MANILA — The source codes as well as the final trusted build (FTB) for the election management system (EMS), vote-counting machines (VCMs), and consolidation and canvassing system (CCS) for the May 9, 2022 elections have been brought to the Commission on Elections (Comelec) main office Wednesday.
The source codes and FTBs came all the way from Huntsville, Alabama where the final build was conducted by independent international certification entity Pro V&V and supervised and witnessed by a Philippine team led by Comelec commissioner Marlon Casquejo.
The source codes will be deposited at the Bangko Sentral ng Pilipinas (BSP), where these will be held in escrow, as mandated under the Automation Law.
Casquejo brought the codes and FTBs back to the Philippines.
The turnover to the Comelec project management office (PMO), headed by Exec. Dir. Bartolome Sinocruz, Jr., took place at the Diamond Hotel in Manila, where the local source code review was conducted and where Casquejo remains on quarantine.
“The FTB will be turned over to the technology group for the installation of the installers as well as configurations of our EMS, CCS, and VCM,” Casquejo said during Wednesday’s turnover which was livestreamed by the Comelec.
Source codes are human readable instructions for a machine to perform an operation or program.
Trusted build is performed by converting the human readable source code to executable machine code or machine-readable instructions, with adequate security measures so that the executable code is an authentic, faithful and verifiable representation of the source code.
WHAT TOOK PLACE
USB keys containing the source codes and FTBS were contained in sealed and signed plastic packets. The sealing and signing were done after the FTB activity in Alabama.
The packets were turned over by Casquejo to personnel in full PPE, who brought the packets to a donning and doffing room for disinfection.
The packets were then turned over to Sinocruz and Comelec Information and Technology department director Jeannie Flororita.
Both officials formally acknowledged and documented receipt of the packets.
The EMS, VCM and CCS source code USBs were placed by Sinocruz in a metal safety deposit box, which were also secured on the sides by plastic seals signed by him and witness Comelec spokesman James Jimenez.
The safety deposit box and FTB packets were then brought to the Comelec main office — also livestreamed on the Comelec Facebook page.
The safety deposit box containing the source codes were placed inside the ITD vault, in preparation for the turnover to the BSP.
“This deposit of the source code in escrow to the Bangko Sentral is necessary to ensure that there is a trusted copy, a copy that will not be open to tampering or any possible alteration by anyone precisely because it is in the vault of the BSP,” said Jimenez.
He stressed: “This is very important security and transparency measure.”
Jimenez said the source codes will be turned over to the BSP around January after they were informed it was "not ready" to receive the codes as of this time.
The FTBs, meantime, will be up for installation in the VCMs, CCS, and EMS.