Přihlásit | Registrovat
Univerzita Tomáše Bati ve Zlíně
System Design for Trustworthiness

System Design for Trustworthiness

Petr Šilhavý | 1. 12. 2013 0:00:00
Zařazení: Informatika|Vědecká stať|Číslo 2/2013

Petr Silhavy, Radek Silhavy and Zdenka Prokopova


In this contribution the principles of the trustworthiness and user trust are discussed. In this paper the trust and its issues, which are connected to the systems, which are available to public. The four significant factors of the trustworthiness in the system engineering are presented.


system design, trustworthiness, user trust


Discussing of the trustworthiness in the scope of the system engineering discipline takes key role in systems designing. If trustworthiness is discussed, we have to deal following system properties: reliability, safety and security. The issue of trustworthiness is connected to the level of the user acceptance [1] of the system. The word “system” stands for on-line systems, which are available for public use. It means systems, which are realized on basics of Internet network or similar communication systems.

The organization of this contribution is as follows. Chapter 2 describes a problem formulation. Chapter 3 describes the questions, which have to be solved or achieving trustworthiness of system. Finally Chapter 4 is a conclusion.

II. Problem formulation

In the socio-technical systems a human or humans which act as a users are taking important role. The system non-function requirements that are influencing the trustworthiness are safety, security and reliability. Those three basic aspects cannot be achieved by the technical design only [2]. The system architect has design the system with emphasis on process or procedural part of the system.

In the system engineering we usually follows basic recommendation about the system design which resulting in the reliable system. A reliable system does not equal to trustworthy system. The reliability refers to the system characteristics. It means, that users can use a system, which activity has no hazard state. The main task of this paper is to present the important characteristics, which take the key role in user’s final system evaluation. Furthermore success of the on-line system is dependent on users acceptance.

The electronic voting is an example of the socio-technical systems. Technologically, there is chance to achieve an appropriate level of the reliability [3] and trustworthiness. Users of such system – voters – have usually difficulties to trust e-voting systems. The reasons can be found in a fact of black-box design. In the following chapter we will try to offer a solution, which brings a better approach for system design.

III. Achieving a trust

The voting system, the electronic voting systems is the new approach. Users have no personal experience with using such system. According [4], [5] there is a difference between a trust and a confidence. If the users have no choice or not consider alternatives solutions, they have confidence to the system. In this chapter we deal with trust, because we expected, that users have choice vote by electronic voting or by well-know legacy paper ballot based system.

Firstly, users usually trust the system if they are familiar with it. Voters trust traditional voting concepts, because they are used to participate for many years. Breaking the barrier is possible by making the electronic voting optional for participation in the election. If the voters will have the opportunity to use – study the system, they will build trustworthiness.

The system complexity is reduced if the users are familiar with the system or with similar system.

People have to believe, that electronic voting is better than legacy version of the voting process. The user familiarity is based on the user interface design.

User makes mistakes. The user interface has to follow simple schema of the voting process and only limited number of the information have to be shown. The proper design of the voting system user interface is based on showing the appropriate amount of the information. The voting schema has to follow the traditional concepts of the elections.

The user satisfaction is rising if the system behaviour is predictable. The users build their model or presumptions. Therefore the predictability how the system will behave is significantly important for building system trustworthiness. The second fact, which is very closed to previous discussion, is a communication between the user and system. User have to be sure, that system will be able to inform users about its state or activity. Previous thoughts are resulting in interaction design and in the principle of consistency. Consistency is a prerequisite of the predictability. Users expect, that same command or similar command will cause similar behave of the system.

Users expect, that system will use an appropriate interaction styles. In this case we will discuss ability of confirmation messages and error messages. The ballot casting in the electronic voting is a serious task. Many of users will think about the system in that way. Therefore is useful to create deep analysis of interactions. In interaction design we deals not only with the steps of the voting schema, but also how the step should be achieved. The implantation of each step has to be non-destructive. Moreover with ability to make a back-step without data lost. The system should be communicative. It means, that each of steps will contain a confirmation message.

Secondly we will discuss a technological aspects and its impact to trustworthiness. As was shown in previous paragraphs, trust is more sociological than technological issue. This obvious fact is based [3] on the situation in which users make a certain type of the risk analysis. The mentioned analysis is subjective. Subjective analysis is usually based on user interface. The technical point deals with objective risk analysis. There is an issue, because users have to understand the system internal processes. It is impossible to for common user to understand a complex system internal processing.

In the scope of the voting system, they have been familiar with voting schema and number of non-trivial technologies. In [6], there can be found an analysis of reliable voting schema. The verification is based on mathematical approach and on empirical approach.

The key factors why users trust to the systems can be found in similarity. Users are used to trust to the similar systems. Many of the users are able to use an e-commerce system, electronic banking or electronic payments systems.

The similarity of systems is based on their core components. E-voting system and other e-processing system contains communication over the Internet, cryptography, and authentication. This fact should have a positive impact to building user trust.

Thirdly, the system architecture is important for building user trust. The typical electronic voting architecture can be found in [7]. The web-based approach is useful for electronic voting systems. This technology is based on a client-server. The client-server technology has advantages in the field of support and installation.

