Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
Claims1-20 remain for examination. Applicant's arguments filed on 08/04/2021 have been fully considered but they are not persuasive. The rejections are maintained and incorporated by reference the last Office action on  05/10/2021. Accordingly, this action has been made final. 


Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1, 17 and 19 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
Claims 1, 17 and 19 recite "precision of runtime monitoring"; while Fig 2 and Pa. [0039] from the specification of the current application present two levels of precision. It is not clear whether Applicant intends to claim (High precision, Low precision or both) . Appropriate correction is required. For the purpose of Examination, one of them has been considered. 
Double Patenting
The non-statutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees.   A nonstatutory obviousness-type double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the conflicting application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. 
Effective January 1, 1994, a registered attorney or agent of record may sign a terminal disclaimer. A terminal disclaimer signed by the assignee must fully comply with 
Claims 1-20 are provisionally rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 1-8 of US patent No. 10210336 B2. This is a provisional double patenting rejection since the conflicting claims have not yet been patented.
Claims 1-20 recite similar limitations as claims 1-8 of US patent No. 10210336 as follows: 
       Instant application
    US No. 10210336 B2
Claim 1.  A method comprising: performing, by a processor, preliminary program analysis of an executable; determining, by the processor and based on the preliminary program analysis, a security vulnerability level of a portion of the executable; comparing, by the processor, the security vulnerability level of the portion to a security vulnerability threshold; and tuning, by the processor, the precision of runtime monitoring of the portion based the comparing.

Claim 2.  wherein the comparing comprises determining that the security 

Claim 6. wherein the static analysis is shape analysis.

Claim 13. wherein the portion is an execution prefix and wherein the comparing comprises determining an execution prefix length limit beyond which the security vulnerability level of the portion falls below the security vulnerability threshold.

Claim 17.

Claim 19.

Claim 12.

Claim 1. A method comprising: performing, by a processor, shape analysis of an executable, wherein the shape analysis is restricted to analyzing execution prefixes of the executable; determining, by the processor and based on the shape analysis, an execution-prefix length limit, wherein any execution prefixes with a length higher than the execution-prefix length limit are determined to have a high likelihood of exhibiting a security vulnerability level below a security vulnerability threshold; storing, by the processor, the execution-prefix length limit in an oracle; accessing, 











Claim 1.

Claim 8.

Claim 4.



Claims 1, 17 and 19 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-8 of Ionescu US 20200202010 A1, in view of Ionescu US 10210336 B2.
As per claims 1, 17 and 19, the '010  patent recites A method comprising: performing, by a processor, preliminary program analysis of an executable; determining, by the processor and based on the preliminary program analysis, a security vulnerability level of a portion of the executable; comparing, although the '010 patent application does not recite “wherein the portion is an execution prefix and wherein the comparing comprises determining an execution prefix length limit beyond which the security vulnerability level of the portion falls below the security vulnerability threshold.”, Ionescu '010 disclosed the concept of parameter comprising at least the trusted random number (Ionescu ‘'010, claims 2, 6 and 13 “.  wherein the comparing comprises determining that the security vulnerability level of the portion is higher than the security vulnerability threshold, and the tuning comprises configuring the runtime system to monitor the portion with a high level of precision based on the comparing; wherein the static analysis is shape analysis; wherein the portion is an execution prefix and wherein the comparing comprises determining an execution prefix length limit beyond which the security vulnerability level of the portion falls below the security vulnerability threshold, as disclosed by Ionescu ‘010, such modification would allow system provide a distributed network, the plurality of computing nodes jointly 
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 8-10, 14, 17 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Hall U.S. Publication No. 20050283834 A1 in view of Toback (U.S. Patent Application Publication 20140173737 A1).
As to claim 1, Hall teaches a method comprising: performing, by a processor, preliminary program analysis of an executable; determining, by the processor and based on the preliminary program analysis (Hall Fig. 5, Pa. [0043]) [ the source code analysis tools to identify security vulnerabilities], a security vulnerability level of a portion of the executable (Hall Fig. 5, Pa. [0007-0050], claim 4) [determining a number of security vulnerabilities includes : determining, for each security vulnerability in the portion of software code, a vulnerability level]; comparing, by Hall Fig. 5, Pa. [0046-0047]) [the security analysis tool determines a number of critical (read high level) vulnerabilities, a number of serious (read medium level) vulnerabilities, and/or a number of inconsequential (read low level) vulnerabilities…a mechanism or tool for determining a concrete score for the security of program code. The security score is a software quality metric with respect to security as a quantitative value. The score may be used to assign a security rating that can be in absolute form. For example, a score of 90 to 100 gets an "A," a score of 80 to 89 gets a "B," and so on. The security rating may also be presented in comparative form] 
It is noted that Hall does not appear explicitly disclose tuning, by the processor, the precision of runtime monitoring of the portion based the comparing.  
However, Toback discloses tuning, by the processor, the precision of runtime monitoring of the portion based the comparing (Note that Pa. [0024] of the current application presents “runtime monitoring” as analyzing the operations of an executable to detect and block activities of potential security concern) (Toback Fig. 2 and paragraph [0014] discloses a similar runtime monitoring [herein detect, track, and remediate vulnerabilities within software products. The exploitation of software vulnerabilities can cause harm to the software product including the vulnerability, to system in which the software product runs, to other processing systems, etc. The ability to detect, track, and remediate vulnerabilities helps the developer of the software product protect against risks associated with software vulnerabilities, including customer goodwill]
(Toback Pa. [0001])

