Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
1.  Applicant’s arguments, filed November 8th, 2021, with respect to the 35 USC 112 rejections have been fully considered and are persuasive.  The 35 USC 112 rejections have been withdrawn.

2.  Applicant's arguments filed November 8th, 2021, with respect to the 35 USC 103 rejections have been fully considered but they are not persuasive.
Applicant’s arguments are directed primarily toward a limitation previously present in the independent claims that was removed by amendment, which is the “exception raising instruction (ERI) address” identified by the HEL component.  Therefore, as the arguments are directed toward changes to the claims made via amendment, the arguments will be addressed in the modified rejections below.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

3.  Claims 1-10, 12-22, 24-34, and 36 are rejected under 35 U.S.C. 103 as being unpatentable over Warkentin et al (US 9,465,617, herein Warkentin) in view of Winrow et al (US 2016/0246604, herein Winrow) and Li et al (US 2020/0409740, herein Li).

identifying, by a component operating at a higher exception level ("HEL component"), at least one of a current vector base address (VBA) or an exception register value associated with software operating at a lower exception level ("LEL”) (1:8-14, 2:60-3:35, secure monitor 120, software operating at higher and lower privilege levels, exception registers & 5:20-42);
determining whether at least one of the current VBA or the ER value match a valid value (5:55-62); and
performing a responsive action in response to determining that the current VBA or the ER value do not match the valid value (5:20-67, downcall to secure monitor to restore reserved values if illegal value is stored in PSER).
Warkentin does not teach determining wherein the component identifies at least one of a current vector base address (VBA) or a control and system register (CSR) value, or wherein at least one of the values matches corresponding reference data.
Winrow teaches a method of evaluating software operating on a computing device at a lower exception level comprising determining whether at least one of an exception register or control and system register (CSR) value matches corresponding reference data ([0151-0158], detect changes to base address register, TE, bit, or address mapping data, [0109], exception register & CSR) and performing a responsive action in response to determining that the current exception register or CSR value do not match the corresponding reference data ([0150-0158], trigger cache flush).
It would have been obvious to one of ordinary skill in the art before the effective filing date to combine the teachings of Warkentin and Winrow to expand the exception handling functionality to detect changes in additional values such as those described by Winrow.  While Warkentin discloses the processor actively inserting an illegal value when an exception is the result of an upcall that needs to be processed differently (Warkentin 5:45-52), Warkentin discloses this process occurring in order to handle high priority interrupts.  Expanding this functionality to include the monitoring of various system resources such as a vector base address or other values may enable the processor to 
Warkentin and Winrow do not explicitly teach wherein the component identifies a current vector base address (VBA) or wherein the value is associated with a component operating at a lower exception level.
Li teaches a method of evaluating software operating on a computing device at a lower exception level comprising identifying, by a component operating at a higher exception level ("HEL component"), at least one of a current vector base address (VBA) or a control and system register (CSR) value associated with a component operating at a lower exception level ([0005] & [0019], partitioning of higher EL corevisor and lower EL hostvisor, [0030], [0035], [0040], [0047], [0052], corevisor traps operations attempting to change BAR or control registers).
 It would have been obvious to one of ordinary skill in the art before the effective filing date to combine the teachings of Warkentin and Winrow with those of Li to increase the security of the computing device by detecting attempted changes to sensitive data by a lower exception level component.  While Warkentin and Winrow disclose the use of a higher EL component to monitor lower EL software, neither disclose the explicit partitioning of the lower EL software into its own component.  However, as both Warkentin and Li disclose exception handling in computing devices running virtual machines using multi-tiered privilege levels (Warkentin 2:35-45, Li [0003]), this combination would merely entail a combination of known prior art elements to achieve predictable results, and thus would have been obvious to one of ordinary skill in the art.

