DETAILED ACTION
This office action is in response to the application filed on 10/8/2019.  Claim(s) 1-20 is/are pending and are examined.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
Information Disclosure Statement PTO-1449
The Information Disclosure Statement(s) submitted by applicant on 10/8/2019 has/have been considered. The submission is in compliance with the provisions of 37 CFR § 1.97. Form PTO-1449 signed and attached hereto. 
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.

(a)(2) the claimed invention was described in a patent issued under section 151 , or in an application for patent published or deemed published under section 122(b) , in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claim(s) 1-3, 6-13, and 16-19 is/are rejected under AIA  35 U.S.C. 102(a)(1) and 35 USC 102(a)(2) as being anticipated by Cohen et al. (US 2005/0193430 A1).  

Regarding claims 1 and 11, Cohen teaches:
“A cybersecurity analyzing system for assessing potential cybersecurity threats to a subject system, the system comprising: 	a computing device comprising at least one processor in communication with at least one memory device (Cohen, ¶ 16 teaches a computerized device to utilizing instructions stored on medium to execute the method steps), wherein the at least one processor is programmed to: 	receive a subject system to analyze (Cohen, Fig. 4, ¶ 74 discloses network to analyze for vulnerabilities. Cohen, ¶ 27-32, and 46, further describes the information gathering process for various computing entities); 	determine a potential hazard event associated with the subject system (Cohen, ¶ 84 attacker could potentially shutdown application and web servers); 	generate an attack graph associated with the potential hazard event, wherein the attack graph includes a plurality of actions (Cohen, ¶ 75-81 describe the process to build an attack graph to gain full access of the servers.  Cohen, ¶ 37, and 47-48 the graph traversal of the nodes connection nodes with edges representing actions that when complete creates a semantic attack graph of for a group of connected assets being analyzed); 	determine an exploitability score for each of the plurality of actions (Cohen, ¶ 55, during the analysis of simulation results, the difficulty level of executing an attack is determined as well as the frequency of a vulnerability being exploited); 	determine an uncertainty level for each of the plurality of actions based on the corresponding exploitability score (Cohen, ¶ 55 further during the analysis of simulation results a total probability for a given attack is determined for each of the possible ); 	aggregate the plurality of actions including the corresponding exploitability scores and the corresponding uncertainty levels to determine one or more vulnerabilities of the subject system (Cohen, ¶ 55-56 all of the probability information is combined with the impact information to determine the ordinal risk of a given system to various vulnerabilities); and 	generate a response to the one or more vulnerabilities of the subject system (Cohen, ¶ 82-84 discloses performing a priorities mitigation of the discovered vulnerabilities)”.

Regarding claims 2 and 12, Cohen teaches:
“The system of Claim 1 (Cohen teaches the limitations of the respective parent claims as discussed above), wherein the subject system to analyze is at least one of a computer or a computer network (Cohen, Fig. 4, ¶ 74 discloses network to analyze for vulnerabilities)”.

Regarding claims 3 and 13, Cohen teaches:
“The system of Claim 1 (Cohen teaches the limitations of the respective parent claims as discussed above), wherein the exploitability score represents an adversary ability level to perform the corresponding action (Cohen, ¶ 55, during the analysis of simulation results, the difficulty level of executing an attack is determined as well as the frequency of a vulnerability being exploited)”.


Regarding claims 6 and 16, Cohen teaches:
“The system of Claim 1 (Cohen teaches the limitations of the respective parent claims as discussed above), wherein the at least one processor is further programmed to: 	determine a plurality of potential hazard events for the subject system (Cohen, ¶ 84 attacker could potentially shutdown application and web servers as well as conduct denial of service attacks); 	generate a plurality of attack graphs based on each of the plurality of potential hazard events (Cohen, ¶ 75-81 describe the process to build an attack graph to gain full access of the servers in various states.  Cohen, ¶ 37, and 47-48 the graph traversal of the nodes connection nodes with edges representing actions that when complete creates a semantic attack graph of for a group of connected assets being analyzed); and 	aggregate the plurality of actions for each of the plurality of attack graphs based on the corresponding plurality of exploitability scores (Cohen, ¶ 55-56 all of the probability information is combined with the impact information to determine the ordinal risk of a given system to various vulnerabilities) and the corresponding plurality of uncertainty levels to determine one or more vulnerabilities of the subject system (Cohen, ¶ 55-56 all of the probability information is combined with the impact information to determine the ordinal risk of a given system to various vulnerabilities)”.

Regarding claim 7, Cohen teaches:
“The system of Claim 1 (Cohen teaches the limitations of the respective parent claims as discussed above), wherein the attack graph includes a plurality of attack paths, and wherein each attack path includes one or more actions from the plurality of actions (Cohen, ¶ 75-81 describe the process to build an attack graph to gain full access of the servers.  Cohen, ¶ 37, and 47-48 the graph traversal of the nodes connection nodes with edges representing actions that when complete creates a semantic attack graph of for a group of connected assets being analyzed)”.

