Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
 
Continued Examination Under 37 CFR 1.114
2.	A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 12/23/2020 has been entered.  1, 9 and 15 are amended.  Claims 1-20 are pending.

Response to Arguments
3.	Applicant’s arguments with respect to amended claims have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.

				
Claim Rejections - 35 USC § 103
4.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:

 	Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Litichever et al. (U.S. Patent Application Publication No. 2015/0020152, hereinafter Litichever) in view of Benameur et al. (U.S. Patent Application Publication No. 9,794, 275, hereinafter Benameur) and further in view of Duda (U.S. Patent application Publication No. 2017/0346790).
 	With respect to claim 1, Litichever discloses a system for securing an in-vehicle network in a vehicle, the system comprising: a switch connected to at least two segments of the in-vehicle network; and an intrusion detection and prevention system (IDPS) unit connected to the switch; wherein the IDPS unit is adapted to: receive network messages from the switch, determine at least some of the network messages are related to a cyber threat (e.g. Litichever, paragraphs 0080 and 0110).
 	 configure the routing component of the filter/proxy according to the cyber-threat  (e.g. Litichever, paragraph 0161).  Litichever does not explicitly describes the switch (gateway) is configured according to the cyber threat.  
 	However, Litichever mentions integrated system such as integrated between the gateway with filter/proxy or security system (i.e. Fig. 7 and paragraph 0140).  	

 	Moreover, Litichever discloses using a filter/proxy by applying preconfigured rules to determine whether the message is at risk but does not explicitly mention it as a IDPS.  However,  , Benameur discloses the similar feature (e.g. Benameur, col. 5, lines 19-46).  It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the filter/proxy (security system) with IDPS taught by Benameur to enable the analyzing message based on content of the packets.  
	Litchever does not explicitly mention configure the switch according to the cyber threat by modifying content in an internal memory of the switch.  However, Duda discloses the similar feature (e.g. Duda, paragraph 0025, “a network element administrator may change the specification of what traffic should be blocked by changing rules of the ACL).  To effect this change, the network element software has to load the new ACL into the data plane, which can be in the form of TCAM entries within a switch ASIC.”).  Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement this feature to ensure handling of data packet according to access control list based commands.



 	With respect to claim 3, Litichever, Benameur and Duda disclose the system of claim 1, wherein the IDPS unit is adapted to perform deep packet analysis of the network messages, and wherein said determining at least some of the network messages are related to a cyber threat is based on a state and context of at least one of: the vehicle, the in-vehicle network and at least one component connected to the in-vehicle network (e.g. Litichever, paragraphs 0166; Benameur, col. 5, lines 19-46). 

 	With respect to claim 4, Litichever, Benameur and Duda do not explicitly disclose the system of claim 1, wherein the switch includes a ternary content-addressable memory (TCAM) table and wherein configuring the switch includes updating information in the TCAM table (e.g. Duda, paragraph 0025).
 	
 	With respect to claim 5, Litichever, Benameur and Duda disclose the system of claim 1, wherein the IDPS unit is adapted to: determine the cyber threat is no longer present; and reconfigure the switch according to a post cyber threat state (e.g. Litichever, paragraph 0164).

 	With respect to claim 6, Litichever, Benameur and Duda disclose the system of claim 1, wherein:


 	With respect to claim 7, Litichever, Benameur and Duda disclose the system of claim 1, further comprising at least one sensor adapted to identify events related to at least one of: the in-vehicle network, the vehicle and at least one unit connected to the in-vehicle network, wherein the IDPS unit identifies a cyber threat based on a report received from the sensor (e.g. Benameur, col. 14, lines 1-14).

 	With respect to claim 8, Litichever, Benameur and Duda disclose the system of claim 7, wherein the IDPS unit: generates and updates a model of network traffic over the in-vehicle network based on information received from the sensor; and uses the model to identify a cyber threat (e.g. Benameur, col. 14, lines 1-14, replication of event).
 	
 	With respect to claims 9-20, the claims disclose the similar features of claims 1-8.  Therefore, claims 9-20 are rejected based on the similar rationale.

Conclusion
5.	 Any inquiry concerning this communication or earlier communications from the examiner should be directed to TONGOC TRAN whose telephone number is (571)272-3843.  The examiner can normally be reached on 9-5 Monday - Friday.

 	If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on (571) 272-3811.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/TONGOC TRAN/
Primary Examiner, Art Unit 2434