DETAILED ACTION
This office action is in response to Amendment filed on Apr. 29, 2021.
Claim 19 has been amended.
Claim 17 has been canceled.
Claims 1-16, and 18-19 are pending in this application.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-4, and 9-16, 19 are rejected under 35 U.S.C. 103 as being unpatentable over by Kim (US Pub. No. 20190087185 A1 hereinafter “Kim”), and in view of Chhabra et al. (US Pub. No. 20150089173 A1 hereinafter “Chhabra”)
Per claim 1
Kim discloses
A software installation method for a device comprising non-volatile memory and access control circuitry to control access to the non-volatile memory based on region defining data defining whether a given region of the non-volatile memory is a less secure region or a more secure region, where the access control circuitry is configured to apply greater restriction on access to a more secure region than to a less secure region ([abstract] “The electronic device includes a memory configured to include a non-secure region operating in a normal world and a secure region operating in a secure world”
installing target software in a target region of the non-volatile memory defined by the region defining data as a less secure region; verifying the target software ([0009] “selectively operate in one of the normal world and the secure world, check integrity of a plurality of code blocks [verify target software] loaded [install] on a first area of the non-secure region [less secure region] while operating in the secure world”)
at least when verification of the target software is successful, and after installation of the target software, change the target region from a less secure region to a more secure region ([0009] “when one of the plurality of code blocks is compromised [successful]: change a memory region corresponding to a compromised code block to a secure region”)
Kim discloses change the target region from a less secure region to a more secure region, but Kim does not disclose updating the region defining data to change the target region from a less secure region to a more secure region.
However, Chhabra discloses
updating the region defining data to change the target region from a less secure region to a more secure region ([0030] “the processor core 140 performs the following in response to the first conversion instruction to convert from non-secure to secure… 4) set the secure bit of the page cache map entry [update the region defining data] to be secure”)
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine teaching of Kim with the teaching of Chhabra to include updating the region defining data to change the target region from a less secure region to a more secure region in order to provide a method to track the status of memory region and in order for a software to know the current status, 

Per claim 2
The rejection of claim 1 is incorporated
Kim further discloses
the target software is verified under control of installer software, where at least one of the installer software and installer software verification information for verifying the installer software is stored in a more secure region of the non-volatile memory ([0013] “The secure region of the memory may further include a firmware integrity check module (FIM) and a hash table corresponding to the plurality of code blocks loaded on the first area”)

Per claim 3
The rejection of claim 2 is incorporated
Kim further discloses
the installer software is installed in a less secure region of the non-volatile memory, and the updating of the region defining data is conditional on the installer software being verified, by bootloader software installed in a more secure region, based on a hash value stored in a more secure region ([0022] “In the checking of the integrity, whether or not the plurality of code blocks are compromised may be identified by comparing hash information of the plurality of code blocks with a hash table of the secure region, while operating in the secure world.” & [0027] “checking integrity of a plurality of code blocks loaded on a first area of a non-secure region of memory while operating in a secure world, and changing a memory region corresponding to a compromised code block to a secure region of memory when one of the plurality of code blocks is compromised”)

Per claim 4
The rejection of claim 3 is incorporated
Kim further discloses
Appl. No. To Be Assignedthe installer software is the only software for which a hash value is stored in the more secure region to enable direct verification by the bootloader software ([0022] “In the checking of the integrity, whether or not the plurality of code blocks are compromised may be identified by comparing hash information of the plurality of code blocks with a hash table of the secure region, while operating in the secure world.”)

Per claim 9
The rejection of claim 1 is incorporated
Kim further discloses
the target software is verified before updating the region defining data ([0009] “selectively operate in one of the normal world and the secure world, check [verify before] integrity of a plurality of code blocks loaded on a first area of the non-secure region while operating in the secure world”) 



The rejection of claim 1 is incorporated
Kim further discloses
the target software is verified after updating the region defining data ([0013] “The secure region of the memory may further include a firmware integrity check module (FIM) and a hash table corresponding to the plurality of code blocks loaded on the first area, and the processor may be further configured to check [verify after] whether or not hashes of the plurality code blocks loaded on the first area are compromised using the FIM and the hash table while operating in the secure world.”)

