DETAILED ACTION
This non-final office action is in response to claims 1-14 filed on 01/09/2019 for examination. Claims 1-14 are being examined and are pending.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 01/09/2019 has been considered by the examiner. 

Drawings
The drawings filed on 01/09/2019 have been accepted. 

Claim Objections
Claim  1, 3, 4, 6, 8, and 10-14 are objected because of the following informalities:
In the above claims, examiner suggests to replace “the said” with either - - the - - or  - - said - -.
In claim 6 and 13, examiner suggests to replace “said the” with either - - the - - or  - - said - -.
In claim 8 and 10, examiner suggests to replace “inspector modules” with - - inspector computer modules - -. 
In multiple claims, both “said” and “the” are used. Examiner suggests to only use one of them throughout to be consistent. 
In claim 3-7, examiner suggests to use the format used in claim 1 and 2, such as processing, validating. No need to have “is configured to”.
Appropriate correction is required.


Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claim 3-7 and 10-14 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention
Regarding claim 3 and 10, claim recites “data block headers” in line 3. It’s not clear those data block headers are same as the header in the claim 2 and 9.  
Regarding claim 3 and 10, claim recites “a specific data block” in line 6 and “specific data blocks” in line 6. Claim also recites “said data block” in line 8 and 10. There is insufficient antecedent basis for this limitation in the claim because there are multiple “each data block” and “a specific data block” prior including claim 2. Therefore it’s not clear which data block “said data block” refers to.
Regarding claim 6 and 13, claim recites “said data block” in line 2 and “the data block” in line 6. There is insufficient antecedent basis for this limitation in the claim because there are multiple “each 
Claim 4-7 and 11-14 are rejected for carrying the same deficiencies of claim 3 and 10 as well.


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claim 1-4, 6-11, 13 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Maturana et al. (US20150281453, hereinafter Maturana) in view of Grefen et al. (US20170163733, hereinafter Grefen).
Regarding claim 8 and 1, Maturana teaches a system for providing a secure data monitoring system within a plant, said system comprising a cluster of at least one collector computer module and a cluster of at least one inspector computer module (Maturana: Fig. 3: data concentrator (328), on-premise cloud agent (340), analytic engine (318); Para. 0005: a cloud agent device that monitors an industrial process; Para. 0047: In the example illustrated in FIG. 3 a data concentrator 328 collects plant data from one or more industrial assets (e.g., data generated by one or more industrial controllers, such as industrial devices 108 or 110) at a plant facility; Para. 0050: FIG. 3 depicts data concentrator 328 as the data source for cloud agent 340. This configuration can be useful if there are a large number of data points to monitor, since the data concentrator can 328 can link multiple industrial devices or other data sources to a single cloud agent 340)), wherein each said computer module comprises one or more processors operatively coupled to a non-transitory computer readable storage device, on which are stored modules of instruction code that when executed cause the one or more processors to perform the functionality of the said computer module (Maturana: Claim 1: A system for notification of industrial alarm events, comprising: a memory that stores computer-executable components; a processor, operatively coupled to the memory, that executes the computer-executable components; Para. 0025: a component can be, but is not limited to being, a process running on a processor, a processor, a hard disk drive, multiple storage drives (of optical or magnetic storage medium) including affixed (e.g., screwed or bolted) or removable affixed solid-state storage drives); said collector computer modules collect data originating from multiple data sources within the plant (Maturana: Para. 0047: a data concentrator 328 collects plant data from one or more industrial assets (e.g., data generated by one or more industrial controllers, such as industrial devices 108 or 110) at a plant facility); said collector computer modules further comprise a smart card module (Maturana: Para. 0138: computer readable media can include but are not limited to magnetic storage devices, optical disks,… smart cards, and flash memory devices); said smart card encrypts the collected data with a one-time security key (Maturana: Para. 0054: Cloud agent 340 may also encrypt sensitive data prior to upload to the cloud; Para. 0057: to ensure secure outbound traffic to the cloud, one or more embodiments of cloud agent 340 can support HTTPS/SSL, certificate authority enabled transmission, and/or unique identity using MAC addresses); said collector computer modules are configured to forward said collected data to said inspector modules (Maturana: Para. 0054: data from multiple sensors measuring related aspects of an automation system can be identified and aggregated into a single cloud upload packet by cloud agent 340. Cloud agent 340 may also encrypt sensitive data prior to upload to the cloud); said inspector computer modules are configured to identifying real-world scenarios and actions that take place within the plant according to said analysis (Maturana: Para. 0036: Exemplary automation systems can include one or more industrial controllers that facilitate monitoring and control of their respective processes. The controllers exchange data with the field devices using native hardwired I/O or via a plant network such as Ethernet/IP, Data Highway Plus, ControlNet, Devicenet, or the like. A given controller typically receives any combination of digital or analog signals from the field devices indicating a current state of the devices and their associated processes (e.g., temperature, position, part presence or absence, fluid level, etc.), and executes a user-defined control program that performs automated decision-making for the controlled processes based on the received signals. The controller then outputs appropriate digital and/or analog control signaling to the field devices in accordance with the decisions made by the control program. These outputs can include device actuation signals, temperature or position control signals, operational commands to a machining or material handling robot, mixer control signals, motion control signals); and said inspector computer modules are configured to identify anomalies in the operation of production machines or machine sub-units according to said analysis (Maturana: Para. 0067: The cloud-based broker system is designed to notify application-level experts—via client devices 616—of events and anomalies that emerge from the industrial processes being monitored. These notifications can alert supervisors and system managers of potentially harmful or otherwise detrimental situations occurring in the production lines or devices, so that corrective measures can be taken in an organized manner). 
