Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Detailed Action

Response to Arguments
Applicant's arguments filed 7/14/2021 have been fully considered but they are not persuasive.

Pages 6 and 7 of said Remarks argue that Thom fails to disclose that the secure crypto-processor 302 is connected to a communication bus to which the microcontroller 308 and any of devices 305-307 would also be connected. Additionally, the other arguments found on pages 6 and 7 are directed toward the fact that Thom teaches that the microcontroller 308 is located between the microcontroller 308 and the peripherals 305-307 and the communication bus 304. The Examiner does not dispute that microcontroller 308 is not directly connected to communication bus 304.

-	However, the claims are devoid of language that requires the command circuit (microcontroller 308), peripheral (devices 305-307) or the control circuit (secure crypto-processor 302), be directly connected to the communication bus.

-	The Examiner asserts that terms such as “coupled” and “connected” are commonly broadly interpreted in the art to refer to a device as being communicatively, electrically, and/or operatively in connection with. Using this interpretation, peripherals 305-307, secure crypto-processor 302, and microcontroller 308 are each communicatively connected to bus 304. 


Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.

Claims 1-6, 8, and 10-14 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Thom et al. U.S. PGPUB No. 2016/0308677.

Per Claim 1, Thom discloses:
a method for controlling commands suitable to be processed by a peripheral (Paragraphs 32 and 34, Figures 2 and 3; I/O devices 207/305-307 requiring security may include an actuator.),
the method comprising the following steps implemented by a command control circuit (secure crypto-processor 302) connected to a communication bus (secure bus 304; Figure 3), a command circuit (microcontroller 308) and the peripheral also being connected to the communication bus (Figure 3; Devices 305-307 and microcontroller 308 are communicatively connected via bus 304. As discussed above, Devices 305-307 and microcontroller are communicatively connected to secure bus 304 as any communication between said devices requires communicating over the secure bus.):
granting or refusing authorization to the command circuit to transmit a command signal for the peripheral via the communication bus (Paragraphs 58-60, Figure 5; 502-504
detecting the possible transmission of the command signal for the peripheral by the command circuit via the communication bus (Paragraph 57, Figure 5; 501),
implementing protection measures when the control circuit detects that: the command signal has been transmitted by the command circuit via the communication bus when the control circuit has not granted authorization, or that the command signal has not been transmitted by the command circuit over the communication bus when the control circuit has granted authorization (Paragraphs 58-60, Figure 5 numerals 502-504 discuss the process of determining whether or not to grant access. Paragraphs 34-38, Figure 3 discuss the actual process of microcontroller 308 passing commands received from user device 311 to a buffer 309 of secure crypto-processor 302 that are for accessing secure devices 305-307. Secure crypto-processor 302 then acts as a gate-keeper that provides identity, authentication, authorization, and attestation functionality for microcontroller 308 and device 301. Secure crypto-processor 302 implements protection measures if a command/request does not pass the required criteria for accessing secure devices 305-307. Note, the alternative claim language of “or” requires only one of the two claimed criteria be taught by the prior art.).

Per Claim 2, Thom discloses the method according to claim 1, wherein the authorization is not granted by the control circuit when the control circuit detects that the command signal of the peripheral is not based on an order authentically transmitted by a predetermined server (Paragraphs 27, 36, 39; “authorized source”; Paragraph 48; Device 301 may be a remote server.).

Per Claim 3, Thom discloses the method of claim 2, wherein the control circuit is configured to check whether the order has been electronically signed by the server and/or whether the order is accompanied by an authentication code generated by the server (Paragraph 26 – Message Authentication Code (MAC)).

Paragraphs 34-38, Figure 3; Commands/data from microcontroller 308 are stored in the buffer 309 of secure crypto-processor 302 and then an integrity check determination is made as to whether or not protection measures need to be implemented.).