Per claim 11
The rejection of claim 1 is incorporated
Kim further discloses
the target software is verified both before and after updating the region defining data (see [0009] & [0013])

Per claim 12
The rejection of claim 10 is incorporated
Kim does not disclose 
changing the target region from a more secure region to a less secure region; and preventing execution of software from the target region.
But Chhabra discloses
when the verification of the target software is determined to be unsuccessful after updating the region defining data, the method comprises: changing the target region from a more secure region to a less secure region; and preventing execution of software from the target region ([0031] “the processor core 140 performs the following in response to the second instruction to convert from secure to non-secure…4) invalidate cached page contents from a cache of the processor; 5) set the secure bit of the page cache map entry to be non-secure; and invalidate a translation for the address for the processor core.”)
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine teaching of Kim with the teaching of Chhabra to include changing the target region from a more secure region to a less secure region; and preventing execution of software from the target region in order to perform some instructions to convert page from secure to non-secure.

Per claim 13
The rejection of claim 1 is incorporated
Kim does not disclose
the target software is associated with a verification indicator set to a first value when the target software is installed in the less secure region; when verification of the target software is successful and the region defining data is updated to define the target region as a more secure region, the verification indicator is updated to a second value.
But Chhabra discloses
the target software is associated with a verification indicator set to a first value when the target software is installed in the less secure region ([0060] “On successful execution of EMKSEC, the target page is converted to secure, for example, by setting a secure bit in the EPCM.”); when verification of the target software is successful and the region defining data is updated to define the target region as a more secure region, the verification indicator is updated to a second value ([0067] “On successful execution of EMKREG, the target page is converted to non-secure, for example by clearing the secure bit in the EPCM.”); and execution of the target software is disabled when the verification indicator has the first value [0145] “The processing logic sets the secure bit to be secure (block 512) and invalidates a translation for the address for the processor core (block 514); and the method 500 ends.”)
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine teaching of Kim with the teaching of Chhabra to include the target software is associated with a verification indicator set to a first value when the target software is installed in the less secure region; when verification of the target software is successful and the region defining data is updated to define the target region as a more secure region, the verification indicator is updated to a second value in order to provide a procedure performed by OS to convert a secure page to non-secure page.

Per claim 14
The rejection of claim 1 is incorporated
Kim does not disclose
access to the at least one less secure region is disabled during a verification process for verifying the target software.

access to the at least one less secure region is disabled during a verification process for verifying the target software (See Fig. 5A & [0145] “The processing logic invalidates any cached page contents in a cache corresponding to the convertible page (block 510).  The processing logic sets the secure bit to be secure (block 512) and invalidates a translation for the address for the processor core (block 514); and the method 500 ends.”)
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine teaching of Kim with the teaching of Chhabra to include access to the at least one less secure region is disabled during a verification process for verifying the target software in order to provide a method to ensure that an address of the page to a convertible page and verify a secure bit is set to be non-secure, when the page is to be converted to secure from non-secure.

Per claim 15
The rejection of claim 1 is incorporated
Kim does not disclose
debug access to the non-volatile memory is disabled during verification process for verifying the target software.
But Chhabra discloses
debug access to the non-volatile memory is disabled during a verification process for verifying the target software (See Fig. 5A & [0145] “The processing logic invalidates any cached page contents in a cache corresponding to the convertible page (block 510).  The processing logic sets the secure bit to be secure (block 512) and invalidates a translation for the address for the processor core (block 514); and the method 500 ends.”)
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine teaching of Kim with the teaching of Chhabra to include debug access to the non-volatile memory is disabled during a verification process for verifying the target software in order to provide a method to ensure that an address of the page to a convertible page and verify a secure bit is set to be non-secure, when the page is to be converted to secure from non-secure.

Per claim 16
The rejection of claim 1 is incorporated
Kim further discloses
the non-volatile memory comprises flash memory ([0063] “The memory 110 may be implemented as a non-volatile memory, a volatile memory, a flash-memory, a hard disk drive (HDD), a solid state drive (SSD), or the like.”)

Per claim 18 (Currently Amended)
The rejection of claim 1 is incorporated
Kim further discloses
At least one non-transitory, computer-readable storage medium to store the at least one computer program to control a computer device to perform the method of claim 1 ([0027] “a non-transitory computer-readable recording medium including a program for controlling an electronic device is provided.”)

