Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Detailed Action

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 10/28/2021 has been entered.


Response to Arguments
Applicant's arguments with respect to claims 1-15 have been considered but are moot in view of the new ground(s) of rejection.


Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.

Claims 1-6 and 11-13 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Ujiie et al. U.S. PGPUB No. 2017/0147812.

Per Claim 1, Ujiie discloses:
a method for controlling commands suitable to be processed by a peripheral (Paragraphs 75 and 77; ECU’s 100a-100e),
the method comprising the following steps implemented by a command control circuit (Paragraph 76, Figure 1; fraud detecting ECU 400a-400c) directly connected to a communication bus (Paragraph 75, Figure 1; Any of buses 200a-200c), a command circuit (Paragraphs 93-101; The ECU’s 100 may be both a peripheral and a command circuit as they can communicate with each other.) and the peripheral also being directly connected to the communication bus (Figure 1):
granting or refusing authorization to the command circuit to transmit a command signal for the peripheral via the communication bus, detecting the possible transmission of the command signal for the peripheral by the command circuit via the communication bus, implementing protection measures when the control circuit detects that: the command signal has been transmitted by the command circuit via the communication bus when the control circuit has not granted authorization, or that the command signal has not been transmitted by the command circuit over the communication bus when the control circuit has granted authorization (Paragraphs 119-134 and Figures 14-17 describe the actions of the fraud detecting ECU 400. Paragraphs 150-158 and Figure 24 disclose an example of a malicious (unauthorized) frame detection and the actions taken upon detection.).

Per Claim 2, Ujiie discloses the method according to claim 1, wherein the authorization is not granted by the control circuit when the control circuit detects that the command signal of the peripheral is not based on an order authentically transmitted by a predetermined server (Paragraphs 125-127, Figure 14; Message authentication code (MAC) serves as validation data and key storing unit 493 is used by MAC processing unit 493 to validate the MAC received.).

Per Claim 3, Ujiie discloses the method of claim 2, wherein the control circuit is configured to check whether the order has been electronically signed by the server and/or whether the order is accompanied by an authentication code generated by the server (Paragraphs 125-127, Figure 14; message authentication code (MAC)).

Per Claim 4, Ujiie discloses the method according to claim 2, wherein the control circuit also implements the following steps: store an item of integrity data relating to the order prior to the control circuit granting or refusing authorization (Paragraph 123; fraud detection rule storing unit and message ID’s whitelist), if the command signal has been transmitted by the command circuit, implement an integrity check of the command signal using the stored item of integrity data, the protection measures being implemented if the integrity check reveals that the command signal is not correct (Paragraph 123, Figure 14; If a received frame comprises a message ID not stored in the whitelist, the fraud detection processing unit 480 notifies the frame generating unit 460 to transmit an error frame.).

Per Claim 5, Ujiie discloses the method according to claim 3, wherein the protection measures comprise the server being sent an error message relating to the command of the peripheral (Figure 24; S1007 Transmission of error frame by fraud detecting ECU).Per Claim 6, Ujiie discloses the method according to claim 3, comprising the server being sent a message indicating that the transmission of the command signal has been authorized then occurred, the message preferably being electronically signed or encrypted (Paragraph 173, Figure 25; S1115 MAC validation is successful).



Per Claim 12, Ujiie discloses a system comprising a peripheral (ECU’s 100), a command circuit  (Paragraphs 93-101; The ECU’s 100 may be both a peripheral and a command circuit as they can communicate with each other.), a command control circuit  (fraud detecting ECU 400) according to claim 11, and a communication bus  (bus 200), wherein the peripheral, the command circuit and the control circuit are all directly connected to the communication bus (Figure 1; Each of the above cited components are connected together on buss 200a.).

Per Claim 13, Ujiie discloses a connected object comprising the system according to claim 12 (on-board network system 10).

*	*	*	*	*	*	*

Claims 1, 8, and 11-13 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Frederickson et al. U.S. Patent No. 9,501,439.

Per Claim 1, Frederickson discloses:
a method for controlling commands suitable to be processed by a peripheral (accelerator 115),
the method comprising the following steps implemented by a command control circuit (switchboard 120) directly connected to a communication bus (system bus 150), a command circuit (processing core 110) and the peripheral also being directly connected to the communication bus (Figure 1):
granting or refusing authorization to the command circuit to transmit a command signal for the peripheral via the communication bus, detecting the possible transmission of the command signal for the peripheral by the command circuit via the communication bus, implementing protection measures when the control circuit Col. 7 line 29 – Col. 8 line 43, Figure 3; Switchboard 120 uses a managed address list to determine if a source of a data message is authorized to use the managed address to communicate with an accelerator. In the event that it is not authorized, switchboard denies the message and prevents the entity from sending the data to the accelerator.).

