures for various contexts. Their general applicability is obviously regarded as a necessary and positive feature, but its consequence is the need for a complex adaptation phase to the specific systems under test. In this work, we aim to devise a simplified, yet effective methodology tailored to suit the peculiar needs related to the security testing of e-voting systems. We pursue our goal by selecting, for each peculiar aspect of these systems, the best-fitting procedures found in the most widely adopted security testing methodologies, at the same time taking into account the specific constraints stemming from the evoting context to prune the excess of generality that comes with them.