Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
DETAILED ACTION
This action is in response to original filings made on 1/31/2019. Claims 1-20 are pending.
Specification (Title)
The title of the invention is not descriptive.  A new title is required that is clearly indicative of the invention to which the claims are directed. 
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 2, 7 and 8 are rejected under 35 U.S.C. 103 as being unpatentable over De Los Santos et al. (US Patent Publication No. 2015/0156024 and Santos hereinafter) in view of Miranda et al. (US Patent Publication No. 2017/0286665 and Miranda hereinafter).

As to claim 1, Santos teaches a method for signing software images, comprising: 

wherein the signature is generated using a certificate and a hash value generated from the software image (i.e., …teaches in paragraph 0040 the following: “signing, by a software distributor via a first server, at least one software file using a digital certificate”. Further teaches in paragraph 0041 the following: “generates, upon a request made by the software distributor, a hashstamp of the at least one signed software file.”). 

Santos does not expressly teach:
generating a software image comprising a file segment and a signature segment, wherein the signature segment comprises a Null File; 
modifying the software image to replace the Null File with a Signature File to obtain a signed software image, 
wherein the Signature File comprises the certificate, the signature, and a collision value; 
and distributing the signed software image to at least one network device, 
wherein the at least one network device uses the Signature File to verify the signed software image.

In this instance the examiner notes the teachings of prior art reference Miranda. 
With regards to applicant’s claim limitation element of, “generating a software image comprising a file segment and a signature segment, wherein the signature segment comprises a Null File”, illustrates in figure 5 a signature segments for a software image. The examiner notes that the signature segments of Miranda will be empty (i.e., NULL) until the software image is initially signed. 

	With regards to applicant’s claim limitation element of, “wherein the Signature File comprises the certificate, the signature, and a collision value”, Miranda illustrates in figure 4, certificate, signature and collision data. 
With regards to applicant’s claim limitation element of, “and distributing the signed software image to at least one network device”, Miranda teaches a paragraph 0031 the following: “The software image layout 300 shows the packaging of software signed by a first entity (e.g., a vendor) within an image from a second entity (e.g., original equipment manufacturer (OEM)).”. The examiner notes that the software image will be distributed to the devices by the vendor (i.e., …par. 34…” A vendor may sell or otherwise provide the software to a second entity, such as an OEM, for use in a product manufactured or sold by the OEM.”). 
With regards to applicant’s claim limitation element of, “wherein the at least one network device uses the Signature File to verify the signed software image”, teaches in paragraph 0044 the following: “After the software image is signed by both the vendor and the OEM, the dual-signed software image can be provided to the secured execution environment 208 of the processor 102 of an electronic device 100. Additionally, the public keys that can be employed by the secured execution environment 208 to validate the signatures can also be provided to the secured execution environment 208 of the processor 102”.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Santos with the teachings of Miranda by including the 
 
As to claim 2, Santos teaches a method of claim 1, further comprising: generating the hash value by applying a hash function to the software image (i.e., …teaches in paragraph 0041 the following: “generates, upon a request made by the software distributor, a hashstamp of the at least one signed software file.”.).

As to claim 7, Santos teaches a method of claim 1, wherein the certificate is signed by a parent certificate (i.e., …teaches in paragraph 0005 the following: “integrity validation of the certificate using the CA's public key”).

As to claim 8, the system of Santos teaches a certificate however neither reference expressly teaches a method of claim 1, wherein the signed software image is in an archive file format.
In this instance the examiner notes the teachings of prior art reference Miranda. 
 Miranda teaches in paragraph 0031 the following: “software image layout 300 is an executable and linkable format (ELF), which may also be referred to as an extensible linking format. 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Santos with the teachings of Miranda by including the feature of software formatting. Utilizing software formatting as taught by Miranda above allows a system to provide comprehensive software maintenance and therefore provides the motivation in this . 

Claims 9, 12-18 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Miranda in view of De Los Santos et al. (US Patent Publication No. 2015/0156024 and Santos hereinafter).

As to claim 9, Miranda teaches a method for verifying signed software images, comprising: 
replacing, in a signed software image, a Signature File with a Null File to obtain a software image (i.e. …illustrates in figure 5 a signature segments for a software image. The examiner notes that the signature segments of Miranda will be empty (i.e., NULL) until the software image is initially signed.).
and based on the verifying, enabling a network device to use the software image (i.e., …teaches in paragraph 0056 the following: “the secure processing circuit 210 and/or the non-secured or normal processing circuit 204 may execute the software after it is authenticated.”).