As to claim 8, the combination of Hall and Toback discloses wherein the preliminary program analysis is a form of offline testing (Hall Pa. [0024]) [a source code analysis tool to determine a number of critical vulnerabilities, obviously this program can be tested offline] Emphasis added: (Singh (US 7610523 B1) discloses [a software based in-system memory testing method that includes both offline mode testing, i.e., memory testing when customer applications are not running]

As to claim 9, Hall teaches wherein the preliminary program analysis is a form of runtime monitoring (Note that Pa. [0024] of the current application presents “runtime monitoring” as analyzing the operations of an executable to detect and block activities of potential security concern) (Toback Fig. 2 and paragraph [0014] discloses a similar runtime monitoring [herein detect, track, and remediate vulnerabilities within software products. The exploitation of software vulnerabilities can cause harm to the software product including the vulnerability, to system in which the software product runs, to other processing systems, etc. The ability to detect, track, and remediate vulnerabilities helps the developer of the software product protect against risks associated with software vulnerabilities, including customer goodwill]

As to claim 10, the combination of Hall and Toback discloses wherein the runtime monitoring has been tuned in a previous runtime monitoring tuning process (Note that Pa. [0024] of the current application presents “runtime monitoring” as analyzing the operations of an executable to detect and block activities of potential security concern) (Toback Fig. 2 and paragraph [0014] discloses a similar runtime monitoring [herein detect, track, and remediate vulnerabilities within software products. The exploitation of software vulnerabilities can cause harm to the software product including the vulnerability, to system in which the software product runs, to other processing systems, etc. The ability to detect, track, and remediate vulnerabilities helps the developer of the software product protect against risks associated with software vulnerabilities, including customer goodwill]
See Thus, before the effective filing date of the claimed invention it would have been recognized by one of ordinary skill in the art that applying the known technique taught by Toback to the technic of vulnerability analysis of Hall would have yield predictable results and resulted in an improved system, namely, a system that would detect, track, and remediate software vulnerabilities within components used by software products as the software products are developed or maintained (Toback Pa. [0001])

As to claim 14, Hall teaches wherein the tuning occurs when the executable is executed (Hall Pa. [0025]) [The vulnerability scanning tool, such as one of source code analysis tools 312, 314, is then executed and instances of the tags are counted]

As to claim 17, claim 17 recites the claimed that contain similar limitations as claim 1; therefore, it is rejected under the same rationale.

As to claim 19, claim 19 recites the claimed that contain similar limitations as claim 1; therefore, it is rejected under the same rationale.

