DETAILED ACTION
This action is in response to application titled “Firmware Verified Boot” filed 11/06/2018. Which is a continuation of 12/903,202 now patent 8,812,854, 14/330,908 now patent 9,483,647 and 15/335,101 now patent 10,127384
Claims 1-20 were received for consideration and are currently under consideration.

Notice of Pre-AIA  or AIA  Status
The present application is being examined under the pre-AIA  first to invent provisions. 

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 11/26/2018 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
s 1-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claim 1-31 of U.S. Patent No. 8,812,854. Although the claims at issue are not identical, they are not patentably distinct from each other because each and every element of the above independent claims 1, 14 and 19 of the present application is broader and therefore anticipated by the corresponding independent claim 1, 10, 19 and 23 of U.S. Patent No. 8,812,854.
16/182093 Claim 1
Patent 8,812,854 claim  1
A method for implementing a boot process on a computing device: 






A computer-implemented boot process for a computing system, the boot process comprising: 





prior to commencing the boot process, performing a first signature verification process on a first digital signature of a plurality of digital signatures included in firmware of the computing device; 

verifying, by a processor of the computing system, a first encrypted signature corresponding with a first portion of a read-write portion of firmware of the computing system using a first public-key and a first cryptographic hash algorithm, and halting the boot process if the verification of the first encrypted signature fails; 


verifying, by the processor, that a key-version of a second public-key is greater than or equal to a corresponding highest key-version observed by the computing system, and halting the boot process if the key-version of the second public-key is less than the highest key-version; 

in response to the first signature verification process determining that the first digital signature is valid, performing a second signature verification process on a firmware data portion digital signature of the plurality of digital signatures included in the firmware, the firmware data portion digital signature corresponding with a firmware data portion of the firmware that includes instructions for implementing the boot process; 

verifying, by the processor, a second encrypted signature corresponding with a second portion of the read-write portion of the firmware using the second public-key and a second cryptographic hash algorithm, and halting the boot process if the verification of the second encrypted signature fails; 

in response to the second signature verification process determining that the firmware data portion 





verifying, by the processor, a fourth encrypted signature corresponding with a first portion of an operating-system kernel using the second public-key and the second cryptographic hash algorithm, and halting the boot process if the verification of the fourth encrypted signature fails; and 


verifying, by the processor, a fifth signature corresponding with a second portion of the operating-system kernel using a third public-key and a third cryptographic hash algorithm, and halting the boot process if the verification of the fifth encrypted signature fails.

 
16/182093 Claim 14
Patent 8,812,854 claim  10
A firmware for implementation of boot process on a computing device, the firmware comprising: 



A computing system comprising one or more machine readable storage media having instructions stored thereon, the instructions, when executed by a processor of the computing system, cause the computing system to: 







a firmware data portion including instructions for implementing the boot process; 

a plurality of digital signatures including a first digital signature, a firmware data portion digital signature corresponding with the firmware data portion, and a kernel portion digital signature corresponding with the operating system kernel 

prior to commencing the boot process, performing a first signature verification process on the first digital signature; 




verify that a key-version of a second public-key is greater than or equal to a corresponding highest key-version observed by the computing system, and halt the boot process if the key-version of the second public-key is less than the highest key-version; 

in response to the second signature verification process determining that the firmware data portion digital signature is valid, executing one or more of the instructions for implementing the boot process; 

verify a second encrypted signature corresponding with a second portion of the read-write portion of the firmware using the second public-key and a second cryptographic hash algorithm, and halt the boot process if the verification of the second encrypted signature fails; 


verify a third encrypted signature corresponding with a third portion of the read-write portion of the firmware using the second public-key and the second cryptographic hash algorithm, and halt the boot process if the verification of the third encrypted signature fails; 

an operating system kernel portion including instructions for enabling basic functions of the computing; and 

in response to the execution of the one or more instructions for implementing the boot process, performing a third signature verification process on a kernel portion digital signature; and
 
in response to the third signature verification process determining that the kernel portion signature is valid, executing one or more of the instructions of the operating system kernel.


verify a fourth encrypted signature corresponding with a first portion of an operating-system kernel using the second public-key and the second cryptographic hash algorithm, and halt the boot process if the verification of the fourth encrypted signature fails; and 


verify a fifth encrypted signature corresponding with a second portion of an operating-system kernel using a third public-key and a third cryptographic hash algorithm, and halt the boot 


