DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claim(s) 1, 3, 5-6, 9, and 15 is/are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Glass “Verified U-Boot”.
Regarding claim 1, Glass teaches
A method for mitigating security breach for a circuit platform subject to compromise by unauthorized changes to a file system, the file system having data for an operating system and being stored for use by the circuit platform, the method comprising: 

during boot time of the operating system, accessing and using an unencrypted version of the operating system and the encrypted file by validating a signature associated with the file system and related to the cryptographically signed components; and (Section: U-boot verified boot, “On the device we can obtain an image and verify it was signed by the private key”, Section: Overview of the verified boot flow, “device receives the image. It also hashes the image, then verifies that the hash agrees with the signature provided with the image”)
in response to validating the signature, installing the file system into a transient, non-persistent storage circuit;  (Section: Overview of the verified boot flow, “If it matches then the image is known to be signed as in step two, and it is safe to be used … image format is FIT … which supports … ram disks”)
the operating system executing instruction code via a central processing unit (CPU) circuit under authorization based on the signature being validated. (Section: U-boot verified boot, “On the device we can obtain an image and verify it was signed by the private key … That U-Boot in turn may load an image containing a kernel”)
Regarding claim 3, Glass teaches wherein the transient, non-persistent storage circuit purges unauthorized changes during a subsequent boot cycle of the operating system. (Where a subsequent boot cycle which is interpreted as a hard reset inherently clears the RAM which is taught in Glass because power is removed from the memory)

Regarding claim 6, Glass teaches wherein the binary application reads and validates the cryptographically signed components of the file system by executing a digital signature algorithm. (Section: Overview of the verified boot flow, “device receives the image. It also hashes the image, then verifies that the hash agrees with the signature provided with the image”)
Regarding claim 9, Glass teaches comprising causing the operating system to update, in response to validating the signature, the transient, non-persistent storage circuit with additional modules to run as a fully functional operating system. (Section: U-boot verified boot, “we can create a key, hash an image, sign that hash, and publish the public key. On the device we can obtain an image and verify it was signed by the private key. … Images can be chained one after the other and signed … . U-Boot may load an image containing a new U-Boot, then boot that. That U-Boot in turn may load an image containing a kernel. Doing that would allow U-Boot itself to be updated with the firmware”)
As to claim 15, Glass teaches this claim according to the reasoning provided in claims 1 and 9.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim 2 and 11 is/are rejected under 35 U.S.C. 103 as being unpatentable over Glass in view of Jones (“The Fundamentals of Secure Boot and Secure Download: How to Protect Firmware and Data within Embedded Devices”).
Regarding claim 2, Glass does not teach but Jones teaches further comprising causing the transient, non-persistent storage circuit to perform an integrity check of the file system using at least one of an error-detecting algorithm and a cryptographic hash function. (Authentication and Integrity of the Firmware: “provide a way to verify both authenticity and integrity of the information … Utilizing cryptographic digital signatures … enables this. … To bring the highest level of security, the algorithms need to be public and well proven. … we consider asymmetric cryptographic algorithms, specifically the FIPS 186 Elliptic Curve Digital Signature Algorithm (ECDSA)”)

As to claim 11, Glass and Jones teach these claims according to the reasoning provided in claim 2.

Claim 4 is/are rejected under 35 U.S.C. 103 as being unpatentable over Glass in view of Ginter and Zhang et al (CN 102521289)
As to claim 4, Glass, Jones and Ginter teach these claims according to the reasoning provided in claim 2 and 7.

