DETAILED ACTION
	Claims 23-42 are pending. Claims 1-22 are canceled. This is in response to application filed on July 16, 2019 which is Continuation of 16/434,860 filed on June 7, 2019. 16/434,860 is a Continuation of 16/205,725 filed on November 30, 2018 granted under Patent No. 10,380,344. 16/205,725 is a Continuation of 16/011,906 June 19, 2018 granted under Patent No. 10,176,326. 16/011,906 is a Continuation of CT/IB2017/051964 April 5, 2017. PCT/IB2017/051964 has a Provisional 62/346,856 filed on June 7, 2016 and a Provisional 62/319,178 filed on April 6, 2016.

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claims 23-42 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by PG Pub 20140082329 (hereinafter Ghose)

a non-transitory computer readable medium including instructions that, when executed by at least one processor, cause the at least one processor to perform operations for customized code execution flow integrity for a controller, comprising: 
 	embedding, in a controller, customized and controller-specific code execution flow inspection code (par. [0002], [0021]-[0022] disclose a process for validation whether a program executing on a potentially untrusted host during runtime by validating signatures of control flow paths), the controller-specific code execution flow inspection code being configured to: 
monitor local processing activity of the controller; compare code execution requests of the controller to a map of permitted code execution for the controller (Fig. 2 and par. [0180-[0187] disclose using the signature cache (SC) to store reference signatures to compare to a signature of a control flow instruction of an executing program being monitored); 
determine whether the code execution requests conflict with the map of permitted code execution for the controller; and implement, based on the determination, control actions to prevent the code execution requests that conflict with the map of permitted code execution from being executed on the controller (par. [0184] discloses if a match of the control flow signature for the basic block, execution continues as usual. On a signature mismatch an exception is raised and appropriate handlers are invoked.).  

 wherein the map of permitted code execution for the controller defines a plurality of valid function call sequences for the controller (par. [0028] discloses a hardware stack storing a set of return addresses for a sequence of call functions is used to validate the control flow path of the respective call functions).  

	Regarding claim 25, Ghose discloses wherein the map of permitted code execution for the controller is based on a build process for the controller (par. [0167] discloses the system can be used on embedded systems. As known in the art, an embedded system is a microprocessor-based computer hardware system with software that is designed to perform a dedicated (e.g. specifically-built) function).  

 	Regarding claim 26, Ghose discloses wherein the map of permitted code execution for the controller is based on a static analysis of binaries associated with code installed on the controller (par. [0017] and [0168]).  

 	Regarding claim 27, Ghose discloses wherein the embedding includes integrating the controller-specific code execution flow inspection code into executable code installed on the controller (par. [0008]-[0009] discloses other tools that use Run-time Control Flow Authentication (CFA) have been. For example, see Ref [MBS 07] that Ghose states embedding CFA into the literal fields of RISC instructions).  

 wherein the operations further comprise accessing signatures associated with the code execution requests and
 wherein the operations further comprise comparing the signatures with a database of approved signatures (see claim rejection for signature cache (SC) storing reference signatures).  

 	Regarding claim 30, Ghose discloses wherein a hook registered with a kernel of the controller is configured to redirect processing of the controller to a process verification function (Abstract and par. [0208], [0213] discloses the Run-time Execution Validator (REV) validates, as the program executes, the control flow path and instructions executed along the control flow path. REV uses a signature cache integrated into the processor pipeline to perform live validation of executions including kernel code. Ghose discloses the REV mechanism can be momentarily disabled by the OS suggesting it works as a hook function at kernel level). 

 	Regarding claim 31, Ghose discloses wherein the process verification function is configured to return processing of the controller following the process verification function.  As presented in claim 1 rejection, once the signature of a control flow is validated the process of code executing continues as normal.

 	Regarding claim 32, Ghose discloses wherein the process verification function is configured to determine signatures associated with the code execution requests (par. [0134] discloses “each legal flow path within a single execution module may be specified as a segment from an entry point or instruction that can change the flow of control to a next instruction that can change the flow of control, and wherein each segment has a predetermined reference signature”).

	Claims 33-42 are rejected in view of claims 23-32 respectively.

Inquiry communication
Any inquiry concerning this communication or earlier communications from the examiner should be directed to TRI M TRAN whose telephone number is (571)270-1994.  The examiner can normally be reached on Mon-Fri: 9am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jung Kim can be reached on 5712723804.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/TRI M TRAN/Primary Examiner, Art Unit 2494