Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 12/03/2021 has been entered.

Response to Amendment
This is in response to the amendments filed on 12/03/2021. Claims 1 and 5-9 have been amended. Claim 16 is newly added. Claims 1-3 and 5-16 are currently pending and have been considered below. 

Response to Arguments
Applicant’s arguments with respect to claim(s) 1 and 16 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-3, 7, and 9-16 is/are rejected under 35 U.S.C. 103 as being unpatentable over “Fernandez Gutierrez” (US 2012/0331307) in view of “Whelihan” (US 2011/0145919) in further view of “Pearson” (US 2014/0082724).

Regarding Claim 1:
Fernandez Gutierrez teaches:
A circuit monitoring the security (Fig. 5, element 550; ¶0118, “… the security component 550 … may use specialized hardware … the security component 550 … may comprise a combination of logic gates …”) of a processor (Fig. 5, element 500), wherein the circuit is configured to: 
- access a memory (Fig. 5, element 590; ¶0096, “… the security component 550 verifies the hash value 571 while transferring data 570 from the main memory to the cache line 580 of the L1 instruction cache …”) configured to store execution context data of a software program executed by the processor (¶0088, “In FIG. 5, element 570 represents a cache line stored in a given memory address of the main memory 590, which contains a first part 572, which for example may store executable instructions, and a second part HASH 571 …”); 
- determine one or more signatures from said execution context data (¶0111, “crypto module 551 may use symmetric cryptography algorithms where one cryptographic algorithm uses a secret key to generate a first hash value of a first data and the crypto module has access to the secret key, for example stored in the memory KEYS 552, and the crypto module executes the same algorithm to calculate the hash value of the same data and compares the generated hash value with the first hash value to verify the authenticity of the first hash value”); 
- compare said one or more signatures with … signatures (Fig. 20 details the main memory component 590 of Fig. 5’s processor storing an application element 1940 having predefined hash values associated with instructions of the application; ¶0088, “… and a second part HASH 571 storing a hash value that may be computed using a cryptographic hash function based on the data 572 and a cryptographic key”; ¶0111, “crypto module 551 may use symmetric cryptography algorithms where one cryptographic algorithm uses a secret key to generate a first hash value of a first data and the crypto module has access to the secret key, for example stored in the memory KEYS 552, and the crypto module executes the same algorithm to calculate the hash value of the same data and compares the generated hash value with the first hash value to verify the authenticity of the first hash value”) to monitor the security of the “If the crypto module 551 verifies the hash value is correct, the security component allows the CORE 510 to execute the instructions 582 stored in the cache line 580”), …
	wherein the circuit is further configured to use a secret key, the secret key being configured to authenticate one or more signatures (¶0111, “crypto module 551 may use symmetric cryptography algorithms where one cryptographic algorithm uses a secret key to generate a first hash value of a first data and the crypto module has access to the secret key, for example stored in the memory KEYS 552, and the crypto module executes the same algorithm to calculate the hash value of the same data and compares the generated hash value with the first hash value to verify the authenticity of the first hash value”; ¶0265, “SECRET_KEY is the secret key used with a symmetric cryptographic algorithm”; i.e., the same secret key is utilized in generating a first hash value and a hash value to verify the authenticity of the first hash value).
Fernandez Gutierrez does not disclose:
… said … signatures defined through a learning phase of the processor, the learning phase being performed offline.
Whelihan teaches:
… said predefined signatures (¶0060, “The calculated hash value may be compared to an expected hash value, for example a trained hash value stored in the reporting hardware 150”; ¶0093, “For example, the identifier may be calculated based on one or more properties of data 510 read and/or written by the system 100”; i.e., calculate expected hash values of data written to the system. Here, the examiner interprets the expected hash values as the “signatures”) defined through a learning “FIG.6 is a flowchart describing an exemplary method for training a temper-resister system. The process beings at step 602, when the system is placed into training mode”; ¶0101, “At step 604, the system locks 104 calculate the currently observed identifier … A series of reads to different subsystems scattered throughout the boot code may be used as a training signal. The system locks 104 pass the calculated identifiers to the reporting hardware 150…”; ¶0102, “At step 608, the reporting hardware 150 saves the observed identifiers as expected identifiers”; i.e., the expected hash values are calculated during a training phase of the system. Here, the examiner interprets the training phase of the system as the “defined through a learning phase of the processor”), the learning phase being performed offline (¶0102, “These … expected identifiers may be saved in the system 100 or in non-volatile random access memory …”; i.e., the training phase disclosed by Fig. 6 to generate expected hash identifiers is performed locally by system 100 and the expected hash identifiers are stored locally. Here, the examiner interprets the training and storing of identifiers locally as being “offline”). 
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Fernandez Gutierrez’s system of verifying executable instructions by enhancing Fernandez Gutierrez’s method of storing hash values corresponding to the executable instructions by incorporating a local training phase to generate the hash values and then locally store them, as taught by Whelihan, in order to allow the system to autonomously establish a chain-of-trust.
	The motivation is to utilize a local training phase to generate signature values of corresponding data written to a system in order for the system to perform self-validation 
Fernandez Gutierrez in view of Whelihan does not disclose:
	compare one or more signatures with dynamically defined signatures to monitor the security of the processor, said dynamically defined signatures defined through a learning phase of the processor…
Pearson teaches:
	compare one or more signatures with dynamically defined signatures to monitor the security of the processor (Fig. 4, steps 414, 416, and 418; ¶0048; ¶0049 disclose that upon a secure CPU receiving an active state instruction, generating dynamic signatures to compare with previously stored dynamic signatures), said dynamically defined signatures defined through a learning phase of the processor (Fig. 4, step 406 occurs responsive to receiving a low-power mode instruction; ¶0044, “The low-power mode instruction … is an instruction to transition the processor system … to the suspend-to-RAM power state … The secure CPU 204 … adds entries to identify the protected regions 218 in the STR data structure 216 …”; ¶0045, “The secure CPU 204 generates signatures (block 406) for authenticating the STR data structure 216. For example, the secure CPU 204 generates signatures for storing in the STR header signature field 302, the STR scatter/gather table signature 304, and the STR DRAM (dynamic random access memory) signature field 306 of FIG. 3”; i.e., create on-the-fly, 
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Fernandez Gutierrez in view of Whelihan’s system of verifying executable instructions by enhancing Fernandez Gutierrez in further view of Whelihan’s’s method of validating signatures to incorporate signatures that utilize dynamic data, as taught by Pearson, in order to enable the system to verify a CPU’s state at runtime.
	The motivation is to ensure that a secure CPU can transition into different states (e.g., low-power and active) without exposure to security vulnerabilities by generating signatures based on dynamic data that the secure CPU utilized during an active state. This prevents malicious code from written to secure memory portions during a low-power state of the secure CPU by allowing the secure CPU to validate said signatures, thus preventing an attacker from compromising the system during transitions (Pearson, ¶0015).