Per Claim 5, Thom discloses the method according to claim 3, wherein the protection measures comprise the server being sent an error message relating to the command of the peripheral (Paragraph 24, Receipt of a failed command/order is received by user device 105.).Per Claim 6, Thom discloses the method according to claim 3, comprising the server being sent a message indicating that the transmission of the command signal has been authorized then occurred, the message preferably being electronically signed or encrypted (Paragraph 26; Secure crypto-processor 111 encodes its replies to user device 105, such as any sensor data or actuator command acknowledgement, using the MAC.).
Per Claim 8, Thom discloses the method according to claim 1, wherein the protection measures comprise a block preventing the command signal, or even any command signal of the peripheral subsequently transmitted by the command circuit over the communication bus, from being processed by the peripheral (Paragraphs 26, 27, 34, 38, and 39; Secure crypto-processor 302 will deny/block/ignore requests when a key match is not detected, or a policy of said key is not met.).
Paragraphs 24 and 25).
Per claim 11, please refer to the above rejection of claim 1 as the limitations are substantially similar and have already been mapped to the Thom reference.
Per Claim 12, Thom discloses a system comprising a peripheral  (I/O devices 207/305-307), a command circuit  (microcontroller 308), a command control circuit  (secure crypto-processor 302) according to claim 11, and a communication bus  (secure bus 304), wherein the peripheral , the command circuit  and the control circuit  are all connected to the communication bus  (Figure 3; Terms such as “connected” and “coupled” are commonly broadly interpreted in the art to refer to a devices/components being communicatively, electrically, and/or operatively in connection with. The above cited components of Thom are each connected communicatively, electrically, and operatively.).

Per Claim 13, Thom discloses a connected object comprising the system according to claim 12 (Figure 3; device 301).

Per Claim 14, Thom discloses the method according to claim 1, wherein the peripheral is an actuator (Paragraphs 32 and 34, Figures 2 and 3; I/O devices 207/305-307 requiring security may include an actuator.).


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of 
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claim 7 is rejected under 35 U.S.C. 103 as being unpatentable over Thom et al. U.S. PGPUB No. 2016/0308677 in view of Imai, U.S. PGPUB No. 2005/0102503.

Per Claim 7, Thom discloses utilizing a public-key or asymmetric cryptography system of authenticating and authorizing commands and access between two devices (Paragraph 27), but does not specifically discuss rejecting a command/order based on an expiration of a validity period related to it.

However, Imai similarly discloses utilizing a public-key encryption to authenticate and authorize secure communications between two devices, further teaching denying the access of a command/order if its associated public key certificate has expired (Paragraph 162). 
-	It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to implement the protective measure of rejecting or denying access of a command from a device when the public key certificate 

*	*	*	*	*	*

Claims 9 and 15 rejected under 35 U.S.C. 103 as being unpatentable over Thom et al. U.S. PGPUB No. 2016/0308677 in view of Todd et al. U.S. PGPUB No. 2017/0366026.

Per Claims 9 and 15, Thom discloses taking different protective measures upon detecting an unauthorized attempt to access a trusted peripheral device (Paragraphs 26, 27, 34, 38, and 39; Secure crypto-processor 302 will deny/block/ignore requests when a key match is not detected, or a policy of said key is not met.), but does not specifically teach at least one of the methods disclosed in claim 9.

However, Todd teaches deactivating a charging functionality of a charging device upon discovering an attempt at unauthorized use or unauthorized biometric data input to the charger (Paragraph 23).

-	It would have been obvious to one of ordinary skill in the art at the time of the Applicant's claimed invention to utilize the device deactivation technique of Todd within the isolation of trusted I/O devices system of Thom upon detecting an authorized attempt at access, for the purpose of taking an extra step of security by making the targeted device inoperable and thus more secure from an unauthorized access attempt. This would have been obvious since it has been held that the simple substitution of one known element (deactivation of targeted device) for another (blocking unauthorized command) to obtain predictable results is obvious to one of ordinary skill. See MPEP 2141, section III(B).

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRIAN T MISIURA whose telephone number is (571)272-0889.  The examiner can normally be reached on M-F: 8-4:30PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Tim Vo can be reached on (571) 272-3642.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. 
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).

/Brian T Misiura/
Primary Examiner, Art Unit 2185