DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Status of Claims
Claims 1-20 are pending. Claims 1, 3-5, 11, 15, 17, and 20 have been amended as per Applicants' request.

Papers Submitted
It is hereby acknowledged that the following papers have been received and placed of record in the file:
Amended Claims as filed on July 29, 2021

Claim Analysis - 35 USC § 101
Claims 17-20 recites “computer readable medium”. The specification as originally filed recites at paragraph [0024] “the processor 104 may interact with main memory 106 that may include a tangible, non-transitory, machine-readable-medium, such as volatile memory (e.g., random access memory (RAM)) and/or nonvolatile memory (e.g., read-only memory (ROM)), flash memory, or any suitable optical, magnetic, or solid-state storage medium, or any combination thereof”. There is no further description of “readable medium” in the specification and therefore in view of the specification computer readable medium is interpreted to be non-transitory and 101 rejection will not be issued.


Claim Rejections - 35 USC § 103

A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-10 is/are rejected under 35 U.S.C. 103 as being unpatentable over Riley (US 2007/0121411) (hereinafter Riley) (published May 31, 2007) in view of Tkacik et al. (US 2007/0297606) (hereinafter Tkacik) (published December 27, 2007) and Hughes et al. (US 2016/0092674) (hereinafter Hughes) (published March 31, 2016).
Regarding Claim 1, Riley discloses a method for securely programming a plurality of fuses of a programmable logic device, comprising: receiving, via a processor communicatively coupled to the programmable logic device, data to be programmed in a set of fuses of the plurality of fuses;
“The logic unit receives data signals from the one or more alignment latches and determines if the proper pattern of data values is stored in the alignment latches” (Riley [0014])

programming, via the processor, the set of fuses of the plurality of fuses with the data 
“Depending upon the results of the determination and whether a program enable signal is asserted by a test unit, the logic unit may assert or not assert a qualified program enable signal to the eFuse elements of the bank of eFuses. Only when the qualified program enable signal is asserted to the eFuse elements are they programmed using the data values stored in the latch units” (Riley [0015])

But does not explicitly state wherein the data is configured to decrypt an encrypted configuration bitstream configured to configure a programmable fabric of the programmable logic device; generating, via the processor, a shuffled sequence of the plurality of fuses; and programming according to the shuffled sequence.
Tkacik discloses wherein the data is configured to decrypt an encrypted configuration bitstream configured to configure a programmable fabric of the programmable logic device;


“The secure memory configuration data 222 stores configuration data used to control the operation of the secure memory. For example, it stores configuration data related to access permissions for various portions of the memory” (Tkacik [0035])

“Thus, the secure memory system 200 provides a secure mechanism for encrypting, decrypting and storing sensitive data, and thus can be used to prevent unauthorized access to sensitive data and bind data to this host device. In order to keep the data secure, data that has been decrypted by the encryption logic circuitry 208 is only stored within the secure memory 210, and used only within the secure processing system 102” (Tkacik [0036])

It would have been obvious before the effective filing date of the invention to one of ordinary skill in the art to combine the storing of encryption keys in fuses described in Tkacik with Riley to yield the predictable results of increasing security by having data being protected.
Hughes discloses generating, via the processor, a shuffled sequence of the plurality of fuses; and programming according to the shuffled sequence.
“A shuffling algorithm can be used to randomize the dispersal of the clumps in memory. In one embodiment, the loader shuffles the clumps by randomly permuting an ordered sequence of between 0 and the total number of clumps, generating a mapping between the linear arrangement of the stored binary segment 310 and the randomized (e.g., shuffled) arrangement of the virtual address space 320. Various shuffling algorithms can be used, such as a Fisher-Yates shuffle (e.g., a Knuth shuffle) or a variant thereof” (Hughes [0039] the shuffling algorithm provides a shuffled address space for the fuses and the programming of the fuses would be according to the shuffled addresses of the fuses)

It would have been obvious before the effective filing date of the invention to one of ordinary skill in the art to combine the shuffling algorithm of Hughes with the combination of Riley and Tkacik to yield the predictable results of increasing security by providing an extra layer of abstraction.

Regarding Claim 2, Tkacik further discloses wherein the data comprises an encryption key.
“Specifically, the secure memory system 200 uses the base encryption key 202 to derive the plurality of keys used in the system 200. The base encryption key 202 is preferably 

Regarding Claim 3, Tkacik further discloses comprising: receiving, via the processor, the encrypted configuration bitstream; and programming, via the processor, the programmable fabric based at least in part on the encrypted configuration bitstream.
“Thus, during operation the host processor 104 will cause encrypted data from the external memory 110 to be passed to the secure memory system 106. The secure memory system 106 will decrypt and store the data using the encryption keys” (Tkacik [0021])

“The secure memory configuration data 222 stores configuration data used to control the operation of the secure memory. For example, it stores configuration data related to access permissions for various portions of the memory” (Tkacik [0035])

