The apparent failure of the software designed to report votes in the Iowa Democratic caucuses is the kind of scenario that keeps software developers up at night: A new application goes live, but it just doesn’t work.
Party officials in Iowa on Tuesday were trying to figure out why the system used by election officials could not deliver complete results Monday night. The confusion illustrates the risks inherent in launching an app.
“Until you deploy something in the actual situation, there’s always the possibility that no matter how the designers tested it, there could be something that they didn’t anticipate that creates a problem,” said Stephen S. Intille, a professor at Northeastern University who teaches about human-computer interactions.
That’s why computer science has entire disciplines focused on testing for usability, functionality, and security. And based on the information made public so far, many observers say they doubt Iowa Democratic party officials did enough to ensure their technology would work.
Doron Reuveni, chief executive of Applause, a Framingham company that specializes in user testing for applications, suspects the launch was put on the fast track to have it ready in time for the caucuses. “They had a plan to test, that would be my guess, because everybody does," Reuveni said, "and they probably rushed to release it . . . and someone decided to cut corners on the testing.”
Iowa Democratic party officials worked with a company called Shadow Inc. to create an application for reporting results directly to the state party. But party officials said the results received through the app were not complete, so it is collecting paper records from more than 1,600 caucus sites to ensure that its tallies are accurate.
The app was was put together over two months, The New York Times reported, citing people briefed by the state party. Some said the app had not been properly tested on a statewide scale. One person told the Times there were concerns the app would malfunction in areas with poor online connectivity, or because of high bandwidth use, such as when many people tried to use it at the same time.
The Washington Post reported that a breakdown in reporting on the app was among the scenarios used in a role-play exercise in Des Moines last fall by the Defending Digital Democracy Project at Harvard’s Belfer Center for Science and International Affairs.
Iowa’s geography and the complexity of the caucuses probably made the software more difficult to test, with precincts spread across hundreds of miles — each with dozens of voters.
That could have made some quality-control measures — such as rolling out the software to one group to see how it works on a smaller scale before making it widely available — more difficult. But Reuveni and others said the software could easily have been tested with users on various kinds of devices, on different networks, and in a variety of situations to ensure it functioned properly.
He said software developers must “test in the wild, in environments and configurations that are close to where the app needs to really work and function . . . on real devices that simulate the real-life scenarios.”
At a time when trust in public institutions is low, the failure to ensure the app worked properly could have serious implications, observers say.
“If the mistake was simple, the consequences are disastrous, because they go to confidence — the reliability of our democratic processes,” said Juliette Kayyem, a former top official in the Obama administration’s Department of Homeland Security who teaches at Harvard’s Kennedy School of Government.
Kayyem said President Trump’s rhetoric about the potential for rigged elections and illegal voting only raises the stakes to ensure that voting infrastructure functions properly.
The inability of the software to carry out its basic purpose has many people wondering what else its developers did not catch. Though the state Democratic party said there are no indications that Monday’s problems were caused by a cyberattack, questions have been raised about the software’s security.
“Maybe it wasn’t the case in this particular incident, but you’re starting to think, how easy will it be to impact these primary elections processes — maybe even other state and local election processes that rely on similar systems with similar low levels of assurances,” said Israel Barak, chief information security officer at the Boston cybersecurity firm Cybereason.
Barak said he hopes what happened Monday will sound an alarm about the integrity of such systems. While security for the general election has become a top national concern since Russia’s interference in the 2016 presidential vote, Barak said he’d like to see the same level of vigilance applied to primaries.
“We need to treat the security of the election process, from top to bottom, as the security of a critical infrastructure,” he said. “Without a secure and assured election process top to bottom, that is very likely a direct impact on the ability of our society and economy to function.”
Martin Finucane of the Globe staff contributed to this report. Material from the Associated Press was also used in the article.