DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
This is a reply to the amendment filed on 06/03/2021, in which, applicant’s election without traverse of claims 2-19 is acknowledged. Claims 2-20 are pending where claims 2, 11 and 20 are independent. Claim 1 is canceled. Claim 7 is amended. Claim 20 is newly added.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 11/12/2019 and 04/01/2020, has been reviewed. The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the examiner is considering the information disclosure statement.

Drawings
The drawings filed on 04/26/2019 are accepted by The Examiner.

EXAMINER’S AMENDMENT
An examiner's amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner's amendment was given in a telephone interview Attorney Michael A. Bartley (Reg. No. 63,986) on 08/03/2021 and followed up on 08/05/2021. 

The application has been amended as follows:

Please replace claim 2 with:
2. (Currently amended)[[.]]  A security system for embedded systems, comprising:
	an embedded system with a central processor unit (CPU) SYSTEM, the CPU SYSTEM comprising one or more microprocessor cores and running dedicated CODE, the CODE comprising machine-language instructions controlling actions of the microprocessor cores of the CPU SYSTEM;
	a SECURITY DEVICE being an electronic integrated circuit (IC) separate from the CPU SYSTEM, where the IC is not and does not use any general purpose microprocessors nor any microprocessor cores of the CPU SYSTEM, wherein the SECURITY DEVICE is irremovably connected to the CPU SYSTEM as part of a PROTECTED SYSTEM;
	a PHYSICAL PRESENCE DEVICE (PPD) being an electrical circuit connectable to the PROTECTED SYSTEM; [[and]]
	a PROGRAMMER connected to the PPD and the SECURITY DEVICE during construction of the PROTECTED SYSTEM and disconnected during operation of the PROTECTED SYSTEM, wherein the PROGRAMMER is an electrical circuit or collection of circuits which generates CRYPTOGRAPHIC INFORMATION for the PPD and the SECURITY DEVICE; 
	a protected storage electrically connected to the SECURITY DEVICE; 
	wherein the CRYPTOGRAPHIC INFORMATION, received from the PROGRAMMER during construction of the PROTECTED SYSTEM and stored on the PPD and the SECURITY DEVICE, is unique to both the PPD and the SECURITY DEVICE such that other PROTECTED SYSTEMS cannot share the same PPD; and
	wherein when the PPD is physically connected to the SECURITY DEVICE after construction and validated based on the CRYPTOGRAPHIC INFORMATION, electrical circuits within the PPD enable one or more functions within the SECURITY DEVICE to:
		encrypt and load CODE or other data into the protected storage;		modify a state of the SECURITY DEVICE; or
		synchronize the CRYPTOGRAPHIC INFORMATION on either the PPD or the SECURITY DEVICE.

Please cancel claim 3;

Please replace claim 4 with:
4. (Currently amended)[[.]]  The security system of claim 2[[3]], wherein all devices which ordinarily would connect to the CPU SYSTEM via one or more system busses instead are connected to the SECURITY DEVICE such that the SECURITY DEVICE monitors all device interfaces with the CPU SYSTEM.

Please replace claim 5 with:
5. (Currently amended)[[.]]  The security system of claim 4, wherein the SECURITY DEVICE includes electrical circuitry to service all requests for CODE execution when CODE is contained in the protected storage, and process all requests for CODE not contained in the protected storage as invalid requests which are prevented from being functional instructions on the CPU SYSTEM.

Please replace claim 6 with:
6. (Currently amended)[[.]]  The security system of claim 2, wherein the SECURITY DEVICE is electrically connected to CPU SYSTEM via standard system interfaces and monitors electronic activity on the interfaces.

Please cancel claim 7;

Please cancel claim 8;

Please replace claim 9 with:
9. (Currently amended)[[.]]  The security system of claim 2[[7]], wherein the PPD further includes electrical circuitry for an interface to a communication network such that a secure communication channel to the CPU SYSTEM can be established across the communication network between the PPD and the SECURITY DEVICE by encoding and decoding communications across the secure communication channel based on the CRYPTOGRAPHIC INFORMATION.

Please replace claim 10 with:
10. (Currently Amended)[[.]]  The security system of claim 9, further comprising one or more additional PPDs connected to the PROGRAMMER during construction of the PROTECTED SYSTEM, the one or more additional PPDs storing CRYPTOGRAPHIC INFORMATION and including electrical circuitry for interfacing with the communication network to establish additional secure communication channels across the communication network to each of the additional PPDs.

