Election Cybersecurity Fall 2020
Strengthening election cybersecurity is essential for safeguarding democracy. Cybercriminals and nation-state actors are becoming more aggressive, even as campaigning and voting become increasingly reliant on vulnerable computers and networks.
This course will provide a deep examination of the past, present, and future of elections, informed by perspectives from computer security, tech policy, human factors, and more. We'll cover vulnerabilities and safeguards for election infrastructure; the rise of digital information warfare against political campaigns; legal and regulatory structures that impact election security at federal, state, and local levels; and efforts to change technology and policy to strengthen security. Our weekly discussions will be informed by current events surrounding the 2020 presidential election. See the schedule for details.
Election cybersecurity raises complex challenges at the intersection of computer science, law and public policy, politics, and international affairs. Students from across these disciplines are encouraged to join the course.
|Credit||4 credits. Approved as ULCS for CS majors, flex tech for EE and DS majors, and EECS elec. for CE majors. CSE graduate students may enroll under cross-listed section 598.16.|
|Prerequisites||EECS 388 or instructor permission. CS majors without EECS 388 may waitlist and will be admitted if space is available. Non-EECS students are encouraged to enroll without having taken 388; we will arrange for alternative assignments appropriate to your major.|
|Seminar||Mon. 1:30–4:30 via Zoom|
|Lab Section||Wed. 12:30–1:30 via Zoom|
|Communication||We'll use Piazza for announcements, discussion, and questions about assignments and other course material. For administrative issues, email email@example.com.|
We'll assign chapters from Broken Ballots: Will Your Vote Count?, Douglas W. Jones and Barbara Simons, Univ. of Chicago Press, 2012.
Additional readings will be posted on the course schedule.
We'll determine your course grade based on these components:
|Participation||10%||Attend class and make thoughtful intellectual contributions to our discussions.|
|Homework Assignments||35%||Occasional homework exercises that you will complete working alone.|
|Course Project||55%||A group-based research project on a technical or tech-policy topic related to election cybersecurity.|
Ethics, Law, and University Policies
Warning To defend a system you need to be able to think like an attacker, and that includes understanding techniques that can be used to compromise security. However, using those techniques in the real world may violate the law or the university’s rules, and it may be unethical. Under some circumstances, even probing for weaknesses may result in severe penalties, up to and including expulsion, civil fines, and jail time. Our class policy is that you must respect the privacy and property rights of others at all times and avoid attacking live election infrastructure, or else you will fail the course.
Acting lawfully and ethically is your responsibility. Carefully read the Computer Fraud and Abuse Act (CFAA), a federal statute that broadly criminalizes computer intrusion. This is one of several laws that govern “hacking.” It is your responsibility to understand what applicable law prohibits. If in doubt, we can refer you to an attorney.
Please review the university’s policy on Responsible Use of Information Resources for guidelines concerning proper use of information technology at U-M, as well as the Engineering Honor Code. As members of the university, you are required to abide by these policies.