Open Source is not sufficient for voting machines, and frankly I don't think software should be involved at all. How do we know the source code was compiled without a tool chain attack? How can we verify that the software running even is the source code involved? How can we verify there isn't some kind of IME like kernel running somewhere that does something nefarious? How we do know it wasn't tampered with?
Even if you remove networking from a machine the whole system is so fragile and there are very high stakes at play.
The same way you verify that manually counted votes haven't been miscounted, discarded or altered. You allow witnesses.
Independent examiners will be permitted to verify the source code is actually used as-built, that it has a signature attached and that every machine that is built has the signature checked.
Sure, it's not perfect but neither is manual counting (plenty of countries are proving that right now). The question is, I guess, does a software-based system provide notable advantages over manual counting other than cost and speed of a result?
Are you going to have experts examine the hardware of 1 million+ voting machines in the United States? And are all of those witnesses going to be infallible and trusted by the public?
Yes you would need to test them all, I assume there are school board elections and things like that with only one or a few machines. Not everything is the presidential election.
Even if you remove networking from a machine the whole system is so fragile and there are very high stakes at play.