DETAILED ACTION

1.	Notice of Pre-AIA  or AIA  Status:  The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
2.	Claims 1-21 are presented for examination. 
3.	This Office Action is in response to application 16/251369 filed on January 18, 2019.
4.	Application 16/251369 has priority benefit from provisional 62/756736 filed on November 7, 2018.

5.	Claims 5, 6, 7, 12, 13, 14, 19, 20 and 21 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten to overcome the rejection(s) under 35 U.S.C. 101 (software per se type), set forth in this Office action and to include all of the limitations of the base claim (claims 1, 8 and 15) and any intervening claims (claims 6, 13, and 20).  Also, Applicant to include necessary features for a smooth transition from feature to feature to prevent gaps/disconnects/lack of relationship issues (i.e., a potential 35 U.S.C. 112(b), 2nd paragraph rejection) between features.

6.	Claims 3 and 4 (and 10, 17, 11, 18 respectively) have been rejected over prior arts.  Any one of these two dependent claims, each rejected under a different prior art, would be allowable if the two claims are rewritten to overcome the rejection(s) under 35 U.S.C. 101 (software per se type), set forth in this Office 

Claim Interpretations

7.	Claim 1 recites “firewall security layer.”  Since the instant specification does not explain the recited “firewall security layer,” a brief search revealed a web site that explains the firewall(s) and some prior arts.

	Prior art Cisco (“What is a Firewall”, 2020) (page 1) teach “a firewall is a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules.”  (page 2) teach “Types of Firewalls”…   “Proxy firewall – An early type of firewall device, a proxy firewall serves as the gateway from one network to another for a specific application.  Proxy servers can provide additional functionality such as content caching and security by preventing direct connections from outside the network.  However, this also may impact throughput capabilities and the applications they can support.”  “Stateful inspection firewall – now thought of as a ‘traditional’ firewall, a stateful inspection firewall allows or blocks traffic based on state, port, and protocol.  It monitors all activity from the opening of a connection 

Prior art Cheswick et al. (US H001944) (col 3 lines 50 -to- col 4 line 4) teach “a firewall security device is configured for connection to individual clients, e.g., personal computers, for providing firewall security measures directly to the client.  The firewall security device [] is configured as an electronic dongle which is attached to a communications port of the client, e.g., the parallel communications port.  In accordance with the invention, the incoming communications stream to the client from, e.g., routines thereby protecting the client from security breaches triggered by the communication traffic received from the public network.  Illustratively, the set of security routines define at least one security level to which all communication exchanged by the client must comply thereby insuring the integrity of the private network in which the client is interconnected.  Advantageously, [] the firewall is delivered directly by the client without intervention, use, or connection to a separate firewall server,” (col 5 lines 1-25) teach “when firewall security device 200 is connected to a user terminal [] all communications traffic to and from the user terminal is passed through firewall security device 200.  Thus, peripheral device I/O interface 215 facilitates the 

Prior art Doherty et al., (US Pub 20050033984) [0005] teach “solutions proposed to prevent intrusion in a host system fall under two main categories:  external protection or internal protection.  External protection scenarios include [] firewalls and routers which provide protection against various attacks (e.g., denial of service or DoS attacks) on a network infrastructure.  The firewall approach prevents unauthorized access from an outsider [] by monitoring traffic on critical incoming ports.  The firewall security level is a control layer inserted between a local private network and an outside internet network.  The firewall security layer permits only some traffic to pass through.  The firewall is configured by a host master of the local private network based on the local private network’s security policy.”  The firewall, moreover, cannot block all IP addresses.  An attacker (outsider, unauthorized user or hacker) is able to exploit this vulnerability.  In this scenario, the attacker masks any harmful intent at the beginning of a session, gains access to sensitive data, and at a later point, attacks the host system.  The firewall security level has to update the harmful addresses after such attack or intrusion occurred.  Thus, the firewall solution fails to offer a real-time blocking solution with regard to such harmful IP addresses.”



9.	Claim 4 recites “binary security criteria.”  Specification [004] states “the firewall security layer may be a binary security criteria.  The firewall security layer may include a kernel-level binary system integrity validation and restoration.”  This explanation/interpretation is applied to all the claims.


