Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

This action is in response to a request for continued examination filed 3/10/21.
Claims 1-20 are pending.

Response to Arguments
Applicant's arguments have been fully considered but they are not persuasive. 
While Madrid describes that “[a] controller 118 may use the signature verification key 138 to generate a controller signature and may further verify that the signature included with the downloaded signed software updates 102 matches the signature generated by the vehicle controller 118,” Madrid ¶ [0038], Madrid also discusses that the “signature verification key 138” is only generated by “update server 112 ... for distribution to the one or more vehicle controllers,” Madrid ¶ [0037] (emphases added), which does not constitute “[a] controller [that is] configured to: compute a second signature value based on the second version of code,” as recited by claim 1 (emphases added). Moreover, even though Madrid discusses how “the update server 112 may perform the operations of the signer 202 on the software update 102 before providing the signed software update 102' to the vehicle 104,” Madrid ¶ [0036] (emphasis added), this does not constitute “performing a signature operation on the generated line-of-code behavior and relation model” where “the signature operation [is] based on at least a configuration of the symbol relationships,” as recited by amended claim 1. (1st full par. on pg. 10)

The examiner respectfully disagrees. Madrid discloses computing a first signature value of the second code at the server (par. [0037] “The update server 112 may … sign one or more portions of the software update file 102”), and a second signature value of the second code at the controller (see e.g. par. [0038] “The vehicle controller 118 may … generate a controller signature”). Further, in view of the teachings Aditham, it would have been obvious to compute these signature values on a “generated line of code behavior and relation mode … based on at 

Aditham fails to cure these deficiencies of Madrid and is deficient in other respects as well. For example, even though Aditham describes that “the control-flow of each process running on a node in the big data cluster is locally analyzed,” Aditham ¶ [0152], and that “[a] control-flow graph 1802 [that] is a directed graph representation of a program and usually a sparse graph,” Aditham ¶ [0153], it fails to disclose “performing a functional analysis of the second version of code to determine at least two functions and at least one relationship between the at least two functions, the functional analysis comprising at least one of a static or dynamic analysis process” and “constructing, based on the functional analysis, a line-of-code behavior and relation model representing execution of functions of the second version of code on the controller and comprising a plurality of symbols having functional profiles describing respective functional impacts and symbol relationships describing influences between at least a portion of the symbols, the functional profiles describing influences between at least a portion of the symbols and symbol relationships,” as recited by amended claim 1 (emphases added). The remaining cited references fail to cure these deficiencies of Madrid and Aditham. (par. bridging pp. 10-11)

Initially it is noted that Aditham discloses embodiments in which the CFG is created both statically and dynamically (e.g. par. [0096] “determined ahead of time using static CFG”, par. [0151] “Tracing application to get their CFG”). Further, the construction of the CFG analyses the functionality of the code and thus falls within a reasonably broad understanding of the claimed “functional analysis”. Finally, the CFG describes “branches” in the code (see e.g. par. [0153] “Edges in CFG 1802 represent … [b]ranch instructions”). Such branches dictate the functionality of the code (i.e. which block is executed next) and thus describe a “functional impact” of the branch and “symbol relationship” between the branch and following blocks (note that applicant defines “symbols” to include e.g. “segments of code [and] functional block[s]”, see par. [0233]).

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claims 1-2, 6-8, 11-17 and 20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract mental process without significantly more. 
Claim 1 recites: 
1. (Currently Amended) A non-transitory computer readable medium including instructions that, when executed by at least one processor, cause the at least one processor to perform operations for analyzing software delta changes based on functional line-of-code behavior and relation models, comprising: 
identifying a prompt to change a first version of code on a controller to a second version of code; 
performing a functional analysis of the second version of code to determine at least two functions and at least one relationship between the at least two functions, the functional analysis comprising at least one of a static or dynamic analysis process; 
constructing, based on the functional analysis, a line-of-code behavior and relation model representing execution of functions of the second version of code on the controller and comprising a plurality of symbols having functional profiles describing respective functional impacts and symbol relationships describing influences between at least a portion of the symbols, the functional profiles describing influences between at least a portion of the symbols and symbol relationships; 
performing a signature operation on the generated line-of-code behavior and relation model to produce a first signature value, the signature operation being based on at least a configuration of the symbol relationships; and 
sending the first signature value to the controller; 
wherein the controller is configured to: 
compute a second signature value based on the second version of code; 
compare the first signature value to the second signature value; and
determine, based on the comparison, whether to validate the second version of code.