16/182093 Claim 19
Patent 8,812,854 claim  1
A computing device comprising one or more non-transitory machine readable storage media having instructions stored thereon, the instructions, when executed by a processor of the computing device, cause the computing device to implement a boot process, the implementing comprising:





A computer-implemented boot process for a computing system, the boot process comprising: 





prior to commencing the boot process, performing a first signature verification process on a first digital signature of a plurality of digital signatures included in firmware of the computing device; 

verifying, by a processor of the computing system, a first encrypted signature corresponding with a first portion of a read-write portion of firmware of the computing system using a first public-key and a first cryptographic hash algorithm, and halting the boot process if the verification of the first encrypted signature fails; 


verifying, by the processor, that a key-version of a second public-key is greater than or equal to a corresponding highest key-version observed by the computing system, and halting the boot process if the key-version of the second public-key is less than the highest key-version; 

in response to the first signature verification process determining that the first digital signature is valid, performing a second signature verification process on a firmware data portion digital signature of the plurality of digital signatures included in the firmware, the firmware data portion digital signature corresponding with a firmware data portion of the firmware that includes instructions for implementing the boot process; 

verifying, by the processor, a second encrypted signature corresponding with a second portion of the read-write portion of the firmware using the second public-key and a second cryptographic hash algorithm, and halting the boot process if the verification of the second encrypted signature fails; 

in response to the second signature verification process determining that the firmware data portion digital signature is valid, executing one or more of the instructions for implementing the boot process; 

verifying, by the processor, a third encrypted signature corresponding with a third portion of the read-write portion of the firmware using the second public-key and the second cryptographic hash algorithm, and halting the boot process if the verification of the third encrypted signature fails; 



verifying, by the processor, a fourth encrypted signature corresponding with a first portion of an operating-system kernel using the second public-key and the second cryptographic hash algorithm, and halting the boot process if the verification of the fourth encrypted signature fails; and 


verifying, by the processor, a fifth signature corresponding with a second portion of the operating-system kernel using a third public-key and a third cryptographic hash algorithm, and halting the boot process if the verification of the fifth encrypted signature fails.

 
Claims 1-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claim 1-19 of U.S. Patent No. 9,483,647. Although the claims at issue are not identical, they are not patentably distinct from each other because each and every element of the above independent claims 1, 14 and 19 of the present application is broader and therefore anticipated by the corresponding independent claim 1, 15, and 19 of U.S. Patent No. 9,483,647.
16/182093 Claim 1
9,483,647 Claim 1
A method for implementing a boot process on a computing device: 
A method for executing a boot process on a computing device comprising: 
prior to commencing the boot process, performing a first signature verification process on a first digital signature of a plurality of digital signatures included in firmware of the computing device; 
performing a first signature verification process on a header signature included in a first plurality of digital signatures included in a first portion of firmware included in the computing device; 
in response to the first signature verification process determining that the first digital signature is valid, performing a second signature verification process on a firmware data portion digital signature of the plurality of digital signatures included in the firmware, the firmware data portion digital signature corresponding with a firmware 


in response to the second signature verification process determining that the firmware data portion digital signature is valid, executing one or more of the instructions for implementing the boot process; 

based on the second signature verification process determining that the first data portion signature is valid, performing a third signature verification process on a second data portion signature included in the first plurality of digital signatures included in the first portion of firmware; and 

based on the third signature verification process determining that the second data portion signature is not valid, continuing the execution of the boot process comprising: 
in response to the execution of the one or more instructions for implementing the boot process, performing a third signature verification process on a kernel portion digital signature included in the plurality of digital signatures included in the firmware, the kernel portion digital signature corresponding with an operating system kernel of the computing device; 
performing a fourth signature verification process on a digital signature included in a second plurality of digital signatures included in a second portion of firmware; and 

and in response to the third signature verification process determining that the kernel portion signature is valid, executing one or more of the instructions of the operating system kernel.

based on the fourth signature verification process determining that the digital signature is valid, completing the execution of the boot process using the second portion of firmware included in the computing device.