Per Claim 8, Frederickson discloses the method according to claim 1, wherein the protection measures comprise a block preventing the command signal, or even any command signal of the peripheral subsequently transmitted by the command circuit over the communication bus, from being processed by the peripheral (Col. 8 lines 12-35, Figure 3 numeral 320; As long as the requestor is unauthorized to use the managed address, no command/request will be fulfilled/allowed.).
Per Claim 11, please refer to the above rejection of claim 1 as the limitations are substantially similar and have already been mapped to the switchboard 120 of the Frederickson reference.
Per Claim 12, Frederickson discloses a system comprising a peripheral (accelerator 115), a command circuit (processing core 110), a command control circuit (switchboard 120) according to claim 11, and a communication bus (system bus 150), wherein the peripheral, the command circuit and the control circuit are all directly connected to the communication bus (Figure 1).

Per Claim 13, Frederickson discloses a connected object comprising the system according to claim 12 (computing system 100).


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claim 7 is rejected under 35 U.S.C. 103 as being unpatentable over Ujiie et al. U.S. PGPUB No. 2017/0147812 in view of Imai, U.S. PGPUB No. 2005/0102503.

Per Claim 7, Ujiie discloses utilizing a cryptographic processing unit 491, MAC processing unit 492, and a key storing unit 493 to determine the validity of a request/access, but does not specifically discuss rejecting a command/order based on an expiration of a validity period related to it.

However, Imai similarly discloses utilizing a public-key encryption to authenticate and authorize secure communications between two devices, further teaching denying the access of a command/order if its associated public key certificate has expired Paragraph 162). 
-	It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to implement the protective measure of rejecting or denying access of a command from a device when the public key certificate used to authenticate it has expired, as taught by Imai, as one of the protective measures of Ujiie because asymmetric cryptography is well-known in the art to implement keyed certificates that often times comprise expiration dates/timers which require a re-authorization between a public key pairing to be performed as an additional form of security.

*	*	*	*	*	*

Claims 9, 10, and 15 rejected under 35 U.S.C. 103 as being unpatentable over Frederickson et al. U.S. Patent No. 9,501,439 in view of Todd et al. U.S. PGPUB No. 2017/0366026.

Per Claims 9 and 15, Frederickson discloses preventing an authorized processor core from accessing the accelerator (Col. 8 lines 12-35), but does not specifically teach at least one of the methods disclosed in claim 9.

However, Todd teaches deactivating a charging functionality of a charging device upon discovering an attempt at unauthorized use or unauthorized biometric data input to the charger (Paragraph 23).

-	It would have been obvious to one of ordinary skill in the art at the time of the Applicant's claimed invention to utilize the device deactivation technique of Todd as a protective measure implemented by Frederickson upon detection of an unauthorized access attempt to an accelerator, for the purpose of taking an extra step of security by making the targeted device inoperable and thus more secure from an unauthorized access attempt. This would have been obvious since it has been held that the simple 

Per Claim 10, similar to the above rejection of Claim 9, Frederickson does not specifically teach placing the accelerator in a predetermined secure configuration.

However, Todd teaches deactivating a charging functionality of a charging device upon discovering an attempt at unauthorized use or unauthorized biometric data input to the charger (Paragraph 23; The deactivated state is considered a “predetermined secure configuration”).

-	It would have been obvious to one of ordinary skill in the art at the time of the Applicant's claimed invention to utilize the device deactivation technique of Todd as a protective measure implemented by Frederickson upon detection of an unauthorized access attempt to an accelerator, for the purpose of taking an extra step of security by making the targeted device inoperable and thus more secure from an unauthorized access attempt. This would have been obvious since it has been held that the simple substitution of one known element (deactivation of targeted device) for another (blocking unauthorized command) to obtain predictable results is obvious to one of ordinary skill. See MPEP 2141, section III(B).

*	*	*	*	*	*	*

Claim 14 is rejected under 35 U.S.C. 103 as being unpatentable over Ujiie et al. U.S. PGPUB No. 2017/0147812 in view of Takeuchi et al. U.S. PGPUB No. 2019/0217869.

Per Claim 14, Ujiie does not specifically disclose an actuator.

However, Takeuchi discloses a similar CAN bus system comprising a plurality of ECU’s 104 and a monitoring ECU 103 for determining if a communication on the CAN bus 105 Paragraph 67). Takeuchi further teaches actuators located on the shared CAN buses and communicating with the other components of the shared buses (Paragraphs 58, 63, and 68).

-	It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to implement the actuator taught by Takeuchi on the CAN bus of Ujiie because actuators a common component found in an automobile and preventing unauthorized communication to such a component is paramount in safe operation of a vehicle.


Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRIAN T MISIURA whose telephone number is (571)272-0889 - (Direct Fax: 571-273-0889).  The examiner can normally be reached on M-F: 8-4:30PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kim Huynh can be reached on (571) 272-4174.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).

/Brian T Misiura/
Primary Examiner, Art Unit 2185