DETAILED ACTION
This Office Action is in response to the Amendment filed on 02/26/2021
In the instant Amendment, claims 4, 13, 15 and 24-25 were cancelled; claims 1, 11-12, 14 and 26 have been amended; and claims 1, 14 and 26 are independent claims.  Claims 1-3, 5-12, 14, 16-23 and 26-29 have been examined and are pending.  
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Reopening of Prosecution After Appeal Brief
In view of the appeal brief filed on 07/21/2021, PROSECUTION IS HEREBY REOPENED as set forth below.
To avoid abandonment of the application, appellant must exercise one of the following two options:
(1) file a reply under 37 CFR 1.111 (if this Office action is non-final) or a reply under 37 CFR 1.113 (if this Office action is final); or,
(2) initiate a new appeal by filing a notice of appeal under 37 CFR 41.31 followed by an appeal brief under 37 CFR 41.37. The previously paid notice of appeal fee and appeal brief fee can be applied to the new appeal. If, however, the appeal fees set forth in 37 CFR 41.20 have been increased since they were previously paid, then appellant must pay the difference between the increased fees and the amount previously paid.


/LUU T PHAM/           Supervisory Patent Examiner, Art Unit 2439                                                                                                                                                                                             


Response to Arguments
Appellant’s arguments with respect to claim(s) 1, 14 and 26 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-2, 9-10, 14, 20, 22-23, 26 and 28 are rejected under 35 U.S.C. 103 as being unpatentable over Ricci et al (“Ricci,” US 20160086391) and further in view of Katar et al (“Katar,” US 20150189581)
Regarding claim 1, Ricci discloses a computing apparatus to control a system, (Ricci, [0172], vehicle control system] comprising:
a hardware platform comprising a processor and a network interface; (Ricci, [0701], describes a hardware platform and microprocessor; [0278], network interface card); 
a telemetry interface to collect periodic contextual telemetry of the apparatus system (Ricci, [0235] describes the vehicle containing one or more sensors in a wireless with the vehicle control system to collect sensed information regarding the vehicle state, configuration and operation, sensors include wheel state sensor, power source energy output sensor, energy input & output sensor, crankshaft position sensor etc [these sensors thus collect periodic contextual telemetry of the system])
and transmit the contextual telemetry to a contextual telemetry service via the network interface; (Ricci, [0235]-[0237] & [0278] describes sending the contextual telemetry via the network interface)
a local contextual telemetry data cache; (Ricci, [0545], data can be stored locally; [0060] where the memory can be cache like) and
a contextual security agent to run on the hardware platform and configured comprising encoded instructions to: (Ricci, [0316] describes security zones that are implemented by running system services and/or applications in restricted user groups and accounts; [0018], describes a sensor unit that provides sensors based on context of what needs updated; [0701], describes a hardware platform)  
(Ricci, [0566]-[0567] describes critical information such as security information (security updates and security patches) that when the service provider access is no longer restricted or limited can be transferred to the vehicle). 
accept the push update, (Ricci, [0656] describes the vehicle installs the update when the vehicle regains connectivity [accepts the push update])
selecting a historical telemetry value from the local contextual telemetry
data cache; (Ricci, [0393]-[0394] describes configuring the vehicle based on retrieving stored settings in profile data in response to certain conditions; [0060] describes a buffer which is a cache like storage as a midpoint holding place)
operating an out-of-band communication channel to query the update
server for the selected historical telemetry value; (Ricci, [0038] & [0172] describes using a cellular communications to query a server for the stored settings in the profile data for configuring a vehicle)