“Thus, the secure memory system 200 provides a secure mechanism for encrypting, decrypting and storing sensitive data, and thus can be used to prevent unauthorized access to sensitive data and bind data to this host device. In order to keep the data secure, data that has been decrypted by the encryption logic circuitry 208 is only stored within the secure memory 210, and used only within the secure processing system 102” (Tkacik [0036])

Regarding Claim 4, Tkacik further discloses comprising decrypting, via the processor, the encrypted configuration bitstream using the data programmed in the set of fuses.
“The secure memory system 106 will decrypt and store the data using the encryption keys” (Tkacik [0021])

Regarding Claim 5, Tkacik further discloses wherein programming, via the processor, the programmable fabric based at least in part on the encrypted configuration bitstream comprises decrypting, via the processor, the encrypted configuration bitstream using the data programmed in the set of fuses.


“The secure memory configuration data 222 stores configuration data used to control the operation of the secure memory. For example, it stores configuration data related to access permissions for various portions of the memory” (Tkacik [0035])

“Thus, the secure memory system 200 provides a secure mechanism for encrypting, decrypting and storing sensitive data, and thus can be used to prevent unauthorized access to sensitive data and bind data to this host device. In order to keep the data secure, data that has been decrypted by the encryption logic circuitry 208 is only stored within the secure memory 210, and used only within the secure processing system 102” (Tkacik [0036])

Regarding Claim 6, Hughes further discloses wherein the shuffled sequence of the plurality of fuses is generated by a Fisher-Yates shuffle algorithm.
“A shuffling algorithm can be used to randomize the dispersal of the clumps in memory. In one embodiment, the loader shuffles the clumps by randomly permuting an ordered sequence of between 0 and the total number of clumps, generating a mapping between the linear arrangement of the stored binary segment 310 and the randomized (e.g., shuffled) arrangement of the virtual address space 320. Various shuffling algorithms can be used, such as a Fisher-Yates shuffle (e.g., a Knuth shuffle) or a variant thereof” (Hughes [0039])

Regarding Claim 7, Hughes further discloses wherein the shuffled sequence is generated by a shuffle algorithm based at least in part on a random number generator.
“In one embodiment, the shuffle algorithm uses a pseudorandom number generator unit to facilitate random number generation” (Hughes [0068] pseudorandom number generator is a type of random number generator)

Regarding Claim 8, Hughes further discloses wherein the shuffled sequence is generated by a shuffle algorithm based at least in part on a pseudorandom number generator.
“In one embodiment, the shuffle algorithm uses a pseudorandom number generator unit to facilitate random number generation” (Hughes [0068])

Regarding Claim 9, Hughes further discloses comprises selecting, via the processor, one or more fuses of the set of fuses based at least in part on a memory location offset.
“One method of implementing ASLR uses base address randomization for one or more segments of a library or application when the library or application is loaded into memory. The base address of the randomized segments can be randomized by a `slide` value each time the process is loaded into memory. However, sliding the entire segment by a single offset can leave instructions in the segment vulnerable if the slide value of the segment is discovered” (Hughes [0027])

Regarding Claim 10, Hughes further discloses comprising removing, via the processor, one or more fuses from the shuffled sequence of the plurality of fuses when the one or more fuses already hold the data to be programmed.
“The look-ahead programming multiplexer 150 causes the fuse latch's shifted "one" to skip over fuses which are not selected for programming, thereby saving fuse programming time” (Hughes [0008] programing is required only if the values are different from the data to be programmed)

Claims 17-19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Riley (published May 31, 2007) in view of Hughes (published March 31, 2016).
Regarding Claim 17, Riley discloses a computer readable medium storing instructions for securely programming a plurality of fuses of a programmable logic device, comprising instructions to cause a processor communicatively coupled to the programmable logic device to: receive data to be programmed in the plurality of fuses;
“The logic unit receives data signals from the one or more alignment latches and determines if the proper pattern of data values is stored in the alignment latches” (Riley [0014])

determine one or more fuses in the sequence of the plurality of fuses that store one or more values equal to one or more corresponding values of the data;
“The logic unit receives data signals from the one or more alignment latches and determines if the proper pattern of data values is stored in the alignment latches” (Riley [0014])



remove the one or more fuses from the sequence of the plurality of fuses to determine a set of fuses; and
“The look-ahead programming multiplexer 150 causes the fuse latch's shifted "one" to skip over fuses which are not selected for programming, thereby saving fuse programming time” (Riley [0008] programing is required only if the values are different from the data to be programmed)

program the set of fuses with the data that does not comprise the one or more corresponding values.
“Depending upon the results of the determination and whether a program enable signal is asserted by a test unit, the logic unit may assert or not assert a qualified program enable signal to the eFuse elements of the bank of eFuses. Only when the qualified program enable signal is asserted to the eFuse elements are they programmed using the data values stored in the latch units” (Riley [0015])

