Whether ROM or simple segregated code, there is always the black box existence of code, some code written by someone unseen.
Years ago, many many years ago in the 2000 presidential elections, there was a huge forum of discussions on this very same issue of electronic voting. The conclusion was and still is that one can never make hidden code 100% free of fraud and tampering.
The simple example used in those discussions was that a machine can be activated to a different subroutine by the casting of a deliberate nonsensical vote.
For example, someone that votes for both Barney Frank and George Bush and against same-sex marriage and who is pro-abortion but against illegal immigration, etc.
When such a nonsensical vote would be cast, a piece of code would detect the specific sequence of nonsense votes and activate a subroutine that would return 2 votes for a designated issue or candidate for every one genuine vote in opposition.
Check sums are easy to defeat if code is written to match a checksum result. Security of paper ballots is even easier to circumvent, as the article describes, there is no provision against stuffing the ballots after the fact and no security for them while they are in a public space..
The whole idea of having nontransparent code govern an election is dangerous. Nothing can make it completely secure.
If the source code and compiler are public, the code is placed on an easily-inspectable memory cartridge which can be hardware write-protected, and the code is run in an inspectable computer which is physically incapable of running code from any other source, where's the "black box" aspect?