According [7] three separate parts are recognized in the system. Part A is used for casting votes and contains Voting Client Subsystem, Voting Application Subsystem and Voting Database Subsystem. Voting clients represent voting terminal in elections rooms, kiosk voting or voters own computers.

Voting Application Subsystem is represented by web-based application, which contains user interface for voters, voter validation services and communication interface for Ballot Database Subsystem.

There are two most significant tasks for BDS. Votes are cast there and default ballots are generated for individual voter. Votes are cast in encrypted form, which depends on cryptographic methodology adopted for the election. For the protection against manipulation with votes in BDS HASH algorithm is implemented. HASH value is calculated irregularly based on votes, which are cast. Default ballots are generated for individual voter with respect to the election district he belongs to.

Part B represents Backend Voting Subsystem and Tallying Database Subsystem. The part B is securely connects to BDS from part A. The BVS is used my electoral committee. The BDS is responsible for auditing elections by comparing HASH based on votes and stored HASH value. The BVS deals with decryption of votes, validating of them and storing in TDS. The TDS is used for storing votes in open form. Part B is realized as web-based application and relational database server. Final part – part C – is responsible for counting final Results of the election. Part C is realized as web-based application.

The system architecture has only limited influence on the system trustworthiness. But has significant impact on user trust. Users = voters response, that trusts in the electronic voting system is based on anonymity and auditability. Users need is to check, that their ballots is counted in proper way. In means the each successful electronic voting schema have to implement a mechanisms for such control system.

Finally the last important aspect is the marketing. This classical business case is mention because there is very close link between user trust and how the system is presented and descripted to the public – future users. We have disused already, that user trust in technological system is based on social or more precisely mental aspects. It means users only believes or not, that system is reliable and then they trust to the system. Therefore the role of marketing seems to be significantly important. We do not deal with manipulation but with methods, how the system is presented to the users. The users need to be able to use the system in advance. In public election, is also important if the local authorities have appropriate level of the credibility

IV. Conclusion

The idea of the research was to discuss a users trust and its issues, which are connected to the electronic voting system design. Trustworthiness can be defined as user relation to the system or software solution. Firstly, users are building their option and thoughts on the experiences with the system itself. Secondly, users attitude is based on experience with the similar systems. The similarity of systems is based on their core components. E-voting system and other e-processing system contains communication over the Internet, cryptography, and authentication. This fact should have a positive impact to building user trust.

The electronic voting system design has to reflect the situation in the concrete society. There is no silver bullet solution, which is applicable everywhere. The user interface of the system should reflect the tradition of the ballot design. The basic principles of the design should reflect the core electronic voting issues – privacy, security.

This research work is not limited to potential of the electronic voting. Therefore the results and ideas should be valid for e-processing system in general.

Further research is focused on the improvement of the electronic voting, particularly in security and privacy, which seem to be important for user trust. In addition, issues connected to the cohesion among voting technology, legal principles and public attitude should be under the investigation.


[1] R. J. Vidmar. (1992, August). On the use of atmospheric plasmas as electromagnetic reflectors. IEEE Trans. Plasma Sci. [Online]. 21(3). pp. 876—880. Available: http://www.halcyon.com/pub/journals/21ps03-vidmar [1] Balla, J. 2011, Dynamics of mounted automatic cannon on track vehicle. International Journal of Mathematical Models and Methods in Applied Sciences, Vol. 5, No. 1, page numbers (423-432), ISSN 1998-0140
[2] Ciulanescu, M. V. & Diaconu, A. (2009). Mobile Robot Control using the Bluetooth Technology, Annals of DAAAM for 2009 & Proceedings of the 20th International DAAAM Symposium, 25-28th November 2009, Vienna, Austria, ISSN 1726-9679, ISBN 978-3-901509-70-4, Katalinic, B. (Ed.), pp. 1115-1116, Published by DAAAM International Vienna, Vienna
[3] Ribu, K. (2001) Estimating Object-Oreinted Software Projects with Use Case. Unvirstiy in Oslo, Oslo.
[4] Silhavy R., Silhavy P. & Prokopova, Z. (2011). Clustered Requirements in System Engineering Project Estimation. Internatinal Journal of Mathematical models and Methods in Applied Sciences, Vol. 5, No. 1, (June 2011) page numbers (1052-1059), ISSN 1998-0140
[5] Quarda, H. 2011. Cognitive tasks behavior of intelligent autonomous mobile robots, International Journal of Mathematical Models and Methods in Applied Sciences, Vol. 5, No. 3, page numbers (610-619), ISSN 1998-0140
[6] Silhavy, R, Silhavy, P, Prokopova, Z. Systematic modeling process of system behavior. International Journal of Mathematical Models and Methods in Applied Sciences [online]. 2011, vol. 5, iss. 6, s. 1044-1051. [cit. 2012-10-08]. ISSN 1998-0140.
[7] ŠILHAVÝ, Radek. Improving Participating in Democracy by Distributed Voting Schema. Trilobit. Zlín: Fakulta aplikované informatiky, první, první, 1/2009. Dostupné z: http://www.trilobit.fai.utb.cz/improving-participating-in-democracy-by-distributed-voting-schema

Odborný vědecký časopis Trilobit | © 2009 - 2017 Fakulta aplikované informatiky UTB ve Zlíně | ISSN 1804-1795