Yet, Maturana does not teach providing read-only permissions to authorized persons and computational units; said inspector modules are configured to authenticate said collected data according to a set of predefined logic rules; said cluster of inspector computer modules is configured to analyze the collected data by employing parallel processing among multiple inspector computer modules in the cluster.
However, in the same field of endeavor, Grefen teaches providing read-only permissions to authorized persons and computational units (Grefen: Para. 0014: audit data often need to be used by multiple parties, and thus require access privileges and filters; Para. 0012: The metadata (16 and 18 in FIG. 1) may contain further information to enable audit services for clients that have access privileges for subsets of data of a blockchain; Para. 0178: Both provide support for a multi-tenant implementation for the management of audit blockchains, which include access privileges and data isolation; Para. 0045: The remainder of a record cannot be changed); said inspector modules are configured to authenticate said collected data according to a set of predefined logic rules (Grefen: Para. 0006: the operator of a technical installation may be under the obligation to prove the identity of a given device (e.g. authenticated) that generated a stream of audit data, i.e. demonstrate that present audit data indeed stem from that device, and not from another device that spoofed the identity of the former device; Para. 0086: Service audit requests for data generated in the course of the operation of the peripheral devices and management infrastructures. This entails validating blockchains stored by the management infrastructure for correctness and verifying that the metadata of a given such blockchain coincide with the ones in the corresponding blockchain stored in the Hash Value Store); said cluster of inspector computer modules is configured to analyze the collected data by employing parallel processing among multiple inspector computer modules in the cluster (Grefen: Para. 0092: the peripheral device 30 creates an audit blockchain that contains the data stream generated by processes and threads active on the peripheral device to be saved for auditing, by chunking the data stream and adding each chunk as a payload to a blockchain record. In parallel, sets of records of the blockchain are forwarded to the management infrastructure (32); Para. 0094: As subsets of the blockchain are forwarded from the peripheral computing devices 30 to the management infrastructure 32, in parallel payload stripped representations of these subsets (often referred to herein as subsets of payload stripped stream of data records) are forwarded to the escrow service 36, by the peripheral computing device 30, the management infrastructure 32). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to modify the system disclosed by Maturana to include providing read-only permissions to authorized persons and computational units; said inspector modules are configured to authenticate said collected data according to a set of predefined logic rules; said cluster of inspector computer modules is configured to analyze the collected data by employing parallel 
 Regarding claim 9 and 2, combination of Maturana and Grefen teaches the system of claim 8. In addition, Grefen further teaches wherein said inspector computer modules are configured to: quantify said collected data into data blocks (Grefen: Para. 0092: In FIG. 5, the peripheral device 30 creates an audit blockchain that contains the data stream generated by processes and threads active on the peripheral device to be saved for auditing, by chunking the data stream and adding each chunk as a payload to a blockchain record; Para. 0042: The payload 14 of a record contains data belonging to the data stream of the audit blockchain 12. The data stream is made up of any set of data to be saved for later audit, including for instance log files, data generated by an application, the operation system, or firmware, binary dumps, output from a number of control or sensor devise, etc. A data stream is divided into packets that are included as payload of an audit blockchain); assign a unique hash value to each data block increment (Grefen: Para. 0043: The metadata segment (16, 18) of a record is made up of any data required to implement the properties of an audit blockchain, and further data to manage its payload, such as to implement access privileges and multi-tenancy. In particular, the metadata 16,18 of a record contains the hash value of its successor record, preferably calculated by means of a cryptographic hash function, such as MD5, SHA-1, SHA-2, or SHA-3); and keeping each data block's hash value in a header, wherein said header also contains the hash value pertaining to the previous data block, thus linking the two data blocks in a block chain (Grefen: Para. 0043: The metadata segment (16, 18) of a record is made up of any data required to implement the properties of an audit blockchain, and further data to manage its payload, such as to implement access privileges and multi-tenancy. In particular, the metadata 16,18 of a record contains the hash value of its successor record, preferably calculated by means of a cryptographic hash function, such as MD5, SHA-1, SHA-2, or SHA-3. For instance, record B3 contains in its metadata a hash value, hash B2, that has been calculated of the metadata and payload sections of record B2. Function hash also is referred to as linkage function. A linkage function can be any function that poses a strong computational challenge, in its complexity comparable to a cryptographic function). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to modify the system disclosed by the combination to include wherein said inspector computer modules are configured to: quantify said collected data into data blocks; assign a unique hash value to each data block increment; and keeping each data block's hash value in a header, wherein said header also contains the hash value pertaining to the previous data block, thus linking the two data blocks in a block chain as disclosed by Grefen. One of ordinary skill in the art would have been motivated to make this modification in order to safe and tamper-free collected data from industrial plants as suggested by Grefen (Grefen: Para. 0039 and Para. 0199).