receiving a telemetry value via the out-of-band communication channel; (Ricci, [0393]-[0394] describes receiving a stored settings in profile data in response to certain conditions for configuring a vehicle via a cellular communication channel)
determining that the telemetry value received via the out-of-band
communication channel matches the selected historical telemetry value; (Ricci, [0393]-[0394], describes determining a stored setting from profile data in response to certain conditions for configuring a vehicle by a cellular communication in response to matching the selected settings in the profile data).  
Ricci fails to explicitly disclose perform out-of-band authentication, comprising: and according to the out-of-band authentication.
However, in an analogous art, Katar discloses perform out-of-band authentication, comprising: (Katar, [0066] the matched charging station can use suitable out-of-band validation techniques that use a more secure communication medium to validate the electric vehicle).
and according to the out-of-band authentication, (Katar, [0066] the matched charging station can use suitable out-of-band validation techniques that use a more secure communication medium to validate the electric vehicle). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Katar with the method and system of Ricci to include perform out-of-band authentication, comprising: and according to the out-of-band authentication. One would have been motivated to combine the teachings of Katar with the method and system involving the accepting a push update of Ricci to include features of perform[ing] out-of-band authentication, comprising: and according to the out-of-band authentication.
Regarding claim 2, Ricci and Katar disclose the computing apparatus of claim 1.
Ricci further discloses wherein the computing apparatus comprises a (Ricci, FIG 2, Vehicle control system which is inside vehicle as shown in FIG 1). 
Regarding claim 9, Ricci and Katar disclose the computing apparatus of claim 1.
Ricci further discloses wherein the contextual security agent is further operable to receive a substantive data packet, (Ricci, [0018] describes context; [0651] & [0237] describes receiving a data packet regarding a vehicle updates; [0566] describes the updates can be critical information, time sensitive information, security information such as security updates and security patches)
wherein accepting the push update request  (Ricci, [0656] describes the vehicle installs the update when the vehicle regains connectivity [accepts the push update]; [0679], request)
and comprises applying the substantive data packet (Ricci, [0648]-[0651] describes installing vehicle updates)
Regarding claim 10, Ricci, Ricci ‘702 and Katar disclose computing apparatus of claim 9.
Ricci further discloses wherein the substantive data packet is a software or firmware update, (Ricci, [0566]-[0567] describes critical information such as security information (security updates and security patches) that when the service provider access is no longer restricted or limited can be transferred to the vehicle; [0366], firmware update). 
Regarding claim 14, claim 14 is directed one or more tangible, non-transitory computer-readable storage mediums.. Claim 14 is similar in scope to claim 1 and is therefore rejected under similar rationale.
Regarding claim 20, claim 20 is directed one or more tangible, non-transitory computer-readable storage mediums of claim 14. Claim 20 is similar in scope to claim 9 and is therefore rejected under similar rationale.
Regarding claim 22, claim 22 is directed one or more tangible, non-transitory computer-readable storage mediums of claim 14. Claim 22 is similar in scope to claim 12 and is therefore rejected under similar rationale.
Regarding claim 23, Ricci, Ricci ‘702 and Katar disclose the one or more tangible, computer-readable storage mediums of claim 14. 
Ricci further discloses further comprising receiving the historical telemetry data out-of-band, (Ricci, [0275], [0176] and [0038] describes determining that the telemetry value received by the cellular communications channel matches the selected historical telemetry value as described in [0172] & [0173]).
Regarding claim 26, Ricci discloses a method of authenticating, on a computing device that controls a system, a pushed update from a cloud-based update server, comprising:
periodically reporting historical contextual telemetry to a cloud-based (Ricci, [0603], [0172], [0545] describes polling the historical contextual telemetry to a cloud based server)