Regarding Claim 2:
The circuit of claim 1, wherein Fernandez Gutierrez in view of Whelihan in further view of Pearson further teaches the signature comprises a hash value (¶0111, “crypto module 551 may use symmetric cryptography algorithms where one cryptographic algorithm uses a secret key to generate a first hash value of a first data and the crypto module has access to the secret key, for example stored in the memory KEYS 552, and the crypto module executes the same algorithm to calculate the hash value of the same data and compares the generated hash value with the first hash value to verify the authenticity of the first hash value”).

Regarding Claim 3:
The circuit of claim 1, wherein Fernandez Gutierrez in view of Whelihan in further view of Pearson further teaches the circuit is further configured to verify the integrity of execution context data and/or of one or more signatures thereof (¶0111, “crypto module 551 may use symmetric cryptography algorithms where one cryptographic algorithm uses a secret key to generate a first hash value of a first data and the crypto module has access to the secret key, for example stored in the memory KEYS 552, and the crypto module executes the same algorithm to calculate the hash value of the same data and compares the generated hash value with the first hash value to verify the authenticity of the first hash value”).

Regarding Claim 7:
The circuit of claim 4, wherein Fernandez Gutierrez in view of Whelihan in further view of Pearson further teaches the secret key is used in a HMAC mode (¶0182, “the security component may use the HMAC protocol (Hash-based Message Authentication Code). HMAC is a protocol designed to calculate the "message authentication code" (MAC) using a cryptographic hash function in combination with a secret key”).

Regarding Claim 9:
“… the memory KEYS 552 may be a ROM memory or FLASH memory located inside the security component 550”).

Regarding Claim 10:
The circuit of claim 1, wherein Fernandez Gutierrez in view of in further view of Pearson Whelihan further teaches a sub circuit (Fig. 5, element 551) configured to compare signatures of execution context data is a part of a DMA controller and/or of the bus interface of the processor (Fig. 5, element 551 is directly connected to memory interface 542, which the examiner considers as being a part of the “bus” interface of the processor in addition to being directly coupled to memory and thus is also a “DMA” controller).

Regarding Claim 11:
The circuit of claim 1, wherein Fernandez Gutierrez in view of in further view of Pearson Whelihan further teaches the software program is one or more of an executable instruction, a plurality of executable instructions (Fig. 6A), a thread of executable instructions, a plurality of threads, a task, or a software process.

Regarding Claim 12:
The circuit of claim 1, wherein Fernandez Gutierrez in view of in further view of Pearson Whelihan further teaches the circuit is configured to control the processor (¶0097, “In one implementation, the CORE 510 can not execute instructions in the cache line 580 until the security component checks that the hash value 581 is correct …”).
 
Regarding Claim 13:
The circuit of claim 1, wherein Fernandez Gutierrez in view of in further view of Pearson Whelihan further teaches the circuit is configured to restore execution context data in the processor (¶0096, “… the security component 550 verifies the hash value 571 while transferring data 570 from the main memory to the cache line 580 of the L1 instruction cache and only stores the data 570 in the cache line 580 if the hash value 571 is correct”).

Regarding Claim 14:
Fernandez Gutierrez teaches:
The circuit of claim 1, …
Fernandez Gutierrez does not disclose:
… wherein an alert is triggered upon detection of a mismatch in the comparisons between execution context data and/or signatures thereof.
Whelihan teaches:
… wherein an alert is triggered upon detection of a mismatch in the comparisons between execution context data and/or signatures thereof (Figure 4, steps 412; ¶0091, “If, on the other hand, at 408 the determination is "No," processing proceeds to step 410, where it is determined that the system configuration has been changed. Subsequently, at step 412, a notification may be generated indicating that the system configuration has been modified or tampered with. The notification may be sent, for example, from the reporting hardware 150 to a low-level security subsystem that is tasked with ensuring the integrity of the system”).
	Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Fernandez Gutierrez’s system verify executable instructions by enhancing Fernandez Gutierrez’s security component to display an alert when a mismatch between signatures is detected, as taught by Whelihan, in order to visually indicate that an application’s instructions have been compromised.
	The motivation is to promptly give a user of a system notice that the system may be compromised by visually providing an alert indicating that a comparison between application signatures has failed in addition to providing specific countermeasures to address the mismatch (Whelihan, ¶0091).

Regarding Claim 15:
The circuit of claim 1, wherein Fernandez Gutierrez in view of Whelihan in further view of Pearson further teaches the circuit is part of the processor (Fig. 5, element 550 is a part of element 500).

Regarding Claim 16:
The circuit of claim 1, wherein Fernandez Gutierrez in view of Whelihan in further view of Pearson further teaches the compare said one or more signatures with said dynamically defined signatures is performed on-the-fly (Pearson, Fig. 4, step 406 occurs  “The low-power mode instruction … is an instruction to transition the processor system … to the suspend-to-RAM power state … The secure CPU 204 … adds entries to identify the protected regions 218 in the STR data structure 216 …”; ¶0045, “The secure CPU 204 generates signatures (block 406) for authenticating the STR data structure 216. For example, the secure CPU 204 generates signatures for storing in the STR header signature field 302, the STR scatter/gather table signature 304, and the STR DRAM (dynamic random access memory) signature field 306 of FIG. 3”; i.e., the comparison occurs “on-the-fly”, shown in Fig. 4, step 416, as no other processes are interrupted at this point of execution of the secure CPU).
The motivation to reject claim 16 under Pearson is the same motivation used in rejecting claim 1 with Pearson combined with Fernandez Gutierrez in view of Whelihan.