Regarding claim 8, Cohen teaches:
“The system of Claim 7 (Cohen teaches the limitations of the respective parent claims as discussed above), wherein the at least one processor is further programmed to aggregate each of the plurality of attack paths based on the one or more actions associated with the corresponding attack path (Cohen, ¶ 55-56 all of the probability information is combined with the impact information to determine the ordinal risk of a given system to various vulnerabilities)”.

Regarding claims 9 and 18, Cohen teaches: 
“The system of Claim 7 (Cohen teaches the limitations of the respective parent claims as discussed above), wherein the one or more vulnerabilities are based on at least one of the plurality of attack paths (Cohen, ¶ 75-81 describe the process to build an attack graph to gain full access of the servers.  Cohen, ¶ 37, and 47-48 the graph traversal of the nodes connection nodes with edges representing actions that when complete creates a semantic attack graph of for a group of connected assets being analyzed)”.

Regarding claims 10 and 19, Cohen teaches:
The system of Claim 1 (Cohen teaches the limitations of the respective parent claims as discussed above), wherein each of the plurality of actions are adversarial actions (Cohen, ¶ 75-81 describe the process to build an attack graph to gain full access of the servers.  Cohen, ¶ 37, and 47-48 the graph traversal of the nodes connection nodes with edges representing actions that when complete creates a semantic attack graph of for a group of connected assets being analyzed)”.

Regarding claim 17, Cohen teaches:
“The method of Claim 11 (Cohen teaches the limitations of the respective parent claims as discussed above), wherein each attack graph of the plurality of attack graphs includes a plurality of attack paths, wherein each attack path includes one or more actions of the plurality of actions (Cohen, ¶ 75-81 describe the process to build an attack graph to gain full access of the servers.  Cohen, ¶ 37, and 47-48 the graph traversal of the nodes connection nodes with edges representing actions that when complete creates a semantic attack graph of for a group of connected assets being analyzed), and 	wherein the method further comprises aggregating each of the plurality of attack paths based on the one or more actions associated with the corresponding attack path (Cohen, ¶ 55-56 all of the probability information is combined with the impact information to determine the ordinal risk of a given system to various vulnerabilities)”.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed 

Claim(s) 4, and 14 is/are rejected under 35 U.S.C. 103 as being unpatentable over Cohen in view of Li (US 2017/0098087 A1).

Regarding claims 4 and 14, Cohen teaches:
“The system of Claim 1 (Cohen teaches the limitations of the respective parent claims as discussed above)”.
Cohen does not, but in related art, Li teaches:	“wherein the uncertainty level represents a confidence level associated with the determination of the exploitability score (Li, ¶ 39 teaches determining the exploitatively of a malicious action during a test as well as the corresponding confidence level of the report)”.
Before applicant’s earliest effective filing it would have been obvious to one of ordinary skill in the art, having the teachings of Cohen and Li, to modify the semantic attack graph methodology of Cohen to include the method to determine the confidence of exploitability in attack testing scenarios as taught in Li.  The motivation to do so constitutes applying a known technique (i.e., method to evaluate mitigation strategies on the attack graph) to known devices and/or methods (i.e., the particular ontology on edges in attack graphs) ready for improvement to yield predictable results.

Claim(s) 5 and 15 is/are rejected under 35 U.S.C. 103 as being unpatentable over Cohen, in view of Chen et al. (US 2009/0077666 A1).
Regarding claims 5 and 15, Cohen teaches:
“The system of Claim 1 (Cohen teaches the limitations of the respective parent claims as discussed above), wherein the at least one processor is further programmed to: 	determine one or more countermeasures based on the one or more vulnerabilities (Cohen, ¶ 82-84 discloses performing a priorities mitigation of the discovered vulnerabilities)”.
Cohen does not, but in related art, Chen teaches:	“apply the one or more countermeasures to the attack graph (Chen, Figs. 3 and 9, ¶ 86, and 104 disclose applying countermeasures to the attack graph); and 	aggregate the plurality of actions based on the one or more countermeasures (Chen, Figs. 3 and 9, ¶ 86, and 104 disclose applying countermeasures to the attack graph and determining the effect of the countermeasures on the attack graph)”.
	Before applicant’s earliest effective filing it would have been obvious to one of ordinary skill in the art, having the teachings of Cohen and Chen, to modify the semantic attack graph methodology of Cohen to include the method to evaluate mitigation strategies on the attack graph as taught in Chen.  The motivation to do so constitutes applying a known technique (i.e., method to evaluate mitigation strategies on the attack graph) to known devices and/or methods (i.e., the particular ontology on edges in attack graphs) ready for improvement to yield predictable results. 

