DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
Applicant’s remarks filed on 12/15/2021 have been fully considered, therefore, see the office action below. 
The examiner will respond to all other remarks that do not concern the prior art rejections, if any, in the office action below. 
Response to Amendment
Status of the instant application:
Claim[s] 1, 3, 5 – 8, 10, 12 – 15, 17, 19, 20 are pending in the instant application. 
Claim[s] 2, 4, 9, 11, 16, 18 have been cancelled in the instant application. 
Claim Rejections - 35 USC § 102
Claim(s) 1-3, 5-10, 12-17, 19, 20 is/are rejected under 35 U.S.C. 102(a)(2)
as being taught by Pope et al. [US PGPUB # 2018/0124092], the incorporation of allowable subject matter of claim[s] 4, 11, 18 and any intervening claim[s] into their respective base claim[s] has been inspected, therefore, the rejections are withdrawn. 
Allowable Subject Matter
Claim[s] 1, 3, 5 – 8, 10, 12 – 15, 17, 19, 20 are allowed, but are renumbered as 1 – 14.
The following is an examiner’s statement of reasons for allowance: the following prior arts were yielded at time of search for the claimed invention. The prior arts do not 
Cam [US PGPUB # 2017/0046519], who generally does teach a set of vulnerabilities on a network of interconnected devices representing critical assets. The dependencies are determined between the vulnerability in set of vulnerabilities. A hidden Markov model is created for set of vulnerabilities and the relevant observations. The exploit likelihood of the vulnerabilities is determined at a first time. The impact of exploitation of the vulnerabilities is determined. The sequences and paths of attack states are determined representing exploited vulnerabilities.
	While Cam does teach the detection and markov modeling of determined vulnerabilities of assets of a network, however Cam does not teach at least the claim limitation of: 
	“generating, by the one or more processors, a vulnerability expansion model based, at least in part, on the architecture model; 
	determining, by the one or more processors, a vulnerability expansion based, at least in part, on the vulnerability expansion model and at least one vulnerability of plurality of vulnerabilities being compromised;
	determining, by the one or more processors, a criticality rating for at least one
vulnerability of the plurality of vulnerabilities based, at least in part, on an amount of additional vulnerabilities the compromised vulnerability provides access:
	determining, by the one or more processors, a new configuration of at least one component of the one or more components of the network;
	determining, by the one or more processors, a new criticality rating for the at least one vulnerability; and
	in response to the new criticality rating being less than the criticality rating for the at least one vulnerability of the plurality of vulnerabilities, generating, by the one or more processors, a suggestion to change the at least one component based on the new configuration.” of claim # 1. 
Powell et al. [US PAT # 9241008], who generally does teach a cyber-threat analysis system that generates a network model of a network infrastructure that is used by an organization. The organization assigns a weighting value to each of a plurality of network elements of the network infrastructure according to a relative importance of the each network element to the organization, and generates an attack vector according to a determined vulnerability of the network infrastructure. The attack vector represents one or more illicit actions that may be performed to compromise the network infrastructure. A network modeling tool is used by the attack vector on the network model to determine one or more resulting ramifications of one or more of the plurality of network elements due to the attack vector, and determine a criticality level of the attack vector according to the weighting value of the one or more network elements.
	While Powell does teach the detection of vulnerabilities in a network infrastructure and generation of an attack vector of the anomaly behavior of the detected vulnerability. A network modeling tool is used by the attack vector to determine the criticality of the attack vector by weighting value of the one or more assets/elements of the network, however Powell does not teach at least the claim limitation of: 
generating, by the one or more processors, a vulnerability expansion model based, at least in part, on the architecture model; 
	determining, by the one or more processors, a vulnerability expansion based, at least in part, on the vulnerability expansion model and at least one vulnerability of plurality of vulnerabilities being compromised;
	determining, by the one or more processors, a criticality rating for at least one
vulnerability of the plurality of vulnerabilities based, at least in part, on an amount of additional vulnerabilities the compromised vulnerability provides access:
	determining, by the one or more processors, a new configuration of at least one component of the one or more components of the network;
	determining, by the one or more processors, a new criticality rating for the at least one vulnerability; and
in response to the new criticality rating being less than the criticality rating for the at least one vulnerability of the plurality of vulnerabilities, generating, by the one or more processors, a suggestion to change the at least one component based on the new configuration,” of claim # 1.
Mahieu et al. [US PGPUB # 2019/0052665], who generally does teach a first input resembling threat data representing security threats; a second input, resembling vulnerability data representing security vulnerabilities; a processor identifies a specific vulnerability of a computer entity in dependence on the threat data and the vulnerability data; the processor assigns the specific vulnerability a risk rating in dependence on the 
	While Mahieu does teach identifying a specific vulnerability by using inputted threat data and vulnerability data, and assigns a risk rating and outputs that the identified specific vulnerability and associated risk rating, however, Mahieu does not teach at least the claim limitation of: 
	“generating, by the one or more processors, a vulnerability expansion model based, at least in part, on the architecture model; 
	determining, by the one or more processors, a vulnerability expansion based, at least in part, on the vulnerability expansion model and at least one vulnerability of plurality of vulnerabilities being compromised;
	determining, by the one or more processors, a criticality rating for at least one
vulnerability of the plurality of vulnerabilities based, at least in part, on an amount of additional vulnerabilities the compromised vulnerability provides access:
	determining, by the one or more processors, a new configuration of at least one component of the one or more components of the network;
	determining, by the one or more processors, a new criticality rating for the at least one vulnerability; and
in response to the new criticality rating being less than the criticality rating for the at least one vulnerability of the plurality of vulnerabilities, generating, by the one or more processors, a suggestion to change the at least one component based on the new configuration,” of claim # 1.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DANT SHAIFER - HARRIMAN whose telephone number is (571)272-7910. The examiner can normally be reached M - F: 9am to 5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on 571- 272- 3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For 

/DANT B SHAIFER HARRIMAN/Primary Examiner, Art Unit 2434