DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statement (IDS) submitted on February 7, 2020 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Priority
Acknowledgment is made of applicant’s claim for foreign priority under 35 U.S.C. 119 (a)-(d).  It is noted, however, that applicant has not filed a certified copies as required by 37 CFR 1.55.  The Examiner notes the Request to Retrieve Priority Applications is present in the file, and encourages the Applicant to make sure that the submitted information is accurate.
“If the electronic copy of the priority document is not contained in the application at the time of the first Office action the applicant should verify that the priority claim (country, application number and filing date) indicated on the filing receipt is accurate and that the filing receipt includes the “Request to Retrieve” text.  If the filing receipt reflects the accurate foreign priority claim and WIPO DAS access code, if applicable, the applicant should contact the Patents Electronic Business Center and request that the matter be escalated to determine why the priority document is not yet in the file.  Note that the applicant continues to bear the ultimate responsibility for ensuring that the priority document is filed during the pendency of the application and before the patent is issued.”

Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 

Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier.  Such claim limitation(s) is/are: “processor configured to receive/retrieve/determine/output” in claim 1; “processor is configured to determine” in claims 2, 3, & 9; “processor is configured to receive/determine” in claims 4 & 10; “processor is configured to receive” 
Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claim 20 is rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.  The claim does not fall within at least one of the four categories of patent eligible subject matter because the broadest reasonable interpretation of “a computer readable storage medium” covers forms of both non-transitory tangible media and transitory propagating signals per se.  See In re Nuijten, 500 F.3d 1346, 1356-57 (Fed. Cir. 2007); Subject Matter Eligibility of Computer Readable Media, Jan. 26, 2010; p. 1.  Therefore, because the broadest reasonable interpretation of the claims covers a signal per se, the Examiner suggest amending the claims to indicate that the medium is 

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 1-16, 19, and 20 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Kocher et al, U.S. Patent 10,771,448.

As per claim 1, it is taught of a security data processing device comprising a processor and a memory coupled to the processor, the processor configured to:
receive a script (command, col. 3, lines 56-60) comprising at least one instruction set for provisioning a type of programmable device (IC chip), each of the at least one instruction set defining one or more cryptographic operations (digitally signing) to be performed by the security data processing device, each of the one or more cryptographic operations referring to a parameter (col. 24, lines 40-53);
store the script in the memory (col. 23, lines 19-30);
retrieve a first authorization key from said memory and verify a signature associated with the script using the first authorization key, wherein the script is signed by a producer (manufacturer) of the script (col. 3, lines 40-64 and col. 25, lines 13-18);
receive a programming request (performing operations) from a programming module of a programming machine in communication with said processor, said programming request requesting the 
for each of the one or more cryptographic operations in the identified instruction set, determine a (hash) value for the parameter referred to in the cryptographic operation and perform the cryptographic operation using the value (col. 29, lines 40-53); and
in response to performing each of the one or more cryptographic operation, output programming information to the programming module for programming the programmable device (col. 25, lines 13-18 and col. 29, lines 30-43).
As per claim 2, it disclosed wherein for one or more of the cryptographic operations in the identified instruction set, the processor is configured to determine the value for the parameter defined in the cryptographic operation by extracting said value from the programming request (col. 25, lines 13-18 and col. 29, lines 30-43).
As per claim 3, it is taught wherein for one or more of the cryptographic operations in the identified instruction set, the processor is configured to- 42 -3136282.v3Docket No. 5552.1005-000 determine the value for the parameter defined in the cryptographic operation by reading said value from the script (col. 25, lines 13-18 and col. 29, lines 30-43).
As per claim 4, it is disclosed wherein the processor is configured to receive the script and metadata in a configuration file and for one or more of the cryptographic operations in the identified instruction set, the processor is further configured to determine the value for the parameter defined in the cryptographic operation by querying said metadata (col. 15, lines 32-56 and col. 29, lines 30-43).
As per claim 5, it is taught wherein the metadata is signed and the processor is configured to verify a signature of the metadata using the first authorization key or a second authorization key ().
As per claim 6, it is disclosed wherein the metadata is signed by the producer of the script (col. 15, lines 32-56 and col. 24, lines 40-53).