Claim(s) 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Cohen in view of Li in view of Chen.
Regarding claim 20, Cohen teaches:
	“A non-transitory computer-readable media having computer- executable instructions embodied thereon, wherein, when executed by at least one processor coupled to a memory device (Cohen, ¶ 16 teaches a computerized device to utilizing instructions stored on medium to execute the method steps), the computer-executable instructions cause the processor to: 	receive a subject system to analyze (Cohen, Fig. 4, ¶ 74 discloses network to analyze for vulnerabilities. Cohen, ¶ 27-32, and 46, further describes the information gathering process for various computing entities), wherein the subject system to analyze is at least one of a computer or a computer network (Cohen, Fig. 4, ¶ 74 discloses network to analyze for vulnerabilities); 	determine a potential hazard event associated with the subject system (Cohen, ¶ 84 attacker could potentially shutdown application and web servers); 	generate an attack graph associated with the potential hazard event, wherein the attack graph includes a plurality of actions (Cohen, ¶ 75-81 describe the process to build an attack graph to gain full access of the servers.  Cohen, ¶ 37, and 47-48 the graph traversal of the nodes connection nodes with edges representing actions that when complete creates a semantic attack graph of for a group of connected assets being analyzed); 	determine an exploitability score for each of the plurality of actions (Cohen, ¶ 55, during the analysis of simulation results, the difficulty level of executing an attack is determined as well as the frequency of a vulnerability being exploited), wherein the exploitability score represents an adversary ability level to perform the corresponding actions (Cohen, ¶ 55, during the analysis of simulation results, the difficulty level of ); 	determine an uncertainty level for each of the plurality of actions based on the corresponding exploitability score (Cohen, ¶ 55 further during the analysis of simulation results a total probability for a given attack is determined for each of the possible endpoints of an attack and their respective attack actions); 	aggregate the plurality of actions including the corresponding exploitability scores and the corresponding uncertainty levels to determine one or more vulnerabilities of the subject system (Cohen, ¶ 55-56 all of the probability information is combined with the impact information to determine the ordinal risk of a given system to various vulnerabilities); 	determine one or more countermeasures based on the one or more vulnerabilities (Cohen, ¶ 82-84 discloses performing a priorities mitigation of the discovered vulnerabilities);  and 	generate a response to the one or more vulnerabilities of the subject system (Cohen, ¶ 82-84 discloses performing a priorities mitigation of the discovered vulnerabilities)”.	Cohen does not, but in related art, Li teaches:	“wherein the uncertainty level represents a confidence level associated with the determination of the exploitability score (Li, ¶ 39 teaches determining the exploitatively of a malicious action during a test as well as the corresponding confidence level of the report)”.
Before applicant’s earliest effective filing it would have been obvious to one of ordinary skill in the art, having the teachings of Cohen and Li, to modify the semantic constitutes applying a known technique (i.e., method to evaluate mitigation strategies on the attack graph) to known devices and/or methods (i.e., the particular ontology on edges in attack graphs) ready for improvement to yield predictable results.
Cohen in view of Li does not, but in related art, Chen teaches:	“apply the one or more countermeasures to the attack graph (Chen, Figs. 3 and 9, ¶ 86, and 104 disclose applying countermeasures to the attack graph); and 	aggregate the plurality of actions based on the one or more countermeasures (Chen, Figs. 3 and 9, ¶ 86, and 104 disclose applying countermeasures to the attack graph and determining the effect of the countermeasures on the attack graph)”.
	Before applicant’s earliest effective filing it would have been obvious to one of ordinary skill in the art, having the teachings of Cohen, Li and Chen, to modify the semantic attack graph methodology of Cohen and Chen to include the method to evaluate mitigation strategies on the attack graph as taught in Chen.  The motivation to do so constitutes applying a known technique (i.e., method to evaluate mitigation strategies on the attack graph) to known devices and/or methods (i.e., the particular ontology on edges in attack graphs) ready for improvement to yield predictable results. 

Conclusion
	In the case of amending the claimed invention, Applicant is respectfully requested to indicate the portion(s) of the specification which dictate(s) the structure relied on for proper interpretation and also to verify and ascertain the metes and bounds of the claimed invention.
: See PTO-892.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to STEPHEN GUNDRY whose telephone number is (571)270-0507 and can normally be reached on Monday - Friday 8:30 AM - 5PM EST.
	If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joseph Hirl can be reached on (571) 272-3685.  The fax phone number for the organization where this application or proceeding is assigned is (571) 273-8300.
	Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at (866) 217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call (800) 786-9199 (IN USA OR CANADA) or (571) 272-1000.
/STEPHEN T GUNDRY/Examiner, Art Unit 2435