The document at <http://gaming.state.nv.us/forms/frm141.pdf> shows what anyone designing a new gambling machine (e.g. video poker machine) has to do to get it certified in Nevada. Note per page 4, all source code for the game-specific parts of the machine must be submitted to the gaming commission along with enough framework for the commission to test it, and I'm told they actually examine it line by line (approval takes about six months). There are also specifications for the physical security of the machines.
After deployment, the audit department apparently does random spot checks, going into casinos and pulling out machines, making sure that the EPROM images actually running in them are the same as the images that were approved. Four or five other states apparently do similar examinations to certify equipment. The rest of the states then go along with what the main five or six gambling states decide.
It's bizarre that voting machine vendors squawk so much about getting their code audited, since they face the same issues as gambling machine vendors do (the purpose of the code review must be partly to make sure the machine isn't sneakily grabbing a few extra points of revenue), and the gambling machine vendors seem to tolerate the requirement.
There are also some federal standards about code certification for firmware running inside medical implants or in avionics. I'm trying to find out more about that. Voting machine code seems to have no standards at all.