Claim Rejections - 35 USC § 101
10.         35 U.S.C. § 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

11.       Claims 8-14 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. See MPEP § 2106.01.

Claim 8 recites "a computer program product residing on a computer readable-storage medium having a plurality of instructions stored thereon”; however, a “computer program product” is software, per se.   A program/software that is not tangible since it does not fall into the statutory categories of "process", "machine", "manufacture" and "composition of matter".  Specification [007] states “a computer program product may reside on a computer readable storage 

This 101 rejection (software per se type) can be overcome by simply amending the respective claims to recite either a method type claim or a “non-transitory” computer-readable storage medium type claim, instead.

Claim Rejections - 35 USC § 103

12.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:


13.	Claims 1, 2, 8, 9, 15 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Riedel et al., US Pub 20180213671, hereinafter Riedel, and in view of Cella et al., US Pub 20190171187, hereinafter Cella.

14.	Regarding claims 1, 8 and 15, Riedel teach a computer-implemented method comprising:
applying (“can be separated”), by a computing device, a firewall security layer to software for hardware interface (“a firewall can separate the gateways 1030 and the server 1020 to keep the server 1020 secure” [0090], “communication network 1010 and the server 1020 can be separated by a security layer such as a firewall” [0092]);
securing sensor data imported (“data received”, “transmit”) by the hardware interface using the firewall security layer (“communicate with one or more external sensors disposed outside the enclosure” [0005], “hardware for hosting applications associated with the one or more sensors”, “locally process data received from the one or more sensors to generate processed data and to transmit the locally processed data to the one or more additional processing devices” [0010] [0015] [0037], “sensors on the 
providing the sensor data to a IT workload equipment (“an electrical power distribution subsystem”, “cooling system that removes heat from the one or more processing systems and the one or more sensors” [0004],  “a data center facility provides essential inputs to IT workload equipment [] such as shelter, power and cooling” [0033], “cooling tower” [0071], “data center platform 110 includes a physical shelter for housing IT workload equipment and associated sensors” [0038], “analytics of sensors of a network of data center platforms can be processed locally at each data center platform” [0042], “IT workload equipment can host any combination of applications for processing [] in varying proportions” [0063]); 
providing, via a user interface (“user-interfaces on [] computing devices”, “a display or speakers”), an indication (“an alert signal”) of an insecure condition (“an emergency”) based upon, at least in part, analysis of the sensor data (“communications software (e.g., application programming interfaces)” [0054], “upon receiving information indicative of an emergency, an alert signal that is transmitted to law enforcement authorities” [0057] [0082] [0083], “roadwork information, safety information”, “data could be pushed to a display or speakers” [0084], “server 1020 [] provides user-interfaces on one or more of the mobile devices and the computing device” [0093]).


providing the sensor data to an Artificial Intelligence (Al) expert system (“AI model operates on sensor data from an industrial environment” [0014] [0801], “indicators of levels of analog and digital sensor data (such as indicating levels of rotation, vibration, heating or cooling, pressure, and many other conditions)” [0267] [0268], “equipment cooling” [0661] [1873] [1875] [1886] [2033], “a streaming data collection system 10090 may include the DAQ instrument 10052 or other data collectors that may gather analog signals from sensors” [0803], “an expert system or neural network may be trained [] based on a data set, model, or the like”, “training may include presenting the neural network with one or more training data sets that represent values, such as sensor data, event data, parameter data, and other types of data [], as well as one or more indicators of an outcome, such as an outcome of a process, an outcome of a calculation, an outcome of an event, an outcome of an activity, and the like” [0807], “a plurality of neural networks may be deployed in a cloud platform that receives data streams and other inputs collected [] in one or more industrial environments and transmitted to the cloud platform over one or more networks” [0808], “moves information in one direction, such as from a data input, like an analog sensor located on or proximal to an industrial machine [] to an output” [0809]);

providing, via a user interface, an indication (“alerat”, “set of indicators”) of an insecure condition (“fault conditions”) based upon, at least in part, analysis of the sensor data (“a limit alert or failure indication” [0879], “when the expert system makes a prediction of an outcome or state using vibration noise, the expert system may perform a downstream action”, “downstream actions may include triggering an alert of a failure, imminent failure, or maintenance event, shutting down equipment/component, initiating maintenance/lubrication/alignment”, “based on this predicted state of 

Thus, it would have been obvious before the effective filing date of the claimed invention to a person of ordinary skill in the art to readily recognize the advantage of modifying Riedel’s system that provides the user a “configurable data center platform that includes an enclosure configured to affix to a support structure, the enclosure configured for housing:  one or more processing systems that form the data center; [] one or more sensors; [] where the enclosure comprises a cooling system that removes heat” (Riedel [0004]) and “different combinations of sensors may be deployed in the data center platform 110 based on particular concerns in certain areas” (Riedel [0081]) with the features of Cella’s system to provide a “system for using collected data” (Cella [0007]) and “intelligent data collection systems 102 deployed locally, at the edge of an IoT deployment” (Cella [0132]).