the historical contextual telemetry comprising contextual information about the computing device or a platform or environment in which the computing device operates, (Ricci, [0701], describes a hardware platform and microprocessor; [0278], network interface card; [0018], describes various sensors of different content of what needs updated in the vehicle; [0545] describes selecting a historical data value from the local accessible memory which can be cache; [0060]; [0393]-[0394] describes configuring the vehicle based on retrieving stored settings in profile data in response to certain conditions; [0060] describes a buffer which is a cache like storage as a midpoint holding place))
and storing copies of the historical contextual telemetry in a local telemetry cache; (Ricci, [0545] & [0060] describes storing copies of the historical stored sensor values in a local cache)
receiving, via a network interface, the pushed update from the cloud-based update server; (Ricci, [0566]-[0567] describes critical information such as security information (security updates and security patches) that when the service provider access is no longer restricted or limited can be transferred to the vehicle; [0398], cloud).
the push update request for a feature or security update for the apparatus; (Ricci, [0566]-[0567] describes critical information such as security information (security updates and security patches) that when the service provider access is no longer restricted or limited can be transferred to the vehicle; [0679], update). 
accept the push update, (Ricci, [0656] describes the vehicle installs the update when the vehicle regains connectivity [accepts the push update])
selecting a historical telemetry value from the local telemetry cache, the historical telemetry value relating to the controlled system; (Ricci, [0393]-[0394] describes configuring the vehicle based on retrieving stored settings in profile data in response to certain conditions; [0060] describes a buffer which is a cache like storage as a midpoint holding place)
operating an out-of-band communication channel to query the cloud-based update server for the selected historical telemetry value; (Ricci, [0038] & [0172] describes using a cellular communications to query a server for the stored settings in the profile data for configuring a vehicle)
receiving a telemetry value via the out-of-band communication channel; (Ricci, [0393]-[0394] describes receiving a stored settings in profile data in response to certain conditions for configuring a vehicle via a cellular communication channel)
determining that the telemetry value received via the out-of-band communication channel matches the selected historical telemetry value; (Ricci, [0393]-[0394], describes determining a stored setting from profile data in response to certain conditions for configuring a vehicle by a cellular communication in response to matching the selected settings in the profile data).  
Ricci fails to explicitly disclose performing out-of-band authentication, comprising: according to the out-of-band authentication,
However, in an analogous art, Katar discloses performing out-of-band authentication, comprising: (Katar, [0066] the matched charging station can use suitable out-of-band validation techniques that use a more secure communication medium to validate the electric vehicle).
according to the out-of-band authentication, (Katar, [0066] the matched charging station can use suitable out-of-band validation techniques that use a more secure communication medium to validate the electric vehicle). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Katar with the method and system of Ricci to include performing out-of-band authentication, comprising: according to the out-of-band authentication, accept the push update. One would have been motivated to combine the teachings of Katar with the method and system involving the accepting a push update of Ricci to include features of perform[ing] out-of-band authentication, comprising: and according to the out-of-band authentication.
Regarding claim 28, Ricci and Katar disclose the method of claim 26. 
Ricci further discloses wherein the computing device is an on-board computer of a smart car, (Ricci, [0167], on board computer of a vehicle)