Claims 2-4, 10, 15-16, 18 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Hall U.S. Publication No. 20050283834 A1 in view of Toback (U.S. Patent Application Publication 20140173737 A1), in further view of Laniepce (U.S. Patent Application Publication 20140189868 A1).
As to claim 2, the combination of Hall and Toback teaches wherein the comparing comprises determining that the security vulnerability level of the portion is higher than the security vulnerability threshold (Toback Pa. [0040]) [generates a notification if a vulnerability score exceeds a default or user-specified threshold value], 
 It is noted that the combination of Hall and Toback does not appear explicitly disclose the tuning comprises configuring the runtime system to monitor the portion with a high level of precision based on the comparing.

(Laniepce Pa. [0085]) [ [the detection step E4 depends on the vulnerability criticality level associated with a resource; thus, the higher this indicator, the higher the monitoring time] See also Pa. [0016] (resource whose vulnerability criticality level is very high is monitored more frequently) [0076] [Thus, a first resource whose criticality level is high will appear several times in the itinerary and will therefore be monitored more often by a detection control point PC_IDS]
Thus, before the effective filing date of the claimed invention it would have been recognized by one of ordinary skill in the art that applying the known technique taught by Laniepce to the technic of vulnerability analysis of Hall and Toback would have yield predictable results and resulted in an improved system, namely, a system that would secure computing systems whose architecture is based on dematerialized computing resources, made available to a large number of users who access same remotely and in a manner which changes over time (Laniepce Pa. [0005])

As to claim 3, the combination of Hall, Toback and Laniepce teaches further comprising: determining, by the processor and based on the preliminary program analysis (Hall Fig. 5, Pa. [0043]) [ the source code analysis tools to identify security vulnerabilities], a second security vulnerability level of a second portion of the executable (Hall Fig. 5, Pa. [0007-0050], claim 4) [determining a number of security vulnerabilities includes : determining, for each security vulnerability in the portion of software code, a vulnerability level]; comparing, by the processor, the Hall Fig. 5, Pa. [0046-0047]) [the security analysis tool determines a number of critical (read high level) vulnerabilities, a number of serious (read medium level) vulnerabilities, and/or a number of inconsequential (read low level) vulnerabilities…a mechanism or tool for determining a concrete score for the security of program code. The security score is a software quality metric with respect to security as a quantitative value. The score may be used to assign a security rating that can be in absolute form. For example, a score of 90 to 100 gets an "A," a score of 80 to 89 gets a "B," and so on. The security rating may also be presented in comparative form]; determining that the second security vulnerability level of the second portion is lower than the security vulnerability threshold (Toback Pa. [0039]) [the computer may determine that a known alternative component has a lower vulnerability score than the currently used software component]; and tuning, by the processor and based on determining that the second security vulnerability level of the second portion is lower than the security vulnerability threshold (Toback Pa. [0040]) [the computer generates a notification if a vulnerability score exceeds or falls below a default or user-specified threshold value], the precision of runtime-monitoring of the second portion with a low level of precision (Laniepce Pa. [0076]) [a second resource whose associated criticality level is lower and which, therefore, will be monitored for example only once in the itinerary] 
See before the effective filing date of the claimed invention it would have been recognized by one of ordinary skill in the art that applying the known technique taught (Laniepce Pa. [0005])

As to claim 4, claim 4 recites the claimed that contain similar limitations as claims 2 and 3; therefore, it is rejected under the same rationale.

As to claim 15, the combination of Hall and Toback teaches wherein the tuning is performed when the executable is integrated into a computer system (Toback Pa. [0062]) [the computer-implemented method may be carried out in a computer system or other data processing system in response to its processor or processing system executing sequences of instructions contained in a memory]
See Thus, before the effective filing date of the claimed invention it would have been recognized by one of ordinary skill in the art that applying the known technique taught by Toback to the technic of vulnerability analysis of Hall would have yield predictable results and resulted in an improved system, namely, a system that would detect, track, and remediate software vulnerabilities within components used by software products as the software products are developed or maintained (Toback Pa. [0001])

As to claim 16, the combination of Hall, Toback and Laniepce teaches wherein the tuning is performed on a periodic basis (Laniepce Pa. [0065]) [constructing the vulnerabilities audit base and of dispatch is executed periodically, according to a period which is parameterizable at the level of the intrusion detection control center]
See before the effective filing date of the claimed invention it would have been recognized by one of ordinary skill in the art that applying the known technique taught by Laniepce to the technic of vulnerability analysis of Hall and Toback would have yield predictable results and resulted in an improved system, namely, a system that would secure computing systems whose architecture is based on dematerialized computing resources, made available to a large number of users who access same remotely and in a manner which changes over time (Laniepce Pa. [0005])

As to claim 18, claim 19 recites the claimed that contain similar limitations as claim 2; therefore, it is rejected under the same rationale.