As per claim 8, it is disclosed wherein the metadata defines the value for the parameter (col. 15, lines 32-56 and col. 24, lines 40-53).
As per claim 9, it is taught wherein the metadata defines that the value is to be generated by the security data processing device, the processor is further configured to determine the value for the parameter by generating said value (col. 25, lines 13-18 and col. 29, lines 30-43).
As per claim 10, it is disclosed wherein the metadata defines that the value is to be accessed from a data file, the processor is configured to: access the data file comprising at least a value for said parameter; retrieve a third authorization key from said memory and verify a signature associated with the data file using the third authorization key, wherein the data file is signed by a manufacturing party; wherein the processor is further configured to determine the value for the parameter based on querying the data file (col. 22, lines 17-36 and col. 31, line 66 through col. 32, line 7).
As per claim 11, it is taught wherein the processor is configured to receive the data file and store the data file in the memory (col. 23, lines 19-30).
As per claim 12, it is disclosed wherein the metadata comprises a unique identifier and the data file includes a reference to the unique identifier of the metadata (col. 15, lines 32-56).
As per claim 13, it is taught wherein the value for said parameter is encrypted and the processor is configured to decrypt the value with a wrapping key stored in said memory (col. 22, lines 17-36 and col. 31, line 66 through col. 32, line 7).
As per claim 14, it is disclosed wherein the metadata is encrypted and the processor is configured to decrypt the script with a cryptographic key stored in said memory (col. 22, lines 17-36 and col. 31, line 66 through col. 32, line 7).

As per claim 16, it is disclosed wherein the script is encrypted and the processor is configured to decrypt the script with a cryptographic key stored in said memory (col. 22, lines 17-36 and col. 31, line 66 through col. 32, line 7).
As per claim 19, it is taught of a computer implemented method, the method implemented on a security data processing device, and comprising:
receiving a script (command, col. 3, lines 56-60) comprising at least one instruction set for provisioning a type of programmable device (IC chip), each of the at least one instruction set defining one or more cryptographic operations (digitally signing) to be performed by the security data processing device, each of the one or more cryptographic operations referring to a parameter (col. 24, lines 40-53);
storing the script in a memory of the security data processing device (col. 23, lines 19-30);
retrieving a first authorization key from said memory and verify a signature associated with the script using the first authorization key, wherein the script is signed by a producer (manufacturer) of the script (col. 3, lines 40-64 and col. 25, lines 13-18);
receiving a programming request (performing operations) from a programming module of a programming machine in communication with said processor, said programming request requesting the programming of a programmable device and identifying an instruction set of the least one instruction set in said script (col. 24, lines 40-53);
for each of the one or more cryptographic operations in the identified instruction set, determining a (hash) value for the parameter referred to in the cryptographic operation and performing the cryptographic operation using the value (col. 29, lines 30-43); and

As per claim 20, it is disclosed of a computer-readable storage medium comprising instructions which, when executed by a processor of a security data processing device cause the security data processing device to:
receive a script (command, col. 3, lines 56-60) comprising at least one instruction set for provisioning a type of programmable device (IC chip), each of the at least one instruction set defining one or more cryptographic operations (digitally signing) to be performed by the security data processing device, each of the one or more cryptographic operations referring to a parameter (col. 24, lines 40-53);
store the script in a memory of the security data processing device (col. 23, lines 19-30);
retrieve a first authorization key from said memory and verify a signature associated with the script using the first authorization key, wherein the script is signed by a producer (manufacturer) of the script (col. 3, lines 40-64 and col. 25, lines 13-18);
receive a programming request (performing operations) from a programming module of a programming machine in communication with said processor, said programming request requesting the programming of a programmable device and identifying an instruction set of the least one instruction set in said script (col. 24, lines 40-53);
for each of the one or more cryptographic operations in the identified instruction set, determine a (hash) value for the parameter referred to in the cryptographic operation and perform the cryptographic operation using the value (col. 29, lines 30-43); and
in response to performing each of the one or more cryptographic operation, output programming information to the programming module for programming the programmable device (col. 25, lines 13-18 and col. 29, lines 30-43).
Allowable Subject Matter
Claim 17 and 18 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Blinn, U.S. Patent 10,333,716 is relied upon for disclosing of validating a signed vendor’s script, see column 7, lines 4-7.
Tsirkin, US 2021/0232681 is relied upon for disclosing of signing scripts to verify the author’s identity, see paragraph 0036
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHRISTOPHER A REVAK whose telephone number is (571)272-3794.  The examiner can normally be reached on 5:30am - 3:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, LYNN FEILD can be reached on 571-272-2092.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available 

















/CHRISTOPHER A REVAK/Primary Examiner, Art Unit 2431