This describes a process that covers performance of the limitations in the human mind; for example, a human analyzing source code (i.e. “performing a functional analysis …”) to 
This judicial exception is not integrated into a practical application because the additional elements (i.e. “non-transitory computer readable medium including instructions”, “sending … to the controller”) are recited only at a high level of generality and thus amount to no more than an instruction to implement the abstract idea with general purpose computing components. 
The claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception for the reasons discussed above.
Claims 2, 6-8, and 11-12 further describe the abstract idea without introducing additional elements and thus are also directed to an abstract idea and do not recite additional element sufficient to integrate the abstract idea into a practical application or amount to significantly more than the abstract idea.
Claim 13 recites a “computer-implemented method” comprising performing the abstract idea recited in claim 1 and is thus also directed to an abstract idea. Further, the additional elements (i.e. “a computer … sending … to the controller”) do not integrate the abstract idea into a practical application or amount to significantly more as discussed in conjunction with claim 1.
Claims 14-17 and 20 further describe the abstract idea without introducing additional elements and thus are also directed to an abstract idea and do not recite additional element 

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 3-9, 11-13, 15-18 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over US 2018/0217828 to Madrid et al. (Madrid) in view of US 2019/0089720 to Aditham et al. (Aditham).

Claims 1 and 13: Madrid discloses a non-transitory computer readable medium including instructions that, when executed by at least one processor, cause the at least one processor to perform operations for analyzing software delta changes (here the term “delta changes” is considered to recite a non-limiting intended use, note for example that claim 2 explicitly recites 
identifying a prompt to change a first version of code on a controller to a second version of code (par. [0033] “the response … indicates the software updates 102 are available”); 
performing a signature operation on the second version of code to produce a first signature value (par. [0037] “The update server 112 may generate the signature key 130 and corresponding signature verification key 138 … sign one or more portions of the software update file 102”); and 
sending the first signature value to the controller par. [0037] “download and send the signed software updates 102’ to the corresponding controllers 118”); 
wherein the controller is configured to:
compute a second signature value based on the second version of code (par. [0038] “The vehicle controller 118 may use the signature verification key 138 to generate a controller signature”);
compare the first signature value to the second signature value (par. [0038] “verify that the signature included with the download signed software updates 102’ matches”); and
determine, based on the comparison, whether to validate the second version of code (par. [0038] “verify that the signature included with the download signed software updates 102’ matches”).

Madrid does not explicitly disclose 

constructing, based on the functional analysis, a line-of-code behavior and relation model representing execution of functions of the second version of code on the controller and comprising a plurality of symbols having functional profiles describing respective functional impacts and symbol relationships describing influences between at least a portion of the symbols; and
performing the signature operation on the generated line-of-code behavior and relation model, the signature operation being based on at least a configuration of the symbol relationships.

Aditham teaches:
performing a functional analysis of a version of code to determine at least two functions and at least one relationship between the at least two functions (par. [0153] “Vertices in a CFG 1802 give the level of detail, such as, instruction-level or basic block level … Edges in CFG 182 represent control jumps”, here the instructions/basic bocks describe the functionality of the code and the jumps represent relationships between them), the functional analysis comprising at least one of a static or dynamic analysis process (e.g. par. [0096] “determined ahead of time using static CFG”, static analysis, par. [0151] “Tracing application to get their CFG” dynamic analysis);

performing a signature operation on the generated line-of-code behavior and relation model, the signature operation being based on at least a configuration of the symbol relationships (par. [0173] “generating the process signature comprises … creating the hash according to the one or more minimum spanning trees”).

It would have been obvious to perform a functional analysis to construct a line-of-code behavior and relation model (Aditham par. [0173] “creating a control flow graph of the process”) on the second versions of the code (Madrid par. [0033] “the response … indicates the software updates 102”) and to compare the results of first and second signature operations (Madrid par. [0038] “a controller signature and … the signature included with the download signed software updates 102’). Those of ordinary skill in the art would have been motivated to do so as a known means of identifying corrupted / malicious code (see e.g. Aditham par. [0173] “attack detection”).

Claim 3: Madrid and Aditham teach claim 1, wherein the controller is further configured to, based on the validation, execute the second version of code on the controller (Madrid par. [0038] “install the received software updates 102 in response to detecting that the … signatures match”).

