Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
The instant application having Application No. 16/186,868 is presented for examination by the examiner.  Claims 1, 3, 4, 7, 8, 10, 11, 13, and 24 have been amended.  Claims 15-20 were previously cancelled without prejudice or disclaimer.  Thus, claims 1-14 and 21-26 are pending.  

Response to Arguments

Applicant’s arguments with respect to claims 1 and 8 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.


Claim Rejections - 35 USC § 103
Claims 1-3, 7-10 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over USP Application Publication 2021/0012008 to Kim et al., hereinafter Kim in view of USP 7,716,276 to Ren et al., hereinafter Ren and in view of USP 10,505,736 by Applicant Meixler.  


As per claim 1, Kim teaches a system for secure over-the-air delivery of a firmware upgrade, comprising: 
an embedded device [Fig. 1, element 120] configured to receive the firmware upgrade (0033, 0037, and 0075); and 
a server having a memory configured to store a first key encryption key, the firmware upgrade and a firmware key and having a processor coupled to the memory (0039, 0049, and 0076), the processor being configured to: 
obtain the firmware upgrade (0069), the firmware key (0059 and 0061) and the first key encryption key [unique secret key 0064], 
encrypt the firmware upgrade using the firmware key (0061 and 0076), 
encrypt the firmware key with the first key encryption key (0064 and 0076), and transmit the encrypted firmware upgrade and the encrypted firmware key to the embedded device [0069 and 0075; the manager server prepares the updated firmware image as disclosed in fig 4.  It is sent to the embedded device 120 which it then stores after decryption].
Kim is silent in explicitly teaching obtain from an embedded device, a firmware delivery request that includes a delivery mode of the firmware upgrade from among a plurality of delivery modes and delivering based on the mode.  On the other hand, Ren teaches obtaining from an embedded device, a firmware delivery request that includes a delivery mode of the firmware upgrade from among a plurality of delivery modes and delivering based on the mode (col. 7, lines 12-14, col. 8, lines 27-32, and col. 14, lines 101-14).  Ren teaches the mobile device through user control can request immediate 
Kim as modified by Ren is silent in explicitly teaching at least one of the plurality of delivery modes establishing an indirect channel between the server and the embedded device via an online or offline controller.  Meixler teaches a delivery mode establishing an indirect channel between the server and the embedded device via an online or offline controller (Fig. 3 and col. 7, lines 37-62).  Meixler teaches this manner of download whereby by the data can be cryptographically verified before being fully delivered to the client.  This increases the security of the system.  Firmware as Kim teaches is a type of file where one needs to make sure it has not been altered during communication because a corrupt firmware can brick a device or worse have it operate in a malicious manner.  The claim is obvious because one of ordinary skill in the art can combine known methods which do not produce unpredictable results.  .


As per claim 2, Kim teaches the memory is further configured to store a server private key, wherein the processor is further configured to: digitally sign the encrypted firmware upgrade and the encrypted firmware key prior to transmitting the encrypted firmware upgrade and the encrypted firmware key to the embedded device (0078 and 0072; shown that the server signs with its secret key and the embedded device checks the signature with the server’s public key).


As per claim 3, Kim teaches a controller device having a memory configured to store one or more key encryption keys (Fig. 1, 100) or a server public certificate (0049 and 0052) and having a processor configured to: establish a connection with the server 


As per claim 7, Kim teaches the embedded device has a memory that is configured to store firmware and the first key encryption key and has a processor that is coupled to the memory of the embedded device (0037), the processor of the embedded device being configured to: obtain the encrypted firmware upgrade and the encrypted firmware key (0069); decrypt the encrypted firmware key using the first key encryption key (0064/0071 using the unique secret key embodiment); decrypt the encrypted firmware upgrade using the firmware key (0065); and update the firmware using the firmware upgrade (0073).

As per claim 8, Kim teaches an embedded device configured to receive the firmware upgrade; and 
a server having a memory configured to store a session key, a firmware upgrade and a firmware key (0039, 0049, and 0076) and has a processor coupled to the memory, the processor being configured to: 
encrypt the firmware upgrade using the firmware key (0061 and 0076), encrypt the firmware key with the session key (0064 and 0077), and 

Kim does not explicitly teach obtain from an embedded device, a firmware delivery request that includes an over-the-air delivery mode of the firmware upgrade from among a plurality of over-the-air delivery modes and delivering base on the over-the-air delivery mode.  Ren teaches from an embedded device, a firmware delivery request that includes an over-the-air delivery mode of the firmware upgrade from among a plurality of over-the-air delivery modes and delivering base on the over-the-air delivery mode (col. 7, lines 12-14, col. 8, lines 27-32, and col. 14, lines 101-14).  Ren teaches the mobile device through user control can request immediate download of a firmware or schedule the download at a later time.  The choices of when to download reads on the broad term “delivery mode”.  Ren also teaches embodiments including push and silent delivery modes to the embedded device.  Having multiples modes of delivery for firmware updates creates more granular user control.  The system can choose the best means of delivery.  Having choices in delivery does not yield unpredictable results.  The claim is obvious because one of ordinary skill in the art can combine known methods which do not produce unpredictable results. 
Kim as modified by Ren is silent in explicitly teaching at least one of the plurality of delivery modes establishing an indirect channel between the server and the embedded device via an online or offline controller.  Meixler teaches a delivery mode establishing an indirect channel between the server and the embedded device via an online or offline controller (Fig. 3 and col. 7, lines 37-62).  Meixler teaches this manner of download whereby by the data can be cryptographically verified before being fully delivered to the client.  This increases the security of the system.  Firmware as Kim teaches is a type of file where one needs to make sure it has not been altered during communication because a corrupt firmware can brick a device or worse have it operate in a malicious manner.  The claim is obvious because one of ordinary skill in the art can combine known methods which do not produce unpredictable results.

 As per claim 9, it is rejected for the same reasons as claim 2.



As per claim 14, Kim teaches the processor is further configured to verify one or more immutable identifiers prior to transmitting the firmware upgrade to the embedded device (0043 and 0049).


Allowable Subject Matter
Claims 4-6 and 11-13 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Claims 21-26 are allowed.

Conclusion

THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  


Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL R. VAUGHAN whose telephone number is (571)270-7316.  The examiner can normally be reached on Monday - Thursday, 7:30am - 5:00pm, EST. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached on (571) 272-2092.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 

/MICHAEL R VAUGHAN/
Primary Examiner, Art Unit 2431



	
	DETAILED ACTION
The instant application having Application No. 15/*** is presented for examination by the examiner.  Claims 

Response to Amendment

Drawings

Claim Objections
Claims *** are objected to because of the following informalities:  

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claim Rejections - 35 USC § 112


Response to Arguments

Claim Rejections - 35 USC § 102

Claim Rejections - 35 USC § 103

Conclusion

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL R. VAUGHAN whose telephone number is (571)270-7316.  The examiner can normally be reached on Monday - Thursday, 7:30am - 5:00pm, EST. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached on (571) 272-2092.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/MICHAEL R VAUGHAN/
Primary Examiner, Art Unit 2431