As to claim 20, claim 20 recites the claimed that contain similar limitations as claim 4; therefore, it is rejected under the same rationale.

Claims 5-7 and 11-12 are rejected under 35 U.S.C. 103 as being unpatentable over Hall U.S. Publication No. 20050283834 A1 in view of Toback (U.S. Patent Application Publication 20140173737 A1), in further view of TRIPP (U.S. Patent .
As to claim 5, the combination of Hall and Toback does not appear explicitly disclose wherein the preliminary program analysis is a form of static analysis.
However, TRIPP discloses wherein the preliminary program analysis is a form of static analysis (TRIPP Pa. [0018]) [configured to seed a static analysis of an instruction code set of a computer-based software application with at least one abstract value for at least one variable (hereinafter the "seeding" variable) within the instruction code set]
Thus, before the effective filing date of the claimed invention it would have been recognized by one of ordinary skill in the art that applying the known technique taught by TRIPP to the technic of vulnerability analysis of Hall and Toback would have yield predictable results and resulted in an improved system, namely, a system that would secure perform on instruction code of computer-based software applications to identify issues such as logic errors and security vulnerabilities within an instruction code set (TRIPP Pa. [0002])

As to claim 6, the combination of Hall, Toback and TRIPP teaches wherein the static analysis is shape analysis. (Note that Pa. [0020] of the current application presents “shape analysis” as a precise form of program analysis, and thus may be effective at identifying vulnerabilities in executables.) (TRIPP paragraph [0002] discloses a similar shape analysis [Static analysis is often performed on instruction code of computer-based software applications to identify issues such as logic errors and security vulnerabilities] Therefore, the “Static analysis” Of TRIPP is a shape analysis.
See before the effective filing date of the claimed invention it would have been recognized by one of ordinary skill in the art that applying the known technique taught by TRIPP to the technic of vulnerability analysis of Hall and Toback would have yield predictable results and resulted in an improved system, namely, a system that would secure perform on instruction code of computer-based software applications to identify issues such as logic errors and security vulnerabilities within an instruction code set (TRIPP Pa. [0002])

As to claim 7, the combination of Hall, Toback and TRIPP teaches wherein the shape analysis is restricted to execution prefixes of the executable (TRIPP Pa. [0021]) [value representation is modeled as a prefix portion having a known value that is not tainted, and a suffix portion representing an unknown value that is tainted] Note: Ordinary skills in the art  would understand that the execution of the prefix cote could be restricted as needed.
See before the effective filing date of the claimed invention it would have been recognized by one of ordinary skill in the art that applying the known technique taught by TRIPP to the technic of vulnerability analysis of Hall and Toback would have yield predictable results and resulted in an improved system, namely, a system that would secure perform on instruction code of computer-based software applications to identify issues such as logic errors and security vulnerabilities within an instruction code set (TRIPP Pa. [0002])
As to claim 11, the combination of Hall, Toback and TRIPP teaches wherein the preliminary program analysis is taint analysis (TRIPP Pa. [0021]) [FIG. 3, in which taint analysis is performed on an instruction code set 300 of a computer-based software application]
See before the effective filing date of the claimed invention it would have been recognized by one of ordinary skill in the art that applying the known technique taught by TRIPP to the technic of vulnerability analysis of Hall and Toback would have yield predictable results and resulted in an improved system, namely, a system that would secure perform on instruction code of computer-based software applications to identify issues such as logic errors and security vulnerabilities within an instruction code set (TRIPP Pa. [0002])

