DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .


Allowable Subject Matter
Claims 5, 7 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-4, 6, 8-10 are rejected under 35 U.S.C. 103 as being unpatentable over Wang et al (For. Pub. No. CN 104778141) (from Applicant’s IDS) in view of Lin et al (For. Pub. No CN 101276297).

As per claim 1, Wang discloses a security processing unit of PLC, comprising: a bus arbitration chip used to allocate bus resources (…a TPCM module based on a control system, including an internal bus and a bus arbitration management unit…see par. 9); a trusted chip used to provide a root of trust for measurement, a root of trust for storage, and a root of trust for reporting (…the trusted operating system kernel measures the integrity of the software protocol stack…see par. 23…the program memory provides storage space for running programs and data…see par. 46-47…data transmission function between TPCM and external system resources…see par. 49). Wang does not explicitly disclose a system storage chip used to save a start guidance file, an operating system kernel and an upper-layer application code; and a system backup chip used to save the backup start guidance file, operating system kernel and upper-layer application code. However Lin discloses a system storage chip used to save a start guidance file, an operating system kernel and an upper-layer application code (…the FLASH is connected to the controller through the chip select signal line, and is used to store the startup code data file…see par. 151-153); a system backup chip used to save the backup start guidance file, operating system kernel and upper-layer application code (…storing an extra copy of the system startup code.to make a backup when the startup code…see par. 151-155). Therefore one ordinary skill in the art would have found it obvious before the effective filling date of the claimed invention to use Lin in Wang for including the above limitations because one ordinary skill in the art would recognize it would further improve the reliability of the processor system…when the processor system cannot be started normally and also to restore the damaged FLASH through the processor system after the start is completed…see Lin, par. 145-149.


As per claim 2, the combination of Wang and Lin discloses wherein the bus arbitration chip conducts bus arbitration on the bus resources; and when a plurality of PLC hardware platforms, trusted chips, system storage chips and system backup chips simultaneously occupy a shared bus to conduct data communication, the bus arbitration chip determines the use right of the bus resources (Wang: see par. 35).


As per claim 3, the combination of Wang and Lin discloses wherein the trusted chip stores the root of trust for measurement, the root of trust for storage, and the root of trust for reporting; the root of trust for measurement is used to measure the guidance file, the operating system kernel and the upper-layer application; the root of trust for storage is used to conduct the work of key production, key management, encryption and decryption to protect all keys and measurement information entrusted to the root of trust for storage; and the root of trust for reporting is used to allow a verified challenger to acquire data in a region protected by the trusted chip and to confirm validity of the data with signature keys (Wang: see par. 45-50, 63).


As per claim 4, the combination of Wang and Lin discloses wherein the trusted chip adds an encryption module drive between a page high-speed caching layer and a common block layer which reserve a file system structure of an original system; and an encryption process is transparent for an upper-layer user, the data structure of the file system is not modified and the access process of the encrypted file by the user is not changed (Wang: see par. 17).




As per claim 6, the combination of Wang and Lin discloses wherein the system backup chip is used to conduct integrity checking on the guidance file, the system kernel and the upper-layer application before the security processing unit starts PLC; and if checking is not passed, contents are regarded to have been tampered and system recovery is needed (Lin: see par. 145-149). The motivation for claim 6 is the same motivation as in claim 1 above.


As per claim 8, the combination of Wang and Lin discloses comprising the following steps: a) activating a bus arbitration chip after the security processing unit is electrified; b) acquiring a bus control right of the system storage chip by the bus arbitration chip; c) reading the start guidance file, the operating system kernel and upper-layer application data in the system storage chip to Nand Flash buffer module in the bus arbitration chip; d) acquiring the control right of the trusted chip by the bus arbitration chip, and measuring the integrity of the guidance file, the operating system kernel and the upper-layer application by the root of trust for measurement of the trusted chip; e) if the measurement is trusted, acquiring the bus control right by the PLC hardware platform, reading the data of the Nand Flash buffer module, decrypting and loading into a memory, and starting the system; and f) if the measurement fails, recovering the system data and guiding again (Lin: see par. 151-155). The motivation for claim 8 is the same motivation as in claim 1 above.


As per claim 9, the combination of Wang and Lin discloses wherein the root of trust for measurement of the trusted chip measures the integrity of the guidance file, the operating system kernel and the upper-layer application through the following steps: a) reading a data block; b) verifying a signature using an authentication key in a data block signature certificate; and c) returning a trusted result if verification is trusted; and stopping guiding if verification fails (Wang: see par. 49-53, 58-60).


As per claim 10, the combination of Wang and Lin discloses wherein the bus arbitration method also comprises a backup recovery method; when the system of the PLC hardware platform is started, the bus arbitration chip in the security processing unit is in a main control status; when starting, if the content in the system storage chip does not pass the verification, the bus arbitration chip issues a command and occupies the bus; backup recovery steps are as follows: a) reading backup content from the system backup chip; b) writing the backup content in the Nand Flash buffer module of the bus arbitration chip; c) copying the data in the buffer module into the system storage chip; d) setting write protection of the system storage chip by the bus arbitration chip to ensure that the information in the system storage chip is not modified and the size and the storage base address are set in the bus arbitration chip without being disclosed; and e) giving the bus control right to the system storage chip by the bus arbitration chip and guiding the system again after system recovery is completed (Lin: see par. 145-149, 151-155). The motivation for claim 10 is the same motivation as in claim 1 above.






Conclusion
(see PTO-form 892).

The following Patents and Papers are cited to further show the state of the art at the time of Applicant’s invention with respect to data integrity and signature verification.

Lee (Pub. No. US 2015/0331407); “Apparatus for program management of programmable logic controller”;
-Teaches a device configured to manage a program applicable by a user to a PLC (see par. 25-28).

McNutt (Pat. No. US 7134118); Re-programmable flash memory micro controller as programmable logic controller; 
-Teaches physically separable units include a program execution device to sequencing through the user logic program which provides programmability function (see col. 1 lines 55-61).

Any inquiry concerning this communication or earlier communications from the examiner should be directed to GHAZAL B SHEHNI whose telephone number is (571)270-7479.  The examiner can normally be reached on Mon-Fri 9am-5pm PCT.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on 5712724219.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/GHAZAL B SHEHNI/Primary Examiner, Art Unit 2436