But does not explicitly state generate a sequence of the plurality of fuses; remove fuses from the sequence that are not included in the set of fuses.
Hughes discloses generate a sequence of the plurality of fuses;
“A shuffling algorithm can be used to randomize the dispersal of the clumps in memory. In one embodiment, the loader shuffles the clumps by randomly permuting an ordered sequence of between 0 and the total number of clumps, generating a mapping between the linear arrangement of the stored binary segment 310 and the randomized (e.g., shuffled) arrangement of the virtual address space 320. Various shuffling algorithms can be used, such as a Fisher-Yates shuffle (e.g., a Knuth shuffle) or a variant thereof” (Hughes [0039])

It would have been obvious before the effective filing date of the invention to one of ordinary skill in the art to combine the shuffling algorithm of Hughes with Riley to yield the predictable results of increasing security by providing an extra layer of abstraction.

Regarding Claim 18, Riley and Hughes further discloses wherein the sequence comprises a shuffled sequence, wherein the instructions cause the processor to program the set of fuses with the data according to the shuffled sequence.
“Depending upon the results of the determination and whether a program enable signal is asserted by a test unit, the logic unit may assert or not assert a qualified program enable signal to the eFuse elements of the bank of eFuses. Only when the qualified program enable signal is asserted to the eFuse elements are they programmed using the data values stored in the latch units” (Riley [0015])

“A shuffling algorithm can be used to randomize the dispersal of the clumps in memory. In one embodiment, the loader shuffles the clumps by randomly permuting an ordered sequence of between 0 and the total number of clumps, generating a mapping between the linear arrangement of the stored binary segment 310 and the randomized (e.g., shuffled) arrangement of the virtual address space 320. Various shuffling algorithms can be used, such as a Fisher-Yates shuffle (e.g., a Knuth shuffle) or a variant thereof” (Hughes [0039] the shuffling algorithm provides a shuffled address space for the fuses and the programming of the fuses would be according to the shuffled addresses of the fuses)

Regarding Claim 19, Hughes further discloses wherein the shuffled sequence is generated by a shuffle algorithm based at least in part on a random number generator or a pseudorandom number generator.
“In one embodiment, the shuffle algorithm uses a pseudorandom number generator unit to facilitate random number generation” (Hughes [0068] pseudorandom number generator is a type of random number generator)




Response to Arguments
Applicant's arguments filed July 29, 2021 have been fully considered but they are not persuasive. 
Applicant Argues:
a)	Office Action, p. 8. The Examiner then relied on Tkacik to teach this claim element. See id. However, Tkacik teaches “secure memory configuration data 222 stores configuration data used to ¶35. That is, Tkacik is silent, regarding the configuration data “configured to configure a programmable fabric of the programmable logic device,” as recited by independent claim 1. Applicant also submits that Riley and Hughes do not obviate the deficiencies of Tkacik with respect to claim 1.
With respect to (a), the claim recites “configured to configure a programmable fabric of the programmable logic device”, which when given broadest reasonable interpretation would be causing the programmable fabric to act in a certain way. Tkacik discloses the configuration data is used control the operations of the secure memory via access permissions would read upon configuring the programmable fabric.

b) In sharp contrast, Riley appears to teach programming data signals in eFuse elements of a bank of eFuses, and Hughes appears to teach shuffling clumps of memory. See Riley, ¶¶ 14, 15; see also Hughes, ¶ 39. However, Riley and Hughes, alone or in hypothetical combination, are silent regarding determining fuses in a sequence of fuses that store values equal to corresponding values of data, removing the fuses from the sequence of fuses to determine a set of fuses, and programming the set of fuses with the data that does not include the corresponding values, as generally recited by independent claim 17.
With respect to (b), Riley at ¶8, ¶14 and ¶ 49 discloses the limitations of checking if the values equal and removing fuses from the sequence. Riley discloses checking for the proper pattern of the data and the use of read scan chain to determine what is in the fuses, then removing fuses that equal the value of the fuse from programming to save fuse programming time.

Allowable Subject Matter
Claims 12-16 are allowed.
Claims 11 and 20 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
The following is a statement of reasons for the indication of allowable subject matter:
The claims are directed towards a specific way of programming a plurality of fuses to avoid side-channel attacks. The claims requires having variable wait times between the programming of each bit of data into the plurality of fuses. This is different from the prior art Sandri et al. (US 2014/0253221) which discloses keeping programming time the same to avoid detection.









Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SIDNEY LI whose telephone number is (571)270-5967.  The examiner can normally be reached on Monday to Friday 10:00 AM to 6:00 PM.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Charles Rones can be reached on (571) 272-4085.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/SIDNEY LI/Examiner, Art Unit 2136                                                                                                                                                                                                        
/CHARLES RONES/Supervisory Patent Examiner, Art Unit 2136