The system of Miranda does not expressly teach:
verifying the signed software image using: a hash value generated from the software image, and a signature and a certificate in the Signature File. 
In this instance the examiner notes the teachings of prior art reference Santos.
With regards to applicant’s claim limitation element of, “verifying the signed software image using: a hash value generated from the software image, and a signature and a certificate in the Signature File”, Santos teaches in paragraph 0049 the following: “user, as a characteristic of the present invention, can verify if its acquired copy matches with the hash-stamped signed software file registered with the second server. To do so, the user will check validity of the digital signature of the acquired copy of the signed software file and will extract, by using a dedicated program, signature data from the 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Miranda with the teachings of Santos by including the feature of certificate validation. Utilizing certificate validation as taught by Santos above allows a system to provide comprehensive software validation and therefore provides the motivation in this instance to combine the references. The examiner contends that by combining the references, Miranda's system will obtain the capability to provide enhanced system integrity. 
 
As to claim 12, Miranda teaches a method of claim 9, wherein a length of the Null File is equal to a length of the Signature File (i.e., … the examiner notes that Miranda teaches in figure 5 a software image with signature information. The examiner notes that the illustrates shows that as the software image is signed, empty (i.e., NULL) segments will be replaced with signature related data.).

As to claim 13, the system of Miranda teaches a software image however Miranda does not expressly teach a method of claim 9, further comprising: prior to verifying the signature, verifying that the certificate is valid.
In this instance the examiner notes the teachings of prior art reference Santos.
Santos teaches in paragraph 0049 the following: “user, as a characteristic of the present invention, can verify if its acquired copy matches with the hash-stamped signed software file registered 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Miranda with the teachings of Santos by including the feature of certificate validation. Utilizing certificate validation as taught by Santos above allows a system to provide comprehensive software validation and therefore provides the motivation in this instance to combine the references. The examiner contends that by combining the references, Miranda's system will obtain the capability to provide enhanced system integrity. 

As to claim 14, the system of Miranda teaches a software image however Miranda does not expressly teach a method of claim 13, wherein verifying that the certificate is valid is performed using a public key stored in a hardware security device or in a secure memory on the network device.
In this instance the examiner notes the teachings of prior art reference Santos.
Santos teaches in paragraph 0005 the following: “integrity validation of the certificate using the CA's public key”. 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Miranda with the teachings of Santos by including the feature of certificate validation. Utilizing certificate validation as taught by Santos above allows a system 

As to claim 15, Miranda teaches a method of claim 9, wherein the verification of the signed software image is performed using a software image verifier stored in a secure memory on the network device (i.e., …teaches in paragraph 0060 the following: “secure processing circuit 210 may authenticate the signature for the second software.”.).

As to claim 16, Miranda teaches a method of claim 9, wherein the signed software image is in an archive file format (i.e., …teaches in paragraph 0031 the following: “software image layout 300 is an executable and linkable format (ELF), which may also be referred to as an extensible linking format”).

As to claim 17, Miranda teaches a method of claim 9, and wherein the public key is used to verify the signed software image (i.e., …teaches in paragraph 0044 the following: “After the software image is signed by both the vendor and the OEM, the dual-signed software image can be provided to the secured execution environment 208 of the processor 102 of an electronic device 100. Additionally, the public keys that can be employed by the secured execution environment 208 to validate the signatures”.).

Miranda does not expressly teach:
	wherein the certificate comprises the public key.
In this instance the examiner notes the teachings of prior art reference Santos.

It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Miranda with the teachings of Santos by including the feature of certificate validation. Utilizing certificate validation as taught by Santos above allows a system to provide comprehensive software validation and therefore provides the motivation in this instance to combine the references. The examiner contends that by combining the references, Miranda's system will obtain the capability to provide enhanced system integrity. 

