Election Cybersecurity Fall 2020

Strengthening election cybersecurity is essential for safeguarding democracy. Cybercriminals and nation-state actors are becoming more aggressive, even as campaigning and voting become increasingly reliant on vulnerable computers and networks.

This course will provide a deep examination of the past, present, and future of elections, informed by perspectives from computer security, tech policy, human factors, and more. We'll cover vulnerabilities and safeguards for election infrastructure; the rise of digital information warfare against political campaigns; legal and regulatory structures that impact election security at federal, state, and local levels; and efforts to change technology and policy to strengthen security. Our weekly discussions will be informed by current events surrounding the 2020 presidential election. See the schedule for details.

Election cybersecurity raises complex challenges at the intersection of computer science, law and public policy, politics, and international affairs. Students from across these disciplines are encouraged to join the course.

Professor
Credit 4 credits. Approved as ULCS for CS majors, flex tech for EE and DS majors, and EECS elec. for CE majors. CSE graduate students may enroll under cross-listed section 598.16.
Prerequisites EECS 388 or instructor permission. CS majors without EECS 388 may waitlist and will be admitted if space is available. Non-EECS students are encouraged to enroll without having taken 388; we will arrange for alternative assignments appropriate to your major.
Seminar Mon. 1:30–4:30 via Zoom
Lab Section Wed. 12:30–1:30 via Zoom
Communication We'll use Piazza for announcements, discussion, and questions about assignments and other course material. For administrative issues, email electionsec-staff@umich.edu.
Textbook We'll assign chapters from Broken Ballots: Will Your Vote Count?, Douglas W. Jones and Barbara Simons, Univ. of Chicago Press, 2012.
Additional readings will be posted on the course schedule.

Grading

We'll determine your course grade based on these components:

Participation 10% Attend class and make thoughtful intellectual contributions to our discussions.
Homework Assignments 35% Occasional homework exercises that you will complete working alone.
Course Project 55% A group-based research project on a technical or tech-policy topic related to election cybersecurity.

Ethics, Law, and University Policies

Warning To defend a system you need to be able to think like an attacker, and that includes understanding techniques that can be used to compromise security. However, using those techniques in the real world may violate the law or the university’s rules, and it may be unethical. Under some circumstances, even probing for weaknesses may result in severe penalties, up to and including expulsion, civil fines, and jail time. Our class policy is that you must respect the privacy and property rights of others at all times and avoid attacking live election infrastructure, or else you will fail the course.

Acting lawfully and ethically is your responsibility. Carefully read the Computer Fraud and Abuse Act (CFAA), a federal statute that broadly criminalizes computer intrusion. This is one of several laws that govern “hacking.” It is your responsibility to understand what applicable law prohibits. If in doubt, we can refer you to an attorney.

Please review the university’s policy on Responsible Use of Information Resources for guidelines concerning proper use of information technology at U-M, as well as the Engineering Honor Code. As members of the university, you are required to abide by these policies.