Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 2/9/2021 was filed after the mailing date of the application on 11/8/2019.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.
The information disclosure statement (IDS) submitted on 11/8/2019 was filed after the mailing date of the application on 11/8/2019.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Allowable Subject Matter
Claim 17 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of 
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claim(s) 1-15 and 18-20 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Hayden (US Patent 10,728,265).


As per claims 1, 11 and 19: A testing device comprising:
a first interface device configured to enable communication with a first component of a vehicle (Col 3, lines 12-23; The CWR includes a bus sensing circuit to sense traffic on a communications bus over time);
a second interface device configured to enable communication with a second component of the vehicle (Col 3, lines 12-23; an anomaly detecting circuit to detect anomalous behavior in the sensed bus traffic);
test module storage configured to store one or more test modules (Col 4, lines 4-7; a CWR is adapted to the MIL-STD-1553 (“1553”) communications bus architecture (for a serial data bus) commonly used on avionics platforms in the defense industry);
Col 7, lines 48-58; there may be more subsystems (and hence, remote terminals) than can be supported by one communications bus within the avionics platform, so multiple communications busses are needed to communicate and control the various systems. In the CWR system 300 of FIG. 3, one component (e.g., computer, control display unit, or the like) is shared between the two communications busses 310 and 360, and serves as the bus controller 370 for the second communications bus 360 and the remote terminal 332 for the first communications 310) and to cause the second interface device to communicate second test data to the second component of the vehicle to perform a vulnerability test associated with the selected test module (Col 3, lines 12-23; a data fusing circuit to fuse the detected anomalous behavior into groups having similar characteristics, a decision making circuit to decide if the fused anomalous behavior is normal or abnormal, and a behavior logging circuit to log the detected anomalous behavior on an electronic storage device).
As per claims 2 and 12: The testing device of claim 1, wherein the first interface device includes one or more of a radio frequency interface, a wired Ethernet-type interface, or an avionics bus interface (Col 4, lines 4-7; a CWR is adapted to the MIL-STD-1553 (“1553”) communications bus architecture (for a serial data bus) commonly used on avionics platforms in the defense industry).
As per claim 3: The testing device of claim 2, wherein the first interface device is configured to operate in accordance with one or more of an ARINC 429-type data transfer standard or a MIL-SPEC-1553 serial data bus standard (Col 4, lines 4-18; Aeronautical Radio, Incorporated (ARINC) standards (such as ARINC 429, directed to an avionics serial bus and corresponding protocol)).
As per claim 4: The testing device of claim 1, wherein the vulnerability test is a cybersecurity vulnerability test, the testing device further comprising a communication interface that is coupled to the test module storage and that is configured to enable loading of the one or more test modules from a cybersecurity software repository that is remote from the testing device (Col 3, lines 12-23; a behavior logging circuit to log the detected anomalous behavior on an electronic storage device).
As per claims 5 and 13: The testing device of claim 4, wherein the test modules are selected to be loaded from the cybersecurity software repository based on a testing priority, the testing priority based on a threat intelligence feed (Col 2, lines 61-66; Methods such as anti-virus software only protect systems against previously known threats, not against zero-day (e.g., first time) attacks).
As per claim 6: The testing device of claim 1, the test module storage further configured to store one or more additional test modules to enable functional testing of the first component of the vehicle (Col 6, lines 58-66; logging the detected anomalous behavior on a data storage device (such as a disk drive or a solid-state drive), and alerting an operator if the fused anomalous data appears to be abnormal (such as a possible cyberattack)).
As per claim 7 and 15: The testing device of claim 1, wherein the first interface device is configured to communicate the first test data to the first component in violation of a protocol associated with the first interface device (Col 13, lines 24-31; attacks can also violate the basic rules and conventions of the 1553 standard, or the application layer data they contain. Cyberattacks can also involve a compromised bus controller or remote terminal that deliberately sends incorrect data to another bus controller or remote terminal as part of the normal data exchange cycle. This can include, for example, measurement data, control commands, system status, or other types of information).
As per claim 8: The testing device of claim 1, wherein at least one of the first component and the second component includes a line-replaceable unit at a testbench (Col 3, lines 45-50; The CWR is a line-replaceable unit that provides “bolt-on” security to legacy systems not designed with cyber security requirements. In some embodiments, the CWR unit can be transparently added to a bus (such as an embedded bus) with minimal impact to the legacy system).
As per claim 9: The testing device of claim 1, further comprising: a testing partition that includes the first interface device, the second interface device, the user interface, and the test controller; and
an update partition that includes the test module storage (Col 17, lines 20-25; support incremental updates to training sets and learned behavior models).
As per claim 10: The testing device of claim 9, further comprising a hardware lock configured to selectively prevent an update of the one or more test modules (Col 17, lines 20-25; support incremental updates to training sets and learned behavior models).
As per claims 14 and 20: The method of claim 11, further comprising:	
selecting, at the testing device, one or more additional test modules that are executable by the testing device to perform functional testing of the one or more components of the vehicle (Col 7, lines 48-58; there may be more subsystems (and hence, remote terminals) than can be supported by one communications bus within the avionics platform, so multiple communications busses are needed to communicate and control the various systems. In the CWR system 300 of FIG. 3, one component (e.g., computer, control display unit, or the like) is shared between the two communications busses 310 and 360, and serves as the bus controller 370 for the second communications bus 360 and the remote terminal 332 for the first communications 310); and
executing, at the testing device, the one or more additional test modules to perform the functional testing, wherein the functional testing includes communicating functional test data, via one or more of the multiple interface devices, to the one or more components of the vehicle (Col 3, lines 12-23; a data fusing circuit to fuse the detected anomalous behavior into groups having similar characteristics, a decision making circuit to decide if the fused anomalous behavior is normal or abnormal, and a behavior logging circuit to log the detected anomalous behavior on an electronic storage device).
As per claim 18: The method of claim 11, wherein the vulnerability test is performed during product development of the one or more components, during certification testing Col 3, lines 12-23; a data fusing circuit to fuse the detected anomalous behavior into groups having similar characteristics, a decision making circuit to decide if the fused anomalous behavior is normal or abnormal, and a behavior logging circuit to log the detected anomalous behavior on an electronic storage device).

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim 16 is rejected under 35 U.S.C. 103 as being unpatentable over Hayden (US Patent 10,728,265) in view of Chen (US Patent Pub. 20140280157).

As per claim 16: Hayden discloses the method of claim 11, further comprising: a second interface device configured to enable communication with a second component Col 3, lines 12-23; an anomaly detecting circuit to detect anomalous behavior in the sensed bus traffic).
However Hayden does not specifically disclose receiving an application programming interface (API) key associated with a subscription to a cybersecurity test suite module that includes the test module; accessing the cybersecurity test suite module via the API key to load the cybersecurity test suite module to the testing device; and comparing a result of the vulnerability test to a pass-fail condition (See Chen; Paragraph 33; As the device data management system receives a request to write data to a container, for example from devices to post data, or to read data from a container, for example from end users with subscriptions to access data via step 602, it checks for the presence of an API key on the request via step 604. If no such key is found, the system rejects the request via step 606).
Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains, having the teachings of Hayden in view of Chen in it’s entirety, to modify the technique of Hayden for a cyber warning receiver (CWR) by adopting Chen's teaching for end users with subscriptions to access data via step 602, it checks for the presence of an API key on the request. The motivation would have been to improve vulnerability testing.




Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ANTHONY D BROWN whose telephone number is (571)270-1472. The examiner can normally be reached 730-330pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on 571-272-6798. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/ANTHONY D BROWN/Primary Examiner, Art Unit 2433