As to claim 18, Miranda teaches a network device, comprising: 
persistent storage comprising a signed software image (i.e., …teaches in paragraph 0044 the following: “After the software image is signed by both the vendor and the OEM, the dual-signed software image can be provided to the secured execution environment 208 of the processor 102 of an electronic device 100. Additionally, the public keys that can be employed by the secured execution environment 208 to validate the signatures”.); 
a secure memory comprising a software image verifier (i.e., …teaches in paragraph 0060 the following: “secure processing circuit 210 may authenticate the signature for the second software.”.); 
a processor configured to execute the software image verifier (i.e., …teaches in paragraph 0060 the following: “secure processing circuit 210 may authenticate the signature for the second software.”.); 
wherein the software image verifier, when executed by the processor performs a method, the method comprising (i.e., …teaches in paragraph 0060 the following: “secure processing circuit 210 may authenticate the signature for the second software.”.): 
replacing, in the signed software image, a Signature File with a Null File to obtain an intermediate software image(i.e., … the examiner notes that Miranda teaches in figure 5 a software 
verifying the signed software image using: and the public key (i.e., …teaches in paragraph 0044 the following: “After the software image is signed by both the vendor and the OEM, the dual-signed software image can be provided to the secured execution environment 208 of the processor 102 of an electronic device 100. Additionally, the public keys that can be employed by the secured execution environment 208 to validate the signatures”.); 
and based on the verifying, enabling the network device to use the signed software image (i.e., …teaches in paragraph 0056 the following: “the secure processing circuit 210 and/or the non-secured or normal processing circuit 204 may execute the software after it is authenticated.”).

Miranda does not expressly teach:
a hardware security device comprising a public key associated with a certificate;
verifying the signed software image using: a hash value generated from the intermediate software image and a signature and the certificate in the Signature File.
In this instance the examiner notes the teachings of prior art reference Santos.
With regards to applicant’s claim limitation element of “a hardware security device comprising a public key associated with a certificate”, Santos teaches in paragraph 0005 the following: “integrity validation of the certificate using the CA's public key”.
With regards to applicant’s claim limitation element of, “verifying the signed software image using: a hash value generated from the intermediate software image, a signature and the certificate in the Signature File”, Santos teaches in paragraph 0049 the following: “user, as a characteristic of the present invention, can verify if its acquired copy matches with the hash-stamped signed software file registered with the second server. To do so, the user will check validity of the digital signature of the 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Miranda with the teachings of Santos by including the feature of certificate validation. Utilizing certificate validation as taught by Santos above allows a system to provide comprehensive software validation and therefore provides the motivation in this instance to combine the references. The examiner contends that by combining the references, Miranda's system will obtain the capability to provide enhanced system integrity. 

As to claim 20, Miranda teaches a network device of claim 18, wherein the signed software image is in an archive file format (i.e., …teaches in paragraph 0031 the following: “software image layout 300 is an executable and linkable format (ELF), which may also be referred to as an extensible linking format”).

Claim 19 is rejected under 35 U.S.C. 103 as being unpatentable over Miranda in view of (De Los Santos) Santos as applied to claim 18 above and further in view of Sarangshar et al. (US Patent Publication No. 2014/0089660 and Sarangshar hereinafter).

As to claim 19, the system of Miranda and Santos teaches memory however neither reference expressly teaches a network device of claim 18, wherein the secure memory comprises serial peripheral interface (SPI) Flash.
In this instance the examiner notes the teachings of prior art reference Sarangshar.
Sarangshar teaches in paragraph 0002 the following: “on Serial Peripheral Interface (SPI) Flash memory”. 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Miranda and Santos with the teachings of Sarangshar by including the feature of trusted secure data storage. Utilizing trusted secure data storage as taught by Sarangshar above allows a system to provide comprehensive data storage and therefore provides the motivation in this instance to combine the references. The examiner contends that by combining the references, the system of Miranda and Santos will obtain the capability to provide enhanced data security. 
Allowable Subject Matter
Claim 3 objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. The examiner notes that dependent claim 4 is allowable based on its dependency on dependent claim 3.

Claim 5 objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. The examiner notes that dependent claim 6 is allowable based on its dependency on dependent claim 5.

Claim 10 objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. The examiner notes that dependent claim 11 is allowable based on its dependency on dependent claim 10.
Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRYAN F WRIGHT whose telephone number is (571)270-3826.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni Shiferaw can be reached on (571)272-3867.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/BRYAN F WRIGHT/Examiner, Art Unit 2497