As to claim 12, the combination of Hall, Toback and TRIPP teaches wherein taint analysis is Led to non-immutable variables (TRIPP Pa. [0021]) [in FIG. 3, in which taint analysis is performed on an instruction code set 300 of a computer-based software application. Prior to performing the analysis, a tainted source 302, being the variable "document.location.href", is identified within the application, in accordance with conventional techniques, as feeding into a sink 304 at line 48, where source 302 and sink 304 are identified as candidates for the taint analysis, note: obviously the variable can be a non-immutable variables as needed]
See before the effective filing date of the claimed invention it would have been recognized by one of ordinary skill in the art that applying the known technique taught by TRIPP to the technic of vulnerability analysis of Hall and Toback would have yield (TRIPP Pa. [0002])

Allowable Subject Matter
Claim 13 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Response to Arguments
Arguments
a.	It is argued that: Claims 1, 17, and 19 stand rejected under 35 U.S.C. 112(b) as being indefinite. Office Action page 2. Specifically, the Office Action suggests that it is unclear whether Applicant intends the "precision of runtime monitoring" to refer to "high precision" or "low precision" as described in Applicant's Specification paragraph 0039. 
Applicant does not concede to these rejections. Applicant notes that these claims recite "tuning ... the precision of runtime monitoring." Claim 1. Tuning, as described by Applicant's specification, is the process by which the precision of runtime monitoring is adjusted. See, e.g., Applicant's Specification 0032 ("tune the precision of the runtime monitoring phase by identifying portions of the executable that may be monitored with high degree precision and portions of an executable that may be monitored with a low degree of precision"); Applicant's Specification at 0035 ("the configurations of runtime monitoring are tuned in block 108 to reflect the determined monitoring precisions"). 

specification, would understand that Applicant's tuning could result in a precision of runtime monitoring that is high, low, or neither (e.g., intermediate). Thus, Applicant contends that Applicant's claims are not indefinite. See MPEP 2173.02 ("A decision on whether a claim is indefinite under35 U.S.C. 112(b) or pre-AIA  35 U.S.C. 112, second paragraph requires a determination of whether those skilled in the art would understand what is claimed when the claim is read in light of the specification."). 

Examiner’s response a: 
In response to applicant's argument, Examiner respectfully submits that Fig 2 and Pa. [0039] from the specification of the current application present two levels of precision. It is not clear whether Applicant intends to claim (High precision, Low precision or both). Therefore, the rejections of claims 1, 17 and 19 under 35 U.S.C. 112(b) are maintained. 

b.	It is argued that: The Office Action cites Toback FIG. 2 and 0014 as disclosing "tuning, by the processor, the precision of runtime monitoring of the portion based the comparing." Office Action page 8. Specifically, the Office notes that paragraph 0024 of Applicant's specification describes runtimePage 7 of 12 Appl. No. 16/807,344Reply to Office Action of May 10, 2021monitoring as "typically involve[ing] analyzing the operations of an executable to detect and block activities of potential security concern." Office Action page 8. The Office then contends that, because Toback discloses detecting, tracking, and remediating vulnerabilities within software products, Toback must disclose Applicant's runtime monitoring. Office Action page 8. 

Further, Applicant notes that the rejection appears to be silent regarding any disclosure of "tuning ... the precision of runtime monitoring" within Toback. Thus, even if Toback did disclose Applicant's runtime monitoring, Toback would not disclose Applicant's limitation. 
For at least these reasons, Applicant contends that claim 1 is patentable over the combination of references, and respectfully requests that this rejection be withdrawn. 
Examiner’s response b: 
 In response to applicant's argument, Examiner respectfully submits that claimed limitation is to be given their broadest reasonable interpretation during prosecution, and the scope of a claim cannot be narrowed by reading disclosed limitations into the claim. See In re Morris, 127 F.3d 1048, 1054, 44 USPQ2D 1023, 1027 (Fed. Cir. 1997); In re Zletz, 893 F.2d 319, 321, 13 USPQ2D 1320, 1322 (Fed. Cir. 1989); In re Prater, 415 F.2d 1393, 1404, 162 USPQ 541,550 (CCPA 1969).
In addition, based on the application’s specification (Toback Fig. 2 and paragraph [0014] the claimed limitation “tuning, by the processor, the precision of runtime monitoring of the portion based the comparing (Note that Pa. [0024] of the current application presents “runtime monitoring ”as analyzing the operations of an executable to detect and block activities of potential security concern) (Toback Fig. 2 and paragraph [0014] discloses a similar runtime monitoring [herein detect, track, and remediate vulnerabilities within software products. The exploitation of software vulnerabilities can cause harm to the software product including the vulnerability, to system in which the software product runs, to other processing systems, etc. The ability to detect, track, and remediate vulnerabilities helps the developer of the software product protect against risks associated with software vulnerabilities, including customer goodwill]”