Regarding claim 2, the combination of Warkentin, Winrow, and Li teaches the method of claim 1, further comprising:

labeling portions of the collected data as critical data that is to be used as reference data (Winrow [0051], Li [0052]);
generating hashes of the reference data (Li [0029], [0045]); and
storing the generated hashes as reference data in a portion of memory accessible to the HEL component but not to the LEL component (Li [0029], [0045]).

Regarding claim 3, the combination of Warkentin, Winrow, and Li teaches the method of claim 2, wherein scanning, by the HEL component, at least the lower exception level to collect data comprises the HEL component collecting LEL component data as reference data during loading of LEL the component (Warkentin 5:20-32, Li [0032]).

Regarding claim 4, the combination of Warkentin, Winrow, and Li teaches the method of claim 1, further comprising:
identifying critical data currently in working memory (Winrow [0051], Li [0052]);
42Attorney Docket No. 200738computing a hash of the identified critical data (Li [0029], [0045]); and
comparing the computed hash with corresponding reference data to determine whether at least one of the current VBA or the system register value match corresponding reference data (Li [0029], [0045], [0052]).

Regarding claim 5, the combination of Warkentin, Winrow, and Li teaches the method of claim 4, wherein
identifying critical data currently in working memory comprises identifying critical read-execute (RX) code or critical read only (RO) data currently present in working memory; and comparing the computed hash with the corresponding reference data comprises comparing the 

Regarding claim 6, the combination of Warkentin, Winrow, and Li teaches the method of claim 1, further comprising invoking the HEL component periodically to verify that the integrity of the LEL component has not been compromised (Li [0025], [0074-0077]).

Regarding claim 7, the combination of Warkentin, Winrow, and Li teaches the method of claim 1, further comprising invoking the HEL component non-periodically to verify that the integrity of the LEL component has not been compromised (Li [0025], [0074-0077]).

Regarding claim 8, the combination of Warkentin, Winrow, and Li teaches the method of claim 1, further comprising invoking the HEL component periodically to verify that the integrity of the LEL component has not been compromised by invoking the HEL component based on at least one of: a machine interrupt with a cyclic executive trigger; a random machine interrupt with a pseudo random table-driven trigger; or a user triggered machine interrupt with an event-based trigger (Li [0025], [0074-0077] & Warkentin 5:48-67).

Regarding claim 9, the combination of Warkentin, Winrow, and Li teaches the method of claim 1, further comprising detecting a system call or runtime event that could cause a change in a current exception level of the computing device; and43Attorney Docket No. 200738 invoking the HEL component to verify that the integrity of the LEL component has not been compromised in response to detecting the system call or runtime event that could cause the change in the current exception level of the computing device (Li [0025], [0074-0077] & Winrow [0151]).

Regarding claim 10, the combination of Warkentin, Winrow, and Li teaches the method of claim 1, wherein identifying at least one of the current VBA or the CSR value associated with the 

Regarding claim 12, the combination of Warkentin, Winrow, and Li teaches the method of claim 1, wherein determining whether at least one of the current VBA, the ERI address, or the CSR value match corresponding reference data comprises using a reference data comparison set that includes: a hash of a critical section; 44Attorney Docket No. 200738 a VBA; a set of address ranges for ERI captured from an exception link register (ELR) or a machine exception program counter (MEPC); or a CSR value (Warkentin 5:20-42, Winrow [0151-0158], Li [0035], [0047], [0052]).

Claims 13-22 and 24 refer to a device embodiment of the method embodiment of claims 1-10 and 12.  Therefore, the above rejections for claims 1-10 and 12 are applicable to claims 13-22 and 24, respectively.

Claims 25-34 and 36 refer to a medium embodiment of the method embodiment of claims 1-10 and 12.  Therefore, the above rejections for claims 1-10 and 12 are applicable to claims 25-34 and 36, respectively.

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL J METZGER whose telephone number is (571)272-3105. The examiner can normally be reached Monday-Friday 7:30-4.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jyoti Mehta can be reached on 571-270-3995. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MICHAEL J METZGER/             Primary Examiner, Art Unit 2182