Claims 3, 12 and 27 are rejected under 35 U.S.C. 103 as being unpatentable over Ricci et al (“Ricci,” US 20160086391) and in view of Katar et al (“Katar,” US 20150189581) and further in view of Stanek et al (“Stanek,” US 20140324275) 

Regarding claim 3, Ricci and Katar disclose the computing apparatus of claim 2.
Ricci and Katar fail to explicitly disclose wherein telemetry data is selected from the group consisting of fuel level, tire air pressure, number of passengers, emissions, location, speed, inside temperature, outside temperature, weather condition, and a logged user input
However, in an analogous art, Stanek discloses wherein telemetry data is selected from the group consisting of fuel level, tire air pressure, number of passengers, emissions, location, speed, inside temperature, outside temperature, weather condition, and a logged user input, (Stanek, [0016] & [0035] describes selecting from the group consisting of fuel level, air pressure, passengers, emissions, location, speed, inside temperature, outside temperature, weather condition and logged user input)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Stanek with the method and system of Ricci and Katar to include wherein telemetry data is selected from the group consisting of fuel level, tire air pressure, number of passengers, emissions, location, speed, inside temperature, outside temperature, 

Regarding claim 12, Ricci and Katar disclose the computing apparatus of claim 1.
Ricci and Katar fail to explicitly disclose wherein the selected historical telemetry value comprises clear-text data
However, in an analogous art, Stanek further discloses wherein the selected historical telemetry value comprises clear-text data (Stanek, [0031], describes allowing the service center to send updates to be stored in the vehicle (.e.g.  current known problems, adjustments to the navigation database, parts availability, etc; [0016] & [0035] describe historical telemetry values; and [0028] & [0016] describe storage for data received by the telematics device and sensors that made the measurements for the telemetry data; [0014] & [0035] describe clear-text data)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Stanek with the method and system of Ricci and Katar to include wherein the selected historical telemetry value comprises clear-text data. One would have been motivated to provide for online vehicle maintenance based on a selected data value (Stanek, [0016])
Regarding claim 27, Ricci, and Katar disclose the method of claim 26. 
Ricci and Katar fail to explicitly disclose wherein the contextual telemetry is selected from the group consisting of fuel level, tire air pressure, number of passengers, emissions, location, speed, inside temperature, outside temperature, weather condition, and a logged user input
However, in an analogous art, Stanek discloses wherein the contextual telemetry is selected from the group consisting of fuel level, tire air pressure, number of passengers, emissions, location, speed, inside temperature, outside temperature, weather condition, and a logged user input, (Stanek, [0016], [0035] describes selecting from the group consisting of fuel level, air pressure, passengers, emissions, location, speed, inside temperature, outside temperature, weather condition and logged user input)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Stanek with the method and system of Ricci and Katar to include wherein telemetry data is selected from the group consisting of fuel level, tire air pressure, number of passengers, emissions, location, speed, inside temperature, outside temperature, weather condition, and a logged user input. One would have been motivated to provide for online vehicle maintenance based on a selected data value (Stanek, [0016]) 

Claims 5 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Ricci et al (“Ricci,” US 20160086391) and in view of Katar et al (“Katar,” US 20150189581) and further in view of Ingram et al (“Ingram,” US 20110234427)
Regarding claim 5, Ricci and Katar disclose the computing apparatus of claim 1.
Katar further discloses performing the out-of-band authentication (Katar, [0066] describes performing out-of-band validation)
Ricci and Katar fail to explicitly disclose comprises decrypting the received telemetry value. 
However, in an analogous art, Ingram discloses comprises decrypting the received telemetry value (Ingram, [0046], [0057] & [0072] describes decrypting a received telemetry value)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Ingram with the method and system of Ricci and Katar to include performing comprises decrypting the received telemetry value. One would have been motivated to decrypt the encrypted data so that the decrypted data can be further processed (Ingram, [0046]) 
Regarding claim 16, Ricci and Katar disclose the one or more tangible, computer readable storage mediums of claim 14. 
Ricci further discloses further comprising instructions to compare a (Ricci, [0172[]-[0173] describes comparing a sensor value payload of the historical sensor data value) 
Ricci and Katar disclose fail to explicitly disclose including decrypting the historical telemetry data
However, in an analogous art, Ingram discloses including decrypting the historical telemetry data (Ingram, [0046], [0057] & [0072] describes decrypting a received telemetry value)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Ingram with the method and system of Ricci and Katar to include performing comprises decrypting the received telemetry value. One would have been motivated to decrypt the encrypted data so that the decrypted data can be further processed (Ingram, [0046]) 

Claims 6-7, 17-18 and 29 are rejected under 35 U.S.C. 103 as being unpatentable Ricci et al (“Ricci,” US 20160086391) and in view of Katar et al (“Katar,” US 20150189581) and further in view of Smereka et al (“Smereka,” US 20160013934) 

Regarding claim 6, Ricci and Katar disclose the computing apparatus of claim 1.
Ricci further discloses wherein accepting the push update (Ricci ‘702, [0049] confirms the update is correct for the vehicle). 