c.	It is argued that: The Rejection of Claims 7 and 12 Under 35 U.S.C. 103 
Applicant does not concede to these rejections. The Office appears to rely on Official Notice for both of these rejections. 
To disclose restricting shape analysis "to execution prefixes of the executable," as 
required by claim 7, the Office notes that "Ordinary skills in the art would understand that the execution of the prefix cote could be restricted as needed." Office Action page 17. 
To disclose restricting taint analysis "to non-immutable variables," as required by claim 12, the Office notes that "obviously the variable can be a non-immutable variable as needed." Office Action page 18. 
Applicant does not concede to these assertions of Official Notice. Applicant notes that MPEP 2144.03 provides requirements for rejections based on Official Notice. For example: 
Page 8 of 12 Appl. No. 16/807,344 Reply to Office Action of May 10, 2021"Official notice unsupported by documentary evidence should only be taken by 

knowledge in the art are capable of instant and unquestionable demonstration as being well-known ... the notice of facts beyond the record which may be taken 
by the examiner must be 'capable of such instant and unquestionable 
demonstration as to defy dispute"' MPEP 2144.03(A) (quoting In re Ahlert, 424 
F.2d 1088, 1091, 165 USPQ 418, 420 (CCPA 1970)). 
"it is always preferable, when reasonably possible, for the examiner to cite a prior art reference rather than to rely on official notice." MPEP 2144.03(A). 
"It would not be appropriate for the examiner to take official notice of facts 
without citing a prior art reference where the facts asserted to be well known are 
not capable of instant and unquestionable demonstration as being well-known. 
For example, assertions of technical facts in the areas of esoteric technology or 
specific knowledge of the prior art must always be supported by citation to some 
reference work recognized as standard in the pertinent art." MPEP 2144.03(A). 
"If Official Notice Is Taken of a Fact, Unsupported by Documentary Evidence, 
the Technical Line of Reasoning Underlying a Decision To Take Such Notice 
Must Be Clear and Unmistakable." MPEP 2144.03(B). 
"If Applicant Traverses a Factual Assertion as Not Properly Officially Noticed or Not Properly Based Upon Common Knowledge, the Examiner Must Support the 
Finding With Adequate Evidence." MPEP 2144.03(C). 
Applicant traverses both of these assertions of Official Notice. 
As related to restricting shape analysis "to execution prefixes of the executable," for example, while the cited portion of Tripp does disclose prefixes, it says nothing 
Similarly, as related to restricting taint analysis "to non-immutable variables," while 
Tripp discloses taint analysis and variables, it says nothing regarding restricting taint analysis to Page 9 of 12 Appl. No. 16/807,344Reply to Office Action of May 10, 2021types of variables. Again, simply disclosing a software concept does not compel the conclusion that it is common knowledge in the art that a software process could be applied to that concept. 
Further, Applicant notes that these claims depend upon and incorporates the limitations of claim 1. Thus, these claims are patentable over the combination of references for at least the same reason that claim 1 is patentable over the combination of references. For at least this and the above reasons, Applicant respectfully requests that these rejections be withdrawn. 

