DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Amendment

1.	This action is in response to the communication filed on September 10, 2019.  Claims 1-12 were originally received for consideration.  No preliminary amendments have been received.
2.	Claims 1-12 are currently pending consideration.  This action is made NON-FINAL. 

Greetings from Your Examiner

3.	Dear applicant, my name is Kaveh Abrishamkar, the patent examiner assigned to process your patent application.  After reviewing this Office Action, please do not hesitate to contact me via telephone.  My telephone number is 571-272-3786.  If you cannot reach me in person, please leave a voicemail and I will try to return your call within 24 hours. 

Examiner Remarks
4.	This case is being examined in the “Pro Se Examination Unit” (Art Unit 3649).  Pro Se Assistance is a current pilot program at the USPTO which offers customer service to applicants filing patent applications without legal representation.
5.	In the spirit of compact prosecution. Applicant is requested to contact the Examiner for an interview to discuss the inventive concepts of the instant application. Applicant may optionally amend the claims to further direct the claims toward a particular inventive concept described in the 
6.    Applicant should respectfully note that any amendments made should comply with MPEP §714 and 37 CFR §1.121. The below hyperlink provides an example of making a proper response, and the examiner strongly suggests referencing it when preparing a response. Should applicant desire a paper copy, please contact the examiner at the below telephone number and one will be provided.
http://www.uspto.gov/ web/ offices/pac/dapp/ opla/preognohce/formatrevamdtprac.pdf
7.	The USPTO understands Internet e-mail communications may be more convenient for some applicants. However, communication via e-mail proses risks to information confidentiality. The USPTO will NOT respond via e-mail to any Internet correspondence which contains information subject to the confidentiality requirement as set forth in 35 U.S.C. §122 without a signed written authorization by applicant in place.
In the case the applicant wishes to communicate with the examiner via e-mail, a written authorization must be submitted by mail, fax or EFS-Web prior to any e-mail communication (i.e., the authorization cannot be e-mailed to the examiner). For the applicant's convenience, the examiner has included a link to the Form-Authorization for Interest Communication in a patent Application:
https://www.uspto.gov/sites/default/files/documents/sb0439.pdf.
Please note that the authorization may later be withdrawn by filing a signed paper clearly identifying the original authorization and indicating that the authorization has been withdrawn (see MPEP §502.03). Also note that a formal reply to an Office Action can NEVER be submitted via email.

8. 	Finally, applicant should respectfully note that the position of the U.S. Patent and Trademark Office is to recommend all applicants seek the advice of a registered practitioner, especially prior to the 


Information Disclosure Statement


9.	Initialed and dated copies of Applicant’s IDS (form 1449), received on 9/10/2019 and 2/19/2021, are attached to this Office Action.

Claim Rejections - 35 USC § 103

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-12 is/are rejected under 35 U.S.C. 103 as being unpatentable over Markham (U.S. Patent 10,124,750) in view of Nadathur et al. (U.S. Patent Pub. No. US 2016/0359629).

Regarding claim 1, Markham discloses: 
A diagnostic access authentication system for a vehicle having a controller area network (CAN), the system comprising: 
a diagnostic interface connected to the CAN and configured to interface with an external testing tool (column 8, lines 31-37, column 10, lines 31-42:  vehicle security system is connected to CAN buses and can verify authorized or unauthorized signals); 
a set of components connected to the CAN and configured to be the subject of a set of diagnostics (column 3, lines 43-53, column 10, lines 31-43:  ECUs are connected to the CAN buses); and 
a controller connected to the CAN and configured to perform a diagnostic authentication procedure (column 8, lines 31-37, column 10, lines 31-42:  vehicle security system is connected to CAN buses and can verify authorized or unauthorized signals) including: 
receiving, from the external testing tool, a request for diagnostic access to the vehicle, the request comprising a public key certificate specifying a diagnostic role, wherein the external testing tool obtains the public key certificate from a public key infrastructure (PKI) computing system that stores a corresponding private key certificate (column 3, lines 43-60, column 4, lines 12-33:  the dongle (external testing tool) certificate is used to confirm the identity of the dongle); 
when the digital signature is valid, unlocking a set of diagnostics associated with the diagnostic role (column 4, lines 10-20:  if the digital signature is valid, the module will know that the token is authorized); and 
when any of the set of unlocked diagnostics associated with the diagnostic role match any of the set of diagnostics for the set of components, granting the external testing tool diagnostic access to the vehicle, thereby causing the external testing tool to execute the one or more matched diagnostics once the token is authorized then the policy changes via the dongle would be authorized). 
Markham does not explicitly disclose transmitting, to the external testing tool, an authentication challenge, wherein receipt of the authentication challenge causes the external testing tool to transmit the authentication challenge to the PKI computing system, receive a signed authentication challenge comprising a digital signature from the PKI computing system, and transmit the signed authentication challenge to the controller via the diagnostic interface, receiving, from the external testing tool, the signed authentication challenge, and determining whether the digital signature of the signed authentication challenge is valid using the public key certificate.  Markham discloses a process of authenticating the dongle (column 3, lines 55-65) but allows for variations in the process (column 4, lines 22-30).  In an analogous art, Nadathur discloses a controller authenticating itself to a certificate server (PKI) which is provisioned with a PKI certificate (paragraph 0070). Then controller provides a signed digital challenge which it received from the PKI system to the certificate server which is then authenticated before proceeding (paragraph 0070).  It would have been obvious to incorporate the authentication method of Nadathur into the system of Markham in order to allow the controller to be authenticated before proceeding with the diagnostic (Nadathur:  paragraph 0070).
Claim 2 is rejected as applied above in rejecting claim 1.  Furthermore, Markham discloses: 
The system of claim 1, wherein the authentication procedure further comprises denying the external testing tool diagnostic access to the vehicle when the digital signature is invalid (column 8, lines 31-37, column 10, lines 31-42:  vehicle security system is connected to CAN buses and can verify authorized or unauthorized signals).  