However, in an analogous art, Smereka discloses comprises decrypting a substantive data packet (Smereka, [0019] & [0021], disclose decrypting a software update) 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings Smereka with the method and system of Ricci and Katar to include comprises decrypting a substantive data packet. One would have been motivated to provide vehicle software update verification (Smereka, [0019]).  
Regarding claim 7, Ricci, Katar and Smereka disclose the computing apparatus of claim 6.
Smereka further discloses wherein decrypting the substantive data packet comprises using the received telemetry value as a decryption key for the substantive data packet (Smereka, [0043] describes decrypting the software update using the received telemetry value as a decryption key for the software update; also see [0019] & [0021])
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Smereka with the method and system of Ricci and Katar to include wherein decrypting the substantive data packet comprises using the received telemetry value as a decryption key for the substantive data packet. One would have been 
Regarding claim 17, claim 17 is directed one or more tangible, non-transitory computer-readable storage mediums of claim 14. Claim 17 is similar in scope to claim 6 and is therefore rejected under similar rationale.
Regarding claim 18, claim 18 is directed one or more tangible, non-transitory computer-readable storage mediums of claim 17. Claim 18 is similar in scope to claim 7 and is therefore rejected under similar rationale.
Regarding claim 29, Ricci and Katar disclose the method of claim 26. 
Ricci further discloses wherein accepting the pushed update (Ricci 
Ricci and Katar fail to explicitly disclose comprises decrypting a substantive data packet.
However, in an analogous art, Smereka discloses comprises decrypting a substantive data packet, (Smereka, [0019] & [0021], disclose decrypting a software update) 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings Smereka with the method and system of Ricci and Katar to include comprises decrypting a substantive data packet. One would have been motivated to provide vehicle software update verification (Smereka, [0019]).  

Claims 8 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Ricci et al (“Ricci,” US 20160086391) in view of Katar et al (“Katar,” US 20150189581) and further in view of Zimmer et al (“Zimmer,” US 20160070932)
Regarding claim 8, Ricci and Katar disclose the computing apparatus of claim 1.
Ricci and Katar fail to explicitly disclose wherein the contextual security agent is further operable to perform a trusted execution environment (TEE) attestation.
However, in an analogous art, Zimmer discloses wherein the contextual security agent is further operable to perform a trusted execution environment (TEE) attestation ([0009] & [0038] describes performing a trusted execution environment (TEE) attestation)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Zimmer with the method and system of Ricci and Katar to include wherein the contextual security agent is further operable to perform a trusted execution environment (TEE) attestation. One would have been motivated to provide security to computing devices (Zimmer, [0001]).  
Regarding claim 19, claim 19 is directed one or more tangible, non-transitory computer-readable storage mediums of claim 14. Claim 19 is similar in scope to claim 8 and is therefore rejected under similar rationale.

Claims 11 and 21 are rejected under 35 U.S.C. 103 as being unpatentable over Ricci et al (“Ricci,” US 20160086391) and in view of Katar et al (“Katar,” US 20150189581) in view of Krogius et al (“Krogius,” US 20160314315). 
Regarding claim 11, Ricci and Katar disclose the computing apparatus of claim 1.
Ricci further discloses a local contextual telemetry data cache (Ricci, [0545], data can be stored locally in a buffer cache as described in [0060]). 
Ricci and Katar fail to explicitly disclose wherein the received telemetry value comprises hashed data, and comprises hashing at least part of the local contextual telemetry data cache
Krogius further discloses wherein the received telemetry value comprises hashed data, comprises hashing at least part of the local contextual telemetry data cache, (Krogius, [0029] & [0043] descries hashing part of the local contextual telemetry data)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Krogius with the method and system of Ricci and Katar to include wherein the received telemetry value comprises hashed data, comprises hashing at least part of 
Regarding claim 21, claim 21 is directed one or more tangible, non-transitory computer-readable storage mediums of claim 14. Claim 21 is similar in scope to claim 11 and is therefore rejected under similar rationale.



Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JAMES J WILCOX whose telephone number is (571)270-3774.  The examiner can normally be reached on M-F: 8 A.M. to 5 P.M..
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu T. Pham can be reached on (571)270-5002.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more 

/JAMES J WILCOX/              Examiner, Art Unit 2439                                                                                                                                                                                          

/LUU T PHAM/              Supervisory Patent Examiner, Art Unit 2439