Claim 7-8, 12, 17-18, and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Glass in view of Zhang et al (CN 102521289)
Regarding claim 7, Glass does not teach but Zhang teaches comprising causing the transient, non-persistent storage circuit to monitor changes to profile and configuration files in the file system. (Abstract “The file synchronization method comprises the following steps of: synchronizing files in a flash of a LINUX embedded system to a RAMDISK, and carrying out inotify registration or dnotify registration on files in the RAMDISK; and carrying out operation on the files in the RAMDISK, which are subjected to the inotify registration or the dnotify registration, by an application program of the LINUX embedded system, and synchronizing changed files in the RAMDISK to the flash when the files in the RAMDISK, which are subjected to the inotify registration or the dnotify registration, are changed.”)
Zhang is cited to teach a similar concept of synchronizing files after booting.  Based on Zhang, it would have been obvious before the effective filing date of the invention to a person having ordinary skill in the art to which said subject matter pertains to have modified Glass to synchronize files in the FLASH and RAMDISK.  Furthermore, being able to synchronize the files using Zhang improves on Glass by being able to determine reduce the delay in writing files. To one of ordinary skill in the art before the effective filing data of the invention it would have been advantageous to make this modification “of the present invention provide a file synchronization method, device, and system to reduce the delay in writing files.”, Summary of the invention
Regarding claim 8, Glass teaches comprising causing the transient, non-persistent storage circuit to synchronize to flash file components of the log-structured portion of the file system. (Abstract “The file synchronization method comprises the following steps of: synchronizing files in a flash of a LINUX embedded system to a RAMDISK, and carrying out inotify registration or dnotify registration on files in the RAMDISK; and carrying out operation on the files in the RAMDISK, which are subjected to the inotify registration or the dnotify registration, by an application program of the LINUX embedded system, and synchronizing changed files in the RAMDISK to the flash 
Zhang is cited to teach a similar concept of synchronizing files after booting.  Based on Zhang, it would have been obvious before the effective filing date of the invention to a person having ordinary skill in the art to which said subject matter pertains to have modified Glass to synchronize files in the FLASH and RAMDISK.  Furthermore, being able to synchronize the files using Zhang improves on Glass by being able to determine reduce the delay in writing files. To one of ordinary skill in the art before the effective filing data of the invention it would have been advantageous to make this modification “of the present invention provide a file synchronization method, device, and system to reduce the delay in writing files.”, Summary of the invention
Regarding claim 18, Glass teaches further comprising instructions to: generate an encryption key using the transient, non-persistent storage circuit; and validate the file system using the generated encryption key. (Section: U-boot verified boot, “we can create a key, hash an image, sign that hash, and publish the public key. On the device 

As to claims 12, 17, and 20, Glass and Zhang teach these claims according to the reasoning provided in claim 7 and 8.

Claim 10, 13-16, and 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Glass in view of Ginter et al. (US 8369625)
Regarding claim 10, Glass teaches
A system for validating a file system, the system comprising: a processor including a central processing unit (CPU) circuit; and a memory circuit including instructions that, when executed by the processor, cause the processor to: during boot time of a file system having data, boot a transient, non-persistent storage circuit with a set of initial modules loaded; (Section: Overview of the verified boot flow, “If it matches then the image is known to be signed as in step two, and it is safe to be used … image format is FIT … which supports … ram disks”)
read and validate a signature of the file system; (Section: U-boot verified boot, “On the device we can obtain an image and verify it was signed by the private key”, Section: Overview of the verified boot flow, “device receives the image. It also hashes the image, then verifies that the hash agrees with the signature provided with the image”)

Glass does not teach but Ginter teaches
encrypt the packages of the file system; and (col. 21, lines 6-9, “Concealment and tamper-resistance in semiconductor memory (e.g., RAM, ROM, NVRAM) can be achieved, in part, by employing such memory within an SPU package, by encrypting data”
in response to installation of the packages of the file system, decrypt and load configuration and running-state files of the file system. (col. 21, lines 11-12, “decrypting encrypted data within the CPU/RAM package before it is executed.”)
Glass and Ginter are analogous art. Ginter is cited to teach a similar concept of security of an electronic device.  Based on Ginter, it would have been obvious before the effective filing date of the invention to a person having ordinary skill in the art to which said subject matter pertains to have modified Glass to encrypt validated packages transmission and decrypt the packages after installation.  Furthermore, being able to encrypt and decrypt the packages improves on Glass by being able to securely install the package. To one of ordinary skill in the art before the effective filing data of the invention it would have been advantageous to make this modification to securely install updates to the system.
As to claim 13, Glass this claim according to the reasoning provided in claim 9.

As to claim 15, Glass and Ginter teach this claim according to the reasoning provided in claims 10 and 9.
As to claim 16, Glass and Ginter teach this claim according to the reasoning provided in claims 10 and 9.
As to claim 19, Glass and Ginter teach this claim according to the reasoning provided in claim 10.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHERI L. HARRINGTON whose telephone number is (571)270-0468. The examiner can normally be reached Generally, M-F, 7:30a-4p.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jaweed Abbaszadeh can be reached on 571-270-1640. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is 





/CHERI L HARRINGTON/Examiner, Art Unit 2187                                                                                                                                                                                                        December 17, 2021




/XUXING CHEN/Primary Examiner, Art Unit 2187