Regarding claim 10 and 3, combination of Maturana and Grefen teaches the system of claim 8. In addition, Grefen further teaches said inspector modules distributes data block headers, containing expected hash values for specific data blocks among one or more inspector modules in the inspector module cluster, to be stored separately in multiple locations (Grefen: Para. 0019: recording a content stream of data records output from a number of devices where each record has a payload segment including content from the devices and a metadata segment. Preferably the metadata segment includes the hash value of a predecessor record in the stream. A payload stripped stream of said data records is recorded where the payload stripped stream does not include the payload segments and the payload stripped stream is stored as an escrow file; Para. 0095: The escrow service 36, upon receipt of the subset of the payload stripped stream 44 or 45 adds them to the payload stripped stream 49 that is maintains for the audit blockchain, in its Hash Value store 48, preserving the topology given by the linkage of records); a first inspector computer module possesses an expected hash value pertaining to a specific data block (Grefen: Para. 0096: An escrow service 36 receives the audit request for the blockchain (content stream 42 in the Blockchain Store 44) and retrieves its payload stripped representation of it (payload stripped stream 49) from the Hash Value Store 48); said first inspector computer module is configured to address a second inspector computer module, wherein the actual said data block is stored (Grefen: Para. 0096: The escrow service 36 sends a request to the management infrastructure 32 for a copy of the blockchain that is subject of the audit and creates a payload stripped representation of it, as at 48); said first inspector computer module is configured to validate the existence of the said data block in the designated location on the said second inspector computer module (Grefen: Para. 0096: The escrow service 36 performs a comparison of the two payload stripped representations of the blockchain, the payload stripped stream 42 retrieved from the Hash Value Store (step 1) and the one created from the audit blockchain stored in the Blockchain Store 46. They need to match with regards to record content and topology of the subset; If the test performed in step 3. passed, or at least for a set of maximal subchain of the payload stripped streams, starting at the genesis record, a verification of hash values will be performed for the corresponding subchains of the copy of the blockchain 42 in the Blockchain Store 44). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to modify the system disclosed by the combination to include said inspector modules distributes data block headers, containing expected hash values for specific data blocks among one or more inspector modules in the inspector module cluster, to be stored separately in multiple locations; a first inspector computer module possesses an expected hash value pertaining to a specific data block; said first inspector computer module is configured to address a second inspector computer module, wherein the actual said data block is stored; said first inspector computer module is configured to validate the existence of the said data block in the designated location on the said second 
Regarding claim 11 and 4, combination of Maturana and Grefen teaches the system of claim 8. In addition, Grefen further teaches wherein the said first inspector computer module is configured to validate the existence of both data blocks, respective to the two hash values contained within the said header, thus validating the integrity of the data block chain (Grefen: Para. 0096: The escrow service 36 performs a comparison of the two payload stripped representations of the blockchain, the payload stripped stream 42 retrieved from the Hash Value Store (step 1) and the one created from the audit blockchain stored in the Blockchain Store 46. They need to match with regards to record content and topology of the subset; If the test performed in step 3. passed, or at least for a set of maximal subchain of the payload stripped streams, starting at the genesis record, a verification of hash values will be performed for the corresponding subchains of the copy of the blockchain 42 in the Blockchain Store 44). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to modify the system disclosed by the combination to include wherein the said first inspector computer module is configured to validate the existence of both data blocks, respective to the two hash values contained within the said header, thus validating the integrity of the data block chain as disclosed by Grefen. One of ordinary skill in the art would have been motivated to make this modification in order to safe and tamper-free collected data from industrial plants as suggested by Grefen (Grefen: Para. 0039 and Para. 0199).