  
16/182093 Claim 14
9,483,647 Claim 1
A firmware for implementation of boot process on a computing device, the firmware comprising: 



A method for executing a boot process on a computing device comprising: 
a firmware data portion including instructions for implementing the boot process; 

a plurality of digital signatures including a first digital signature, a firmware data portion digital signature corresponding with the firmware data portion, and a kernel portion digital signature corresponding with the operating system kernel portion, the implementation of the boot process including:

prior to commencing the boot process, performing a first signature verification process on the first digital signature; 



based on the first signature verification process determining that the header signature is valid, performing a second signature verification process on a first data portion signature included in the first plurality of digital signatures included in the first portion of firmware; 

in response to the second signature verification process determining that the firmware data portion digital signature is valid, executing one or more of the instructions for implementing the boot process; 

based on the second signature verification process determining that the first data portion signature is valid, performing a third signature verification process on a second data portion signature included in the first plurality of digital signatures included in the first portion of firmware; and 

based on the third signature verification process determining that the second data portion signature is not valid, continuing the execution of the boot process comprising: 
an operating system kernel portion including instructions for enabling basic functions of the computing; and 

in response to the execution of the one or more instructions for implementing the boot process, performing a third signature verification process on a kernel portion digital signature; and
 


performing a fourth signature verification process on a digital signature included in a second plurality of digital signatures included in a second portion of firmware; and 

in response to the third signature verification process determining that the kernel portion signature is valid, executing one or more of the instructions of the operating system kernel.

based on the fourth signature verification process determining that the digital signature is valid, completing the execution of the boot process using the second portion of firmware included in the computing device.


16/182093 Claim 19
9,483,647 Claim 19
A computing device comprising one or more non-transitory machine readable storage media having instructions stored thereon, the instructions, when executed by a processor of the computing device, cause the computing device to implement a boot process, the implementing comprising:
A computing system comprising one or more non-transitory machine readable storage media having instructions stored thereon, the instructions, when executed by a processor of the computing system, cause the computing system to execute a boot process on a computing device, the executing comprising: 
prior to commencing the boot process, performing a first signature verification process on a first 


based on the first signature verification process determining that the header signature is valid, performing a second signature verification process on a first data portion signature included in the first plurality of digital signatures included in the first portion of firmware; 

in response to the second signature verification process determining that the firmware data portion digital signature is valid, executing one or more of the instructions for implementing the boot process; 
based on the second signature verification process determining that the first data portion signature is valid, performing a third signature verification process on a second data portion signature included in the first plurality of digital signatures included in the first portion of firmware; and 
in response to the execution of the one or more instructions for implementing the boot process, performing a third signature verification process on a kernel portion digital signature included in the plurality of digital signatures included in the firmware, the kernel portion digital signature corresponding with an operating system kernel of the computing device; 
based on the third signature verification process determining that the second data portion signature is not valid, continuing the execution of the boot process comprising: performing a fourth signature verification process on a digital signature included in a second plurality of digital signatures included in a second portion of firmware; and
and in response to the third signature verification process determining that the kernel portion signature is valid, executing one or more of the instructions of the operating system kernel.

based on the fourth signature verification process determining that the digital signature is valid, completing the execution of the boot process using the second portion of firmware included in the computing device.

 
Allowable Subject Matter
Claim 1-20 allowed over the prior art but are rejection under nonstatutory double patenting.
	The prior art does not teach with respect to independent claim 1 14 and 19 the distinct features of “in response to the second signature verification process determining that the firmware data portion digital signature is valid, executing one or more of the instructions for implementing the boot process;  in response to the execution of the one or more instructions for implementing the boot process, performing a third signature 
	Prior art of record Biondi (US 6,622,246) discloses a method for executing boot process in a memory having a first firmware memory space and a second memory space. The method comprises determining whether the first memory space is valid and in response to the first memory space is not valid determining whether the second memory space is valid.
Prior art of record Thurston et al. (US 2003/0217193) discloses a firmware package comprising a header, metadata and a firmware image. The firmware image is for installation on a hardware device and metadata is for controlling the installation of the firmware image on the hardware device.
	Prior art of record Bressy et al. (US 2005/0125681) discloses a method for executing applications that involve conditional access to valuable contents. The method comprises verifying encrypted digital signature containing in the applications.

None of the prior art of record either taken by itself or in any combination, would have anticipated or made obvious the invention of the present application at or before the time it was filed.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DEVIN E ALMEIDA whose telephone number is (571)270-1018.  The examiner can normally be reached on Monday-Thursday from 7:30 A.M. to 5:00 P.M.  The examiner can also be reached on alternate Fridays from 7:30 A.M. to 4:00 P.M. 
If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Saleh Najjar, can be reached on 571-272-4006. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).

/DEVIN E ALMEIDA/Examiner, Art Unit 2492                                                                                                                                                                                                        

/VENKAT PERUNGAVOOR/Primary Examiner, Art Unit 2492