Please replace claim 11 with:
11. (Currently Amended)[[.]]  A method for securing embedded systems, comprising:
	constructing a PROTECTED SYSTEM which irremovably connects a SECURITY DEVICE to a central processor unit (CPU) SYSTEM, wherein the CPU SYSTEM comprises one or more microprocessor cores and runs dedicated CODE, wherein the CODE comprises machine-language instructions controlling actions of the microprocessor cores of the CPU SYSTEM, wherein the SECURITY DEVICE is an electronic integrated circuit (IC) separate from the CPU SYSTEM, and wherein the IC is not and does not use any general purpose microprocessors nor any microprocessor cores of the CPU SYSTEM;
	storing the CODE within protected storage electrically connected to the SECURITY DEVICE;
	during construction, connecting a PHYSICAL PRESENCE DEVICE (PPD) to the PROTECTED SYSTEM and a PROGRAMMER to the PPD and the SECURITY DEVICE, wherein the PPD and the PROGRAMMER are each an electrical circuit or collection of circuits; [[and]]
	while connected during construction, generating, by the PROGRAMMER, CRYPTOGRAPHIC INFORMATION unique to both the PPD and the SECURITY DEVICE such that other PROTECTED SYSTEMS cannot share the same PPD, ; and
	physically connecting the PPD to the SECURITY DEVICE after construction, validating the PPD with the SECURITY DEVICE based on the CRYPTOGRAPHIC INFORMATION, and enabling functions within the SECURITY DEVICE based on electrical circuits within the PPD, the functions including one or more of:
		encrypting and loading CODE or other data into the protected storage;		modifying a state of the SECURITY DEVICE; or
		synchronizing the CRYPTOGRAPHIC INFORMATION on either the PPD or the SECURITY DEVICE.

Please cancel claim 12;

Please replace claim 13 with:
13. (Currently Amended)[[.]]  The method of claim 11[[2]], further comprising monitoring, by the SECURITY DEVICE, all device interfaces with the CPU SYSTEM by connecting all devices through the SECURITY DEVICE to the CPU SYSTEM instead of directly connecting to one or more system busses of the CPU SYSTEM.

Please replace claim 14 with:
14. (Currently Amended)[[.]]  The method of claim 13, further comprising servicing, by the SECURITY DEVICE, all requests for CODE execution when CODE is contained in the protected storage, and preventing, by the SECURITY DEVICE, any execution by the CPU SYSTEM of CODE not stored in the protected storage by treating any such requests as invalid requests.

Please replace claim 15 with:
15. (Currently Amended)[[.]]  The method of claim 11, further comprising electrically connecting the SECURITY DEVICE to the CPU SYSTEM via standard system interfaces and monitoring, by the SECURITY DEVICE, electronic activity on the standard system interfaces.

Please cancel claim 16;

Please cancel claim 17;

Please replace claim 18 with:
18. (Currently Amended)[[.]]  The method of claim 11[[6]], further comprising:
	connecting the PPD to a communication network through an interface with electrical circuitry included within the PPD;
	establishing a secure communication channel to the CPU SYSTEM across the communication network between the PPD and the SECURITY DEVICE; and
	encoding and decoding communications across the communication channel based on the CRYPTOGRAPHIC INFORMATION stored in the PPD and the SECURITY DEVICE.

Please replace claim 19 with:
19. (Currently Amended)[[.]]  The method of claim 18, further comprising:	connecting one or more additional PPDs to the PROGRAMMER during construction of the PROTECTED SYSTEM and storing the CRYPTOGRPAHIC INFORMATION on the one or more additional PPDs;	connecting the one or more additional PPDs to the communication network; and
	establishing additional secure communication channels across the communication network between the SECURITY DEVICE and each of the one or[[e]] more additional PPDs.

Please replace claim 20 with:
20. (Currently Amended)[[.]]  A security system for embedded systems, comprising:
	an embedded system with a central processor unit (CPU) SYSTEM, the CPU SYSTEM comprising one or more microprocessor cores and running dedicated CODE, the CODE comprising machine-language instructions controlling actions of the microprocessor cores of the CPU SYSTEM;
	a SECURITY DEVICE being an electronic integrated circuit (IC) separate from the CPU SYSTEM, where the IC is not and does not use any general purpose microprocessors nor any microprocessor cores of the CPU SYSTEM, wherein the SECURITY DEVICE is irremovably connected to the CPU SYSTEM as part of a PROTECTED SYSTEM;
	a protected storage electrically connected to the SECURITY DEVICE;
	a PHYSICAL PRESENCE DEVICE (PPD) being an electrical circuit connectable to the PROTECTED SYSTEM; 
	a PROGRAMMER connected to the PPD and the SECURITY DEVICE during construction of the PROTECTED SYSTEM and disconnected during operation of the PROTECTED SYSTEM, wherein the PROGRAMMER is an electrical circuit or collection of circuits which generates CRYPTOGRAPHIC INFORMATION for the PPD and the SECURITY DEVICE;
	the CRYPTOGRAPHIC INFORMATION received from the PROGRAMMER during construction of the PROTECTED SYSTEM and stored on the PPD and the SECURITY DEVICE, wherein the CRYTPOGRAPHIC INFORMATION is unique to both the PPD and the SECURITY DEVICE such that other PROTECTED SYSTEMS cannot share the same PPD;
	wherein when the PPD is physically connected to the SECURITY DEVICE after construction and validated based on the CRYPTOGRAPHIC INFORMATION, electrical circuits within the PPD enable one or more functions within the SECURITY DEVICE to:
		encrypt and load CODE or other data into the protected storage,		modify a state of the SECURITY DEVICE, or
		synchronize the CRYPTOGRAPHIC INFORMATION on either the PPD or the SECURITY DEVICE;
	wherein the SECURITY DEVICE is electrically connected to CPU SYSTEM via standard system interfaces and monitors electronic activity on the interfaces;
	wherein all devices which ordinarily would connect to the CPU SYSTEM via one or more system busses instead are connected to the SECURITY DEVICE such that the SECURITY DEVICE monitors all device interfaces with the CPU SYSTEM;
	wherein the SECURITY DEVICE includes electrical circuitry to service all requests for CODE execution when CODE is contained in the protected storage, and process all requests for CODE not contained in the protected storage as invalid requests which are prevented from being functional instructions on the CPU SYSTEM;
	wherein the PPD further includes electrical circuitry for an interface to a communication network such that a secure communication channel to the CPU SYSTEM can be established across the communication network between the PPD and the SECURITY DEVICE by encoding and decoding communications across the secure communication channel based on the CRYPTOGRAPHIC INFORMATION; and
	one or more additional PPDs connected to the PROGRAMMER during construction of the PROTECTED SYSTEM, the one or more additional PPDs storing CRYPTOGRAPHIC INFORMATION and including electrical circuitry for interfacing with the communication network to establish additional secure communication channels across the communication network to each of the additional PPDs.