15.	Regarding claims 2, 9 and 16, Riedel do not teach a graphical user interface feature, but in a similar field of endeavor Cella teach wherein the user interface includes a graphical user interface (“graphical user interface” [1968]).

s 3, 10 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Riedel and Cella, as applied to claims 1, 8 and 15 above, and further in view of Pera et al., US Pub 20150256355, hereinafter Pera.

17.	Regarding claims 3, 10 and 17, Riedel and Cella do not teach a user interface includes an indicator diode feature, but in a similar field of endeavor Pera teach wherein the user interface includes one or more indicator diodes (“touch-sensitive user-interface 1122 can include one or more sensors 1126, a plurality of touch-sensitive sensors 1128, and a Light-Emitting Diode (LED) indicator” [0191]).

Thus, it would have been obvious before the effective filing date of the claimed invention to a person of ordinary skill in the art to readily recognize the advantage of modifying Riedel’s and Cella’s system that provides the user a “configurable data center platform that includes an enclosure configured to affix to a support structure, the enclosure configured for housing:  one or more processing systems that form the data center; [] one or more sensors; [] where the enclosure comprises a cooling system that removes heat” (Riedel [0004]) and “different combinations of sensors may be deployed in the data center platform 110 based on particular concerns in certain areas” (Riedel [0081]) with the features of Pera’s system to provide a “networks of various sensors and controllers (nodes) that may form a ‘smart’ wirelessly connected habitable space (e.g., home, office, work, etc.) network” (Pera [0009]).

The motivation being “a user can either drag a temperature slider 234 along temperate range 232, or can tap on a portion of temperature range 232 that indicated a desired temperature” (Pera [0132]) and “touch-sensitive user-interface 1122 can include one or more sensors 1126, a plurality of touch-sensitive sensors 1128, and a Light-Emitting Diode (LED) indicator” (Pera [0191]).

18.	Claims 4, 11 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Riedel and Cella, as applied to claims 1, 8 and 15 above, and further in view of Menten et al., US Pub 20110030028, hereinafter Menten.

19.	Regarding claims 4, 11 and 18, Riedel and Cella do not teach the firewall security layer is a binary security criteria feature, but in a similar field of endeavor Menten teach wherein the firewall security layer is a binary security criteria (“set of instructions is configured for causing the at least one data processing device to carry out operations for receiving binary data structure including [] verifying that application protocol payload [0009], “deployable application layer protocol validation in firewall and intrusion detection and prevention systems” [0017], “providing the binary data structure and security rule to the network interface protection apparatus” [0047] [0050]).



The motivation being “to achieve more than a very basic level of protocol validation requires a large program that is difficult to validate for correctness” (Menten [0004]) and “set of instructions is configured for causing the at least one data processing device to carry out operations for receiving binary data structure including [] verifying that application protocol payload” (Menten [0009]).


Conclusion
20.	The prior art made of record and but not relied upon is considered pertinent to applicant's disclosure comprise:
Jiang et al., “KBT: Operating System Kernel Level Binary Translation System”, 2013 page 1276 col 1;
Perl et al. (US Pub 20170372431) [0009] [0014] [0015] [0022] [0039] [0049]; and
Lee et al. (US Pub 20190065896) [0059] [0068].

Applicant is reminded that in amending in response to a rejection of claims, the patentable novelty must be clearly shown in view of the state of the art disclosed by the references cited and the objection made.  Applicant must show how the amendments avoid such references and objections.  See 37 CFR 1.111(c).

21.	 Any inquiry concerning this communication or earlier communications from the examiner should be directed to O. Charlie Vostal whose telephone number is 571-270-3992 (via email:  Ondrej.Vostal@uspto.gov  “without a written authorization by applicant in place, the USPTO will not respond via internet e-mail to an Internet correspondence” MPEP 502.02 II and https://www.uspto.gov/sites/default/files/documents/sb0439.pdf ).  The examiner can normally be reached on 8:30am to 5:00pm EST Monday thru Friday.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Thu Nguyen can be reached on 571-272-6967.  The fax phone 

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the Public PAIR system, see http://portal.uspto.gov/pair/PublicPair.  Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


	/ONDREJ C VOSTAL/           Primary Examiner, Art Unit 2452                                                                                                                                                                                             
	January 15, 2021