The system of claim 1, wherein the authentication procedure further comprises denying the external testing tool diagnostic access to the vehicle when the diagnostic is not one of the set of unlocked vehicle diagnostics (column 8, lines 31-37, column 10, lines 31-42:  vehicle security system is connected to CAN buses and can verify authorized or unauthorized signals). Claim 4 is rejected as applied above in rejecting claim 1.  Furthermore, Markham discloses: 
The system of claim 1, wherein the PKI computing system is a local or dedicated system for the external testing tool (column 4, lines 31-37:  PKI system).Claim 5 is rejected as applied above in rejecting claim 1.  Furthermore, Nadathur discloses: 
The system of claim 1, wherein the PKI computing system is a remote system that is connected to the external testing tool via the Internet (paragraph 0070:  PKI certificate from remote server).Claim 6 is rejected as applied above in rejecting claim 1.  Furthermore, Markham discloses: 
The system of claim 1, wherein the controller and the external testing tool do not share a seed and a key for authentication (column 8, lines 31-37, column 10, lines 31-42:  vehicle security system is connected to CAN buses and can verify authorized or unauthorized signals). Regarding claim 7, Markham discloses: 
A diagnostic access authentication method for a vehicle comprising a set of components configured to be the subject of a set of diagnostics, the method comprising: 
receiving, by a controller of the vehicle and from an external testing tool, a request for diagnostic access to the vehicle, the request comprising a public key certificate specifying a diagnostic the dongle (external testing tool) certificate is used to confirm the identity of the dongle); 
when the digital signature is valid, unlocking, by the controller, a set of diagnostics associated with the diagnostic role (column 4, lines 9-20:  once the token is authorized then the policy changes via the dongle would be authorized); and 
when any of the set of unlocked diagnostics associated with the diagnostic role match any of the set of diagnostics for the set of components, granting, by the controller, the external testing tool diagnostic access to the vehicle, thereby causing the external testing tool to execute the one or more matched diagnostics (column 4, lines 9-20:  once the token is authorized then the policy changes via the dongle would be authorized).
 Markham does not explicitly disclose transmitting, to the external testing tool, an authentication challenge, wherein receipt of the authentication challenge causes the external testing tool to transmit the authentication challenge to the PKI computing system, receive a signed authentication challenge comprising a digital signature from the PKI computing system, and transmit the signed authentication challenge to the controller via the diagnostic interface, receiving, from the external testing tool, the signed authentication challenge, and determining whether the digital signature of the signed authentication challenge is valid using the public key certificate.  Markham discloses a process of authenticating the dongle (column 3, lines 55-65) but allows for variations in the process (column 4, lines 22-30).  In an analogous art, Nadathur discloses a controller authenticating itself to a certificate server (PKI) which is provisioned with a PKI certificate (paragraph 0070). Then controller provides a signed digital challenge which it received from the PKI system to the certificate server which is then authenticated before proceeding (paragraph 0070).  It would have been obvious to incorporate 
Claim 8 is rejected as applied above in rejecting claim 7.  Furthermore, Markham discloses: 
The method of claim 7, further comprising denying, by the controller, the external testing tool diagnostic access to the vehicle when the digital signature is invalid (column 8, lines 31-37, column 10, lines 31-42:  vehicle security system is connected to CAN buses and can verify authorized or unauthorized signals). Claim 9 is rejected as applied above in rejecting claim 7.  Furthermore, Markham discloses: 
The method of claim 7, further comprising denying, by the controller, the external testing tool diagnostic access to the vehicle when the diagnostic is not one of the set of unlocked vehicle diagnostics (column 8, lines 31-37, column 10, lines 31-42:  vehicle security system is connected to CAN buses and can verify authorized or unauthorized signals). Claim 10 is rejected as applied above in rejecting claim 7.  Furthermore, Markham discloses: 
The method of claim 7, wherein the PKI computing system is a local or dedicated system for the external testing tool (column 4, lines 31-37:  PKI system). Claim 11 is rejected as applied above in rejecting claim 7.  Furthermore, Nadathur discloses: 
The method of claim 7, wherein the PKI computing system is a remote system that is connected to the external testing tool via the Internet (paragraph 0070:  PKI certificate from remote server). Claim 12 is rejected as applied above in rejecting claim 7.  Furthermore, Markham discloses: 
The method of claim 7, wherein the controller and the external testing tool do not share a seed and a key for authentication (column 8, lines 31-37, column 10, lines 31-42:  vehicle security system is connected to CAN buses and can verify authorized or unauthorized signals).



Conclusion

Any inquiry concerning this communication or earlier communications from the examiner should be directed to KAVEH ABRISHAMKAR whose telephone number is (571)272-3786.  The examiner can normally be reached on M-F 9-5:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Robert Hodge can be reached on 571-272-2097. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/KAVEH ABRISHAMKAR/
07/28/2021Primary Examiner, Art Unit 3649