Allowable Subject Matter
Claims 2, 4-6, 9-11, 13-15 and 18-20 are allowed.
The following is an examiner's statement of reasons for allowance:
Independent Claim(s) and their respective dependent claims are allowable over prior arts since the prior arts taken individually or in combination fails to particular discloses, fairly suggest or render obvious the following italic limitations:

In claims 2 and 20:
“a protected storage electrically connected to the SECURITY DEVICE; 
	wherein the CRYPTOGRAPHIC INFORMATION, received from the PROGRAMMER during construction of the PROTECTED SYSTEM and stored on the PPD and the SECURITY DEVICE, is unique to both the PPD and the SECURITY DEVICE such that other PROTECTED SYSTEMS cannot share the same PPD; and
	wherein when the PPD is physically connected to the SECURITY DEVICE after construction and validated based on the CRYPTOGRAPHIC INFORMATION, electrical circuits within the PPD enable one or more functions within the SECURITY DEVICE to:
		encrypt and load CODE or other data into the protected storage;		modify a state of the SECURITY DEVICE; or
synchronize the CRYPTOGRAPHIC INFORMATION on either the PPD or the SECURITY DEVICE.” in combination with other limitations recited as specified in the independent claim(s). 

In claim 11:
“storing the CODE within protected storage electrically connected to the SECURITY DEVICE;
	while connected during construction, generating, by the PROGRAMMER, CRYPTOGRAPHIC INFORMATION unique to both the PPD and the SECURITY DEVICE such that other PROTECTED SYSTEMS cannot share the same PPD, and storing the CRYPTOGRAPHIC INFORMATION in the PPD and the SECURITY DEVICE; and
	physically connecting the PPD to the SECURITY DEVICE after construction, validating the PPD with the SECURITY DEVICE based on the CRYPTOGRAPHIC INFORMATION, and enabling functions within the SECURITY DEVICE based on electrical circuits within the PPD, the functions including one or more of:
		encrypting and loading CODE or other data into the protected storage;		modifying a state of the SECURITY DEVICE; or
		synchronizing the CRYPTOGRAPHIC INFORMATION on either the PPD or the SECURITY DEVICE.” in combination with other limitations recited as specified in the independent claim(s). 

The closest prior art made of record are:
O'Loughlin et al. (US 2012/0102334 A1) teaches An asset management system which includes a hardware module operating as an asset control core. The asset control core generally includes a small hardware core embedded in a target system on chip that establishes a hardware-based point of trust on the silicon die. The asset control core can be used as a root of trust on a consumer device by having features that make it difficult to tamper with. The asset control core is able to generate a unique identifier for one device and participate in the tracking and provisioning of the device through a secure communication channel with an appliance. 
Yoffe et al. (US 2011/0179482 A1) teaches securing a personal device that includes a device core and a peripheral device from unauthorized access or operation.
Gail et al. (US 2014/0223569 A1) teaches An embedded security module including a security processor, volatile and non-volatile memory, and an interface. 
Wang et al. (US 2013/0212671 A1) teaches a computer architecture designed for enhanced data security. The architecture comprises two sub-systems, each with their own processing units and memories, and a defined set of interfaces that interconnect the two sub-systems and the external world. One sub-system is designed to provide a familiar environment for running computer applications. The other sub-system is .
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHENG-FENG HUANG whose telephone number is (571)272-6186.  The examiner can normally be reached on Monday-Friday: 9 am - 5 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni A Shiferaw can be reached on (571) 272-3867.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  






/CHENG-FENG HUANG/Primary Examiner, Art Unit 2497