Examiner’s response c: 
 In response to applicant's argument, Examiner respectfully submits that claimed limitation is to be given their broadest reasonable interpretation during prosecution, and the scope of a claim cannot be narrowed by reading disclosed limitations into the claim. See In re Morris, 127 F.3d 1048, 1054, 44 USPQ2D 1023, 1027 (Fed. Cir. 1997); In re Zletz, 893 F.2d 319, 321, 13 USPQ2D 1320, 1322 (Fed. Cir. 1989); In re Prater, 415 F.2d 1393, 1404, 162 USPQ 541,550 (CCPA 1969).
Furthermore, the the combination of Hall, Toback and TRIPP fairly discloses claims 7 and 12. 
(TRIPP Pa. [0021]) [value representation is modeled as a prefix portion having a known value that is not tainted, and a suffix portion representing an unknown value that is tainted] Note: Ordinary skills in the art  would understand that the execution of the prefix cote could be restricted as needed.
12. teaches wherein taint analysis is Led to non-immutable variables (TRIPP Pa. [0021]) [in FIG. 3, in which taint analysis is performed on an instruction code set 300 of a computer-based software application. Prior to performing the analysis, a tainted source 302, being the variable "document.location.href", is identified within the application, in accordance with conventional techniques, as feeding into a sink 304 at line 48, where source 302 and sink 304 are identified as candidates for the taint analysis, note: obviously the variable can be a non-immutable variables as needed]
Therefore, the Applicant’s arguments are moot.

d.	It is argued that: The Rejection of Claim 14 Under 35 U.S.C. 103 
The Office cites Hall 0025 as disclosing "wherein the tuning occurs when the executable is executed." Office Action page 11. 
Applicant does not concede to this rejection. Hall 0025, as described by the Office 
Action, simply discloses that Hall's vulnerability scanning tool is executed. However, Hall's vulnerability scanning tool is not cited as disclosing Applicant's "executable," but rather as disclosing software that monitors an executable. Office Action pages 7 - 8. 

Further, Applicant notes that claim 14 depends upon and incorporates the limitations of claim 1. Thus, claim 14 is patentable over the combination of references for at least the same reason that claim 1 is patentable over the combination of references. For at least this and the above reasons, Applicant respectfully requests that this rejection be withdrawn. 
The Rejection of Claim 15 Under 35 U.S.C. 103 
The Office cites Toback 0062 as disclosing "wherein the tuning is performed when the executable is integrated into a computer system." Office Action page 14. 
Applicant does not concede to this rejection. Toback 0062 simply describes Toback's remediation method as being performed in a computer system when its processor executes instructions from memory. Toback 0062. However, similar to Hall's vulnerability scanning tool cited against claim 14, Toback's remediation method is not cited as disclosing Applicant's executable, but rather as disclosing runtime monitoring. Office Action page 8. Page 10 of 12 Appl. No. 16/807,344 
Reply to Office Action of May 10, 2021 Thus, even if Toback's remediation method did somehow disclose Applicant's tuning, Toback 0062 would only disclose that the tuning could be performed by a processor executing instructions from memory. Toback 0062 does not disclose doing anything when something is integrated into a computer system. Further, Toback 0062 does not disclose integrating Applicant's executable into a computer system. 

Examiner’s response d: 
 In response to applicant's argument, Examiner respectfully submits that claimed limitation is to be given their broadest reasonable interpretation during prosecution, and the scope of a claim cannot be narrowed by reading disclosed limitations into the claim. See In re Morris, 127 F.3d 1048, 1054, 44 USPQ2D 1023, 1027 (Fed. Cir. 1997); In re Zletz, 893 F.2d 319, 321, 13 USPQ2D 1320, 1322 (Fed. Cir. 1989); In re Prater, 415 F.2d 1393, 1404, 162 USPQ 541,550 (CCPA 1969).
Furthermore, the combination of Hall and  Toback fairly discloses claims 14 and 15. 
14. wherein the tuning occurs when the executable is executed (Hall Pa. [0025]) [The vulnerability scanning tool, such as one of source code analysis tools 312, 314, is then executed and instances of the tags are counted]

15. the combination of Hall and Toback teaches wherein the tuning is performed when the executable is integrated into a computer system (Toback Pa. [0062]) [the computer-implemented method may be carried out in a computer system or other data processing system in response to its processor or processing system executing sequences of instructions contained in a memory]

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to EVANS DESROSIERS whose telephone number is (571)270-5438.  The examiner can normally be reached on Monday -Thursday 7:00 am - 5:30 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/EVANS DESROSIERS/Primary Examiner, Art Unit 2491