Regarding claim 13 and 6, combination of Maturana and Grefen teaches the system of claim 8. In addition, Grefen further teaches read the content of the said data block (Grefen: Para. 0102: to read the payload); apply a hashing function to the said read content, to obtain a new hash value (Grefen: record B3 contains in its metadata a hash value, hash B2, that has been calculated of the metadata and payload sections of record B2; Para. 0058: the hash value of the GEN record is calculated by the audit service provider and needs to coincide with the value hash B1 in record B2, the hash value of record B2 is calculated and needs to coincide with hash B2 stored in record B3); compare said new hash value to the originally possessed expected hash value (Grefen: Para. 0096: The escrow service 36 performs a comparison of the two payload stripped representations of the blockchain, the payload stripped stream 42 retrieved from the Hash Value Store (step 1) and the one created from the audit blockchain stored in the Blockchain Store 46. They need to match with regards to record content and topology of the subset; If the test performed in step 3. passed, or at least for a set of maximal subchain of the payload stripped streams, starting at the genesis record, a verification of hash values will be performed for the corresponding subchains of the copy of the blockchain 42 in the Blockchain Store 44); and validate the content of the data block according to said comparison (Grefen:  Para. 0096: The escrow service 36 performs a comparison of the two payload stripped representations of the blockchain, the payload stripped stream 42 retrieved from the Hash Value Store (step 1) and the one created from the audit blockchain stored in the Blockchain Store 46. They need to match with regards to record content and topology of the subset; If the test performed in step 3. passed, or at least for a set of maximal subchain of the payload stripped streams, starting at the genesis record, a verification of hash values will be performed for the corresponding subchains of the copy of the blockchain 42 in the Blockchain Store 44).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to modify the system disclosed by the combination to include read the content of the said data block; apply a hashing function to the said read content, to obtain a new hash value; compare said new hash value to the originally possessed expected hash value; and validate the content of the data block according to said comparison as disclosed by Grefen. One of ordinary skill 
Regarding claim 14 and 7, combination of Maturana and Grefen teaches the system of claim 8. In addition, Maturana further teaches wherein the said first inspector computer module is further configured to emit an alert to a front end computer upon failure of said validation (Maturana: Para. 0067: The cloud-based broker system is designed to notify application-level experts—via client devices 616—of events and anomalies that emerge from the industrial processes being monitored. These notifications can alert supervisors and system managers of potentially harmful or otherwise detrimental situations occurring in the production lines or devices, so that corrective measures can be taken in an organized manner). 
Claim 5 and 12 are rejected under 35 U.S.C. 103 as being unpatentable over Maturana in view of Grefen, and further in view of Antonopoulos, “Mastering bitcoin”.
Regarding claim 12 and 5, combination teaches the system of claim 8. In addition, Maturana teaches emitting an alert to a front end computer upon detection of potential situation (Maturana: Para. 0067: The cloud-based broker system is designed to notify application-level experts—via client devices 616—of events and anomalies that emerge from the industrial processes being monitored. These notifications can alert supervisors and system managers of potentially harmful or otherwise detrimental situations occurring in the production lines or devices, so that corrective measures can be taken in an organized manner). 
Yet, the combination does not teach the potential situation is missing data block. 
However, in the same field of endeavor, Antonopoulos teaches the potential situation is missing data block (Antonopoulos: Page 149: This process of comparing the local blockchain with the peers and retrieving any missing blocks happens any time a node goes offline for any period of time. Whether a node has been offline for a few minutes and is missing a few blocks, or a month and is missing a few thousand blocks, it starts by sending getblocks, gets an inv response, and starts downloading the missing blocks).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to modify the system disclosed by the combination to include the potential situation is missing data block as disclosed by Antonopoulos. One of ordinary skill in the art would have been motivated to make this modification in order to identify missing records as suggested by Antonopoulos (Antonopoulos: Page 149). 

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Carl, US20150262185: data validation/verification, smart card
Nixon et al., US20170102678: plant data collection/analyze, anomalies discovery, alert/alarm
ClueBot NG, https://en.wikipedia.org/w/index.php?title=HTTPS&oldid=643655317; 01/22/2015: short term session key for each HTTPs/TLS session.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to LIN CHANG whose telephone number is (571)272-9998.  The examiner can normally be reached on Monday-Thursday 9AM-6PM EST Friday: Variable.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi Arani can be reached on (571)-272-3787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.



/L.C./Examiner, Art Unit 2438                                                                                                                                                                                                                                                                                                                                                                                                  /TAGHI T ARANI/Supervisory Patent Examiner, Art Unit 2438