DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The title of the invention is not descriptive.  A new title is required that is clearly indicative of the invention to which the claims are directed. 
The following title is suggested: “Controller and Method for Installing and Executing Bridge Firmware Data”.
The disclosure is objected to because of the following informalities: it recite verbatim as claim language.  Appropriate correction is required.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lin USPN 10,997,297 in view of Marsh et al USPN 7,055,148.


Lin teaches 
a buffer memory and a processor suitable for temporarily storing bridge firmware data in the buffer memory when the bridge firmware data is received together with a previous firmware update request (column 1, line 63,  this disclosure further relates to a storage device bridge.  This bridge may comprise a storage bus coupled to one or more storage media.  The bridge may further comprise embedded non-volatile memory.  This non-volatile memory may include a firmware image, a known data pattern (KDP), an encrypted KDP, and a public key.  The storage device bridge may comprise means for receiving a symmetric key from a host over a secure communication channel for obtaining a firmware image update encrypted using the symmetric key.  The bridge may also comprise means for decrypting the encrypted KDP using the symmetric key and validating the symmetric key in response to the decrypted KDP matching the 
known data pattern.  The bridge may comprise means for downloading and decrypting the firmware image update in response to validating the symmetric key.  Finally, the bridge may comprise means for replacing the firmware image with the firmware image update).
installing and executing bridge firmware based on the bridge firmware data after approved retention firmware data is received together with a subsequent firmware update request (column 7, line 37, when updating the firmware of the storage device 120 and/or when initiating operation of the storage device 120 (e.g., booting the storage device 120), it may be useful to prevent the storage device 120 from using unauthorized or invalid firmware.  For example, a user (e.g., a hacker or a malicious user) may 
installing the approved retention firmware after execution of the bridge firmware, and (column 12, line 22, in some embodiments, a current firmware image 320 may be installed at a predefined location from which the storage device 302 will boot the firmware code at start-up, and a restore firmware image 322 may be installed in another location.  This restore firmware image 322 may available to be booted from in a safe mode, when the controller 600 determines or suspects that a current firmware image 320 is compromised.  In one embodiment, the controller 600 may copy the restore firmware image 322 to the current firmware image 320 location to replace a potentially compromised firmware image). Lin teaches firmware installing process and bridging but doesn’t teach explicitly removing the installed bridge firmware, however Marsh et al teaches (column 7, line 52, in a preferred embodiment, the install application 554 may be configured to load the bootable kernel 560, the system loader interface 562, and the reboot logic 564 from the flash application 556 on the fixed data storage device 310 or "boot" disk.  As previously described, the modified boot image 480 (FIG. 3) may comprise the firmware patch 500, which may comprise the modified memory map 550.  



Regarding claims 2 and 10
Lin et al teaches 
 the processor is further suitable for determining whether firmware data received together with the previous firmware update request is the bridge firmware data based on a firmware header included in the firmware data (column 15, line 60, firmware image layout refers to a predefined organization and/or design for the format, encoding, data type, and organization of each of the parts of data that make up a firmware image.  In certain embodiments, the firmware image layout may define a firmware image as having a header, a body (such as firmware code), a footer, and firmware metadata.  The firmware image layout may also include details about which bits, bytes, words, or sets of bits, bytes, and words will be used to represent information, including executable instructions, stored in a firmware image).

Regarding claims 3 and 11
Lin teaches 
 the processor is further suitable for determining whether firmware data received together with the previous firmware update request is retention firmware data based on a firmware header included in the firmware data, and determining, when it is determined that the firmware data is the retention firmware data, whether the retention firmware data is the approved retention firmware data based on an electronic signature of the firmware data (column 10, line 35, as discussed above, it may be useful to prevent the data storage device 120 from using unauthorized/invalid firmware.  Using the 

Regarding claims 4 and 12
Lin teaches 
wherein the processor is further suitable for outputting failure signals as responses to the previous and subsequent firmware update requests when it is determined that the retention firmware data is not the approved retention firmware data (column 7, line 38, when updating the firmware of the storage device 120 and/or when initiating operation of the storage device 120 (e.g., booting the storage device 120), it may be useful to prevent the storage device 120 from using unauthorized or invalid firmware.  For example, a user (e.g., a hacker or a malicious user) may attempt to install unauthorized/invalid firmware (e.g., firmware that is not authentic and/or is not provided by the manufacturer of the storage device 120).  Using the unauthorized/invalid firmware may cause the storage device 120 to operate improperly and/or may result in security issues when the storage device 120 is used.  For example, the unauthorized/invalid firmware may allow unauthorized users to access data stored on the storage device 120.  In another example, the unauthorized/invalid firmware may cause errors to occur when the storage device 120 accesses data, which may corrupt the data stored on the storage device).




Regarding claims 5-6 and 13-14
Lin teaches 
the processor installs the bridge firmware by storing bridge firmware code, included in the bridge firmware data, in a defined region of the memory device (column 21, line 64, the bridge application-specific integrated circuit 718 may also include the microcontroller unit 720 to control the other components of the bridge application-specific integrated circuit 718.  For example, the microcontroller unit 720 may be an 8-bit 8051 device.  Data transfer buffers (not shown) may buffer data and commands received from the host computer 706, the storage media 704, or other portions of the storage device bridge 702 until the bridge application-specific integrated circuit 718 processes those data or commands).

Regarding claims 7 and 15
Marsh et al teaches 
the processor reproves the bridge firmware by invalidating the bridge firmware code stored in the defined region or controlling the memory device to erase the bridge firmware code from the defined region (column 2, line 4, an electrically erasable programmable read only memory (EEPROM) device is a non-volatile memory commonly used for storing firmware used by computing devices in their respective "boot" processes.  A flash EEPROM permits its entire memory to be erased in a single step.  In recent years, flash EEPROMS having selective erasable/writable memory block addressing capabilities have been used extensively for storing firmware.  The 

Regarding claims 8 and 16
Lin teaches 
the approved retention firmware enables the controller to perform a normal function, and  wherein the bridge firmware provides a special function, not provided by the approved retention firmware and the normal function (column 7, line 22, data storage devices, such as storage device 120, may use firmware (and/or other software) to perform various operations and/or functions.  For example, firmware may be used to control various low-level functions/operations of the storage device 120.  In another example, the firmware may be used to operate the storage device 120 (e.g., to allow the storage device 120 to communicate with the client devices, to read/write data from/to a storage medium, etc.).  The firmware (and/or other software) may be periodically updated to maintain the storage device 120 and/or to improve the operation of the storage device 120.  For example, the firmware may be updated to resolve issues (e.g., errors) encountered by users of the storage device 120.  In another example, the 
Relevant Prior Art
US 7590835 B1 Nallagatla; Purandhar et al.teaches Dynamically updating a computer system firmware image		
US 7089547 B2 Goodman; Brian Gerard et al. teaches Firmware updating	
US 8713553 B2 Suzuki; Ryo teaches Disk array apparatus and firmware update method therefor				
US 6357021 B1 Kitagawa; Masayuki et al. teaches Method and apparatus for updating firmware

Conclusion	
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Anil Khatri whose telephone number is (571)272-3725. The examiner can normally be reached M-F 8:30-5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, W Zhen can be reached on 571-272-3708. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.


/ANIL KHATRI/Primary Examiner, Art Unit 2191