DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This written action is in response to the Applicant’s communication dated 03/01/2021.
Claims 1-12 have been submitted for examination.

INFORMATION DISCLOSURE STATEMENT
No additional information disclosure statement (IDS) has been submitted with the instant application.

PRIORITY
The instant application, filed 12/03/2019, is a national stage entry of PCT/IL2018/050858, which claims priority from Provisional Application 62/540,160, filed 08/02/2017.

EXAMINER’S AMENDMENT
An Examiner’s Amendment to the record appears below. Should the changes and/or additions be unacceptable to the Applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this Examiner’s Amendment was provided by the Applicant’s Representative, Andrew Weaver.
The Examiner’s Amendment is as follows:


a. a teleprocessing device coupled with a digital memory; and
b. an Electronic Control Unit (ECU) blocking device;
wherein said digital memory is configured to store one or more message identiﬁers of malicious ECUs to be blocked;
wherein said teleprocessing device is conﬁgured to read a message identiﬁer of each of CAN messages transmitted by ECUs, thereby to identify at least one malicious ECU; and
upon detecting a message transmission by a malicious ECU, said teleprocessing device is configured to activate said ECU blocking device to alter one or more bits in the message to a respective altered bit, wherein the alteration of each bit to the altered bit is performed, respectively, during a ‘bit monitoring’ process of the CAN bus and before the malicious ECU reads back the bit such that the malicious ECU reads back the altered bit and faces a plurality of ‘bit monitoring’ errors, that block the malicious ECU based on the ‘bit monitoring’ process in accordance with the CAN bus protocol.

8. (Amended) A process for preventing cyber security attacks over a Controller Area Network (CAN) bus of a vehicle, the process comprising the steps of: 
a. providing a teleprocessing device; 
b. providing an Electronic Control Unit (ECU) blocking device; 
c. providing a memory storage containing identifiers of at least one malicious ECU to be blocked; 
d. reading identifiers of messages flowing over the CAN bus; 
e. upon detecting a message identifier in a transmitted message that relates to a malicious ECU to be blocked, activating the ECU blocking device to alter one or more following bits of said transmitted message to a respective altered bit, wherein said alteration of each bit is performed during a ‘bit monitoring’ process of the CAN bus and before said malicious ECU reads back the bit such that the malicious ECU reads back the altered bit and faces a plurality of 'bit monitoring errors', that block the malicious ECU based on the ‘bit monitoring’ process in accordance with the CAN bus protocol.

ALLOWED CLAIMS
Claims 1-12 of the instant application are allowed.

REASONS FOR ALLOWANCE
Independent Claims 1 and 8 are allowable based on the remarks and amendments to the Claims. As per Claim 1, the following is an examiner’s statement of reasons for allowance:
The primary reason for the allowance of Claim 1 is the combination of limitations recited, including “the alteration of each bit to the altered bit is performed, respectively, during a ‘bit monitoring’ process of the CAN bus and before the malicious ECU reads back the bit such that the malicious ECU reads back the altered bit and faces a plurality of ‘bit monitoring’ errors, that block the malicious ECU based on the ‘bit monitoring’ process in accordance with the CAN bus protocol”.

The concept of an Electronic Control Unit (ECU) blocking device, as recited in Claim 1, is disclosed in cited prior art reference U.S. PGPub No. 2015/0191135 (Ben Noon). However, the cited reference fails to teach or suggest to activate said ECU blocking device to alter one or more bits in the message to a respective altered bit, wherein the alteration of each bit to the altered bit is performed, respectively, during a ‘bit monitoring’ process of the CAN bus and before the malicious ECU reads back the bit.
During the course of examination, the examiner found these additional references:
U.S. PGPub No. 2011/0231053 (Kuramochi) teaches the altered bit is performed, respectively, during a bit monitoring process of the CAN bus and before the malicious ECU reads back the bit, such that the malicious ECU reads back the altered bit and faces a plurality of ‘bit monitoring’ errors. However, the cited reference fails to at least teach or suggest the ‘bit monitoring’ process in accordance with the CAN bus protocol, as recited in Claim 1.
U.S. Patent 6,886,116 (MacLellan) teaches inverting one or more "1" bits to "0", thereby to force blocking of the message transmission in view of a bit monitoring error of 
U.S. Patent No. 10,142,358 (Bajpai et al.) teaches detecting an invalid packet on a Controller Area Network (CAN) bus. However, the cited reference also fails to at least teach or suggest the ‘bit monitoring’ process in accordance with the CAN bus protocol, as recited in Claim 1.
U.S. PGPub No. 2018/0227306 (Borkowicz et al.) teaches a security gateway module checks CAN bus messages received on the OBD CAN bus, determines whether they should be passed to the internal CAN bus, passes those that it determines should be passed and does not pass those it determines should not be passed. However, the cited reference also fails to at least teach or suggest the ‘bit monitoring’ process in accordance with the CAN bus protocol, as recited in Claim 1.
U.S. PGPub No. 2018/0025156 (Dagan et al.) teaches to identify a first impersonating message, transmitted over a Controller Area Network (CAN) bus by an attacking node that appears to originate from a source other than the attacking node, and transmit a stream of messages over the bus until a defense message belonging to the stream collides with, and trumps, a second impersonating message from the attacking node, thus driving the attacking node into an error-passive state. However, the cited reference also fails to at least teach or suggest the ‘bit monitoring’ process in accordance with the CAN bus protocol, as recited in Claim 1.
U.S. PGPub No. US 2017/0063996 (Kaster) teaches securing a controlled area network (CAN) of a vehicle, where the CAN has a number of electronic control units (ECUs) that control vehicular systems, wherein an on-board diagnostic port of the vehicle is monitored for suspicious activity. However, the cited reference also fails to at least teach or suggest the ‘bit monitoring’ process in accordance with the CAN bus protocol, as recited in Claim 1.
None of the prior art of record, either taken by itself or in any combination, would have reasonably anticipated or made obvious the invention of the present application at or before the time it was effectively 
While the prior art combination does disclose an Electronic Control Unit (ECU) blocking device, no reasonable combination of arts teaches all of the cited limitations, in combination with the rest of the limitations recited in the independent claim, in a way that would have been obvious to one of ordinary skill in the art at the time the invention was effectively filed.
Additional search does not yield any other specific references that, either singularly or in combination with previous cited references, would result in reasonable and proper rejections to all of the feature limitations of the pending independent Claim 1 under 35 U.S.C 102, or 35 U.S.C.103 with proper motivation.
The Applicant’s amendments, in combination with the Examiner’s Amendment above, have overcome the pending objections and prior art rejections. 
Therefore, independent Claim 1 is considered to be allowable. Claims 2-7 depend on the aforementioned independent claim, and therefore are also allowed.
Independent Claim 8 recites limitations comparable to those discussed above with respect to independent Claim 1 and therefore is also considered allowable. Claims 9-12 depend on the aforementioned independent claim, and therefore are also allowed.
Therefore, all of the previous objections and rejections have been removed, and the current Claims 1-12 are in condition for allowance.
Any comments considered necessary by the Applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance”.

CONCLUSION
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Refer to PTO-892, Notice of References Cited, for a listing of analogous art.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to RICHARD W CRUZ-FRANQUI whose telephone number is (313)446-6571.  The examiner can normally be reached on M-F 5:30-2:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on (571)272-8878.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/RICHARD W CRUZ-FRANQUI/Examiner, Art Unit 2498                                                                                                                                                                                                        

/MAHFUZUR RAHMAN/Primary Examiner, Art Unit 2498