Claims 5, 6, and 8 is/are rejected under 35 U.S.C. 103 as being unpatentable over “Fernandez Gutierrez” (US 2012/0331307) in view of “Whelihan” (US 2011/0145919) in view of “Pearson” (US 2014/0082724) in further view of “Scherer” (US 2009/0285390).

Regarding Claim 5:
Fernandez Gutierrez in view of Whelihan in further view of Pearson teaches:
The circuit of claim 1, …
Fernandez Gutierrez in view of Whelihan in further view of Pearson does not disclose:
Scherer teaches:
… wherein the secret key is randomly initialized during the initialization of the processor (¶0032, “In 603, the integrated circuit 100 will detect that no previously stored encrypted versions of the generic code image exists in the memory … This operation may be performed by … the boot ROM 103”; ¶0033, “Assuming that no previously stored versions were located in 603, the boot ROM 103 may send a command to the cryptographic 113 requesting the cryptographic to generate a random key”).
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Fernandez Gutierrez in view of Whelihan in further view of Pearson’s system verify executable instructions by enhancing Fernandez Gutierrez in view of Whelihan in further view of Pearson’s security component to generate a secret key during boot-up of a processor, as taught by Scherer, in order to ensure that the secret key does not become stale.
	The motivation is to generate random secret keys during a boot-up procedure of a processor of a system in order to protect the system from a comprised key obtained at a prior point in time. Requiring a key be randomly generated upon a boot-up procedure prevents such keys from becoming stale, and thus reduces the window of attack presented if such keys were to leak from the system.

Regarding Claim 6:
Fernandez Gutierrez in view of Whelihan in further view of Pearson teaches:

Fernandez Gutierrez in view of Whelihan in further view of Pearson does not disclose:
… wherein the secret key is generated using a Physically Unclonable Function and/or a challenge-response device.Scherer teaches:
… wherein the secret key is generated using a Physically Unclonable Function and/or a challenge-response device (¶0032, “… the integrated circuit may perform a challenge/response …”; Fig. 1, element 100 further contains element 113 which generates a secret key, and thus constitutes as a “challenge-response device” that generates the secret key).
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Fernandez Gutierrez in view of Whelihan in further view of Pearson’s system verify executable instructions by enhancing Fernandez Gutierrez in view of Whelihan in further view of Pearson’s security component to generate a secret key using a challenge-response device, as taught by Scherer, in order to increase the trust of the secret key.
	The motivation is to generate a secret key by using a device that is trusted, such as a device that carries out a challenge-response protocol, in order to reduce the chance that a hijacker can spoof the key and present itself as trusted.

Regarding Claim 8:
Fernandez Gutierrez in view of Whelihan in further view of Pearson teaches:
The circuit of claim 1, …
Fernandez Gutierrez in view of Whelihan in further view of Pearson does not disclose:
… wherein the secret key is generated by a true random generator.Scherer teaches:
… wherein the secret key is generated by a true random generator ¶0033, “Assuming that no previously stored versions were located in 603, the boot ROM 103 may send a command to the cryptographic 113 requesting the cryptographic to generate a random key… the cryptographic logic 113 … may be a true random number generator …”)..
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Fernandez Gutierrez in view of Whelihan in further view of Pearson’s system verify executable instructions by enhancing Fernandez Gutierrez in view of Whelihan in further view of Pearson’s security component to generate a secret key using a true random generator, as taught by Scherer, in order to reduce the likelihood the secret key can be recreated by a malicious party.
	The motivation is to generate a secret key by utilizing a random sequence of data that is not able to be manually recreated. This prevents a malicious party from re-creating the secret key using key-sniffing techniques or brute-force measures.

Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DANIEL B POTRATZ whose telephone number is (571)270-5329.  The examiner can normally be reached on M-F 10 A.M. - 6 P.M. CST.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on 571-272-3972.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/DANIEL B POTRATZ/Primary Examiner, Art Unit 2491