Claim 4: Madrid and Aditham teach claim 1, wherein the controller is further configured to, based on the validation, prevent execution of the second version of code on the controller (Madrid par. [0038] “If the … signatures do not match, … send an error notification”).

Claim 5: Madrid and Aditham teach claim 4, wherein the controller is further configured to, based on the validation, notify a remote source associated with the second version of code (Madrid par. [0038] “If the … signatures do not match, … send an error notification”, it would at least have been obvious to send this notification to the “update server 112” so that the issue can be corrected).

Claim 6: Madrid and Aditham teach claim 1, wherein the second version of code is deployed subsequent to the first version of code (par. [0038] “software updates 102”).

Claims 7 and 16: Madrid and Aditham teach the non-transitory computer readable medium of claims 1 and 13, wherein: 
the line-of-code behavior and relation model is a first line-of-code behavior and relation model (par. [0037] “par. [0037] “The update server 112 may generate the signature key 130 
the computing of the second signature value comprises constructing, based on the identified prompt, a second line-of-code behavior and relation model representing execution of functions of the controller based on the second version of code (Madrid par. [0038] “The vehicle controller 118 may use the signature verification key 138 to generate a controller signature”, Aditham par. [0173] “creating a control flow graph of the process”).

Claims 8 and 17: Madrid and Aditham teach claims 7 and 16, wherein the second signature value is computed by using the signature operation (Aditham par. [0173] “generating the process signature comprises … creating the hash according to the one or more minimum spanning trees”).

Claims 9 and 18: Madrid and Aditham teach claims 7 and 16, wherein at least one of the first or second line-of-code behavior and relation models was generated dynamically based on data associated with real-time operations of the controller (Aditham par. [0151] “Tracing application to get their CFG”).

Claim 11: Madrid and Aditham teach claim 1, wherein the signature operation is based on an identifier of the controller (Madrid par. [0028] “indexed according to the vehicle controller 118”).

Claims 12 and 20: The non-transitory computer readable medium of claim 1, 13, wherein the signature operation is based on a type, function, version of software, sensitivity value, age, or processing capacity of the controller (Madrid par. [0028] “indexed according to the vehicle controller 118”).

Claim 15: Madrid and Aditham teach the computer-implemented method of claim 13, wherein performing the functional analysis comprises splitting the second version of code according to functional effects of segments of the second version of code or functional relationships between the segments (Aditham par. [0173] “extracting one or more minimum spanning trees”).

Claims 2 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over US 2018/0217828 to Madrid et al. (Madrid) in view of US 2019/0089720 to Aditham et al. (Aditham) in view of US 2017/0322796 to Kim et al. (Kim).

Claims 2 and 14: Madrid and Aditham teach claims 1 and 13, but do not disclose wherein the prompt comprises a delta file.

Kim teaches a prompt comprising a delta file (par. [0010] “an update manager for receiving delta information”). 

. 

Claims 10 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over US 2018/0217828 to Madrid et al. (Madrid) in view of US 2019/0089720 to Aditham et al. (Aditham) in view of US 2020/0125475 to Iyer et al. (Iyer).

Claims 10 and 19: Madrid and Aditham teach claims 7 and 16, wherein the first and second line-of-code behavior and relation models were generated dynamically based on data associated with real-time operations of the controller (Aditham par. [0151] “Tracing application to get their CFG”).

Madrid and Aditham do not teach wherein the first and second line-of-code behavior and relation models were generated dynamically based on data associated with real-time operations of the controller, the data being limited based on a group of parameters set remotely from the controller.

Iyer teaches dynamically generating a line-of-code behavior and relation model based on data associated with real-time operations of the controller (par. [0008] “dynamically generate … sections of a control flow graph”), the data being limited based on a group of parameters (par. 

It would have been obvious to generate the first or second line-of-code behavior and relation models (Aditham par. [0173] “creating a control flow graph of the process”) dynamically based on data associated with rea-time operations (Iyer par. [0008] “dynamically generate … sections of a control flow graph”). Those of ordinary skill in the art would have been motivated to do so as a known alternate method which would have provided details regarding the execution of the program (see e.g. Iyer par. [0007]). 

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JASON D MITCHELL whose telephone number is (571)272-3728.  The examiner can normally be reached on Monday through Thursday 7:00am - 4:30pm and alternate Fridays 7:00am 3:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lewis Bullock can be reached on (571)272-3759.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.







/JASON D MITCHELL/Primary Examiner, Art Unit 2199