Per claim 19 
The rejection of claim 1 is incorporated
Kim further discloses
An apparatus comprising: processing circuitry to perform data processing; and data storage storing at least one computer program for controlling the processing circuitry to perform the method ([0027] “The program when executed by at least one processor of the electronic device is configured to perform a control method of the electronic device”)

Claims 5 and 6 are rejected under 35 U.S.C. 103 as being unpatentable over by Kim, and in view of Chhabra and further view of De Atley et al. (US Pub. No. 20090249075 A1 hereinafter “De Atley”)
Per claim 5
The rejection of claim 1 is incorporated
Kim and Chhabra do not disclose
the target software is verified using asymmetric cryptography.
But De Atley discloses
the target software is verified using asymmetric cryptography ([0067] “policy service 210 may authenticate software module 206 by verifying a digital signature of software module 206 using suitable cryptographic techniques such as asymmetric/public key encryption.”
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine teaching of Kim and Chhabra and further including the target software is verified using asymmetric cryptography in order to provide a method of verification of the digital signature helps to ensure that the software code has not been modified since it was digitally signed by the trusted authority.

Per claim 6
The rejection of claim 1 is incorporated
Kim and Chhabra do not disclose
verifying the target software comprises verifying a cryptographic signature associated with the target software.
But De Atley discloses
verifying the target software comprises verifying a cryptographic signature associated with the target software ([0067] “policy service 210 may authenticate software module 206 by verifying a digital signature of software module 206 using suitable cryptographic techniques such as asymmetric/public key encryption.”)
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine teaching of Kim and Chhabra and further including verifying the target software comprises verifying a cryptographic signature associated with the target software as taught by De Atley in order to provide a method of verification of the digital signature helps to ensure that the software code has not been modified since it was digitally signed by the trusted authority.

Claim 7 is rejected under 35 U.S.C. 103 as being unpatentable over by Kim, and in view of Chhabra and further view of Stecher et al. (US Pub. No. 20090019253 A1 hereinafter “Stecher”)
Per claim 7
The rejection of claim 1 is incorporated
Kim and Chhabra do not disclose
when verification of the target software is successful, the region defining data is updated based on a size parameter indicative of a size of the target software.
Stecher discloses 
the region defining data is updated based on a size parameter indicative of a size of the target software ([0043] “The memory page size management software may update the memory page size information for at least one of the identified contiguous page table entries with new memory page size information if an analysis of the identified contiguous page table entries warrants a change to the memory page size.”)
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine teaching of Kim and Chhabra and further including the region defining data is updated based on a size parameter indicative of a size of the target software as taught by Stecher in order to facilitate updating the memory page size information for all of the contiguous page table entries with the new memory page size information.

Claim 8 is rejected under 35 U.S.C. 103 as being unpatentable over by Kim, and in view of Chhabra and Stecher and further view of Krig (US Pub. No. 20100107249 A1 hereinafter “Krig”)
Per claim 8
The rejection of claim 7 is incorporated
Kim, Chhabra and Stecher do not disclose
the size parameter is verified based on a cryptographic signature associated with the target software.
But Krig discloses
the size parameter is verified based on a cryptographic signature associated with the target software ([0066] “The F.sub.1 size register 306 includes a value representing F.sub.1's length…The F.sub.1 signature size register includes a value representing F.sub.1's cryptographic signature length.”)
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine teaching of Kim and Chhabra and further including the region defining data is updated based on a size parameter indicative of a size of the target software in order to perform signature verification on each of the plurality of target memory segments based on the programmed signature verification policy information associated with each target memory segment.




Response to Arguments
Applicant’s arguments filed on Apr. 29, 2021 have been fully considered but they are not persuasive.
In the remarks, Applicant argues that:
(a) 	Applicant's arguments with respect to claim 1, an interpretation of the term successful as including “compromised” is not reasonable in the last Office Action.
Examiner’s response: 
Examiner disagrees.
Kim discloses verifying the target software in paragraph [0009] “check integrity of a plurality of code blocks”; Kim further discloses when verification of the target software is successful (successfully meeting the criteria of being moved one region to another), change the target region from a less secure region to a more secure region in [0009] “when one of the plurality of code blocks is compromised: change a memory region corresponding to a compromised code block to a secure region”
Claim language does not specifically describe how verification of the target software is “successful” disclosed in the specification (e.g. page 11 lines 12-18), but Kim meets the criteria of claim “when verification of the target software is successful, change the target region from a less secure region to a more secure region” even the term “comprised” used by Kim.

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  

Any inquiry concerning this communication or earlier communications from the examiner should be directed to JUNCHUN WU whose telephone number is (571)270-1250.  The examiner can normally be reached on Monday - Friday 9:00 - 17:00 EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Wei Zhen can be reached on 571-272-3708.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to 




/JUNCHUN WU/Examiner, Art Unit 2191                                                                                                                                                                                                        


/WEI Y ZHEN/Supervisory Patent Examiner, Art Unit 2191