Election Cybersecurity Fall 2024

Strengthening election cybersecurity is essential for safeguarding democracy. Cybercriminals and nation-state actors are becoming more aggressive, even as campaigning and voting become increasingly reliant on vulnerable computers and networks.

This course will provide a deep examination of the past, present, and future of election mechanics, informed by perspectives from computer security, tech policy, human factors, and more. We'll cover vulnerabilities and safeguards for election infrastructure; the rise of election security disinformation; legal and regulatory structures that impact election security at federal, state, and local levels; and efforts to change technology and policy to strengthen security. Our weekly discussions will be informed by current events surrounding the 2024 presidential election. See the schedule for details.

Election cybersecurity raises complex challenges at the intersection of computer science, law and public policy, politics, and international affairs. Students from across these disciplines are encouraged to join the course.

Credit 3 credits. Approved as expanded ULCS for CS majors, flex tech for EE and DS majors, and EECS elec. for CE majors.
Prerequisites EECS 388 or instructor permission. CS majors without EECS 388 may apply by contacting the instructor. Non-CS students are also encouraged to apply; we will arrange for alternative assignments appropriate to your background.
Seminar Mon. 1:30–4:30, 1005 EECS
Lecture slides will be posted on the day of each class.
Communication We'll use Piazza for announcements, discussion, and questions about assignments and other course material. For administrative issues, email electionsec-staff@umich.edu.
Readings I'll assign required reading for most weeks, which will be posted on Piazza. If you'd like an additional reference book, I recommend Broken Ballots: Will Your Vote Count?, Douglas W. Jones and Barbara Simons, Univ. of Chicago Press, 2012.


We'll determine your course grade based on these components:

Participation 10% Attend class and make thoughtful intellectual contributions to our discussions.
Homework Assignments 25% Occasional homework exercises that you will complete working alone.
Course Project 65% A group-based research project on a technical or tech-policy topic related to election cybersecurity.

Ethics, Law, and University Policies

Warning To defend a system you need to be able to think like an attacker, and that includes understanding techniques that can be used to compromise security. However, using those techniques in the real world may violate the law or the university’s rules, and it may be unethical. Under some circumstances, even probing for weaknesses may result in severe penalties, up to and including expulsion, civil fines, and jail time. Our class policy is that you must respect the privacy and property rights of others at all times and avoid attacking live election infrastructure, or else you will fail the course.

Acting lawfully and ethically is your responsibility. Carefully read the Computer Fraud and Abuse Act (CFAA), a federal statute that broadly criminalizes computer intrusion. This is one of several laws that govern “hacking.” It is your responsibility to understand what applicable law prohibits. If in doubt, we can refer you to an attorney.

Please review the university’s policy on Responsible Use of Information Resources for guidelines concerning proper use of information technology at U-M, as well as the Engineering Honor Code. As members of the university, you are required to abide by these policies.