Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
The rejections of the Final office action mailed 12/9/2021, have been overcome by the applicant’s arguments and the Examiner’s amendment (see below). 

Examiner’s Amendment
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee. 
Authorization for this examiner’s amendment was given in an interview with Jared L. Dujack (Reg. No. 72646), Attorney of Record, on 2/18/2022.

The application has been amended as follows:

1.	(Amended) A system for safety analysis of failure behavior comprising:  
a computing unit having two or more components, wherein each component of the two or more components has at least one inport for receiving failure data and one outport for transmitting failure data, 
wherein the system is configured for using a safety contract for analysis of the failure data of the two or more components of the computing unit, and wherein the system is configured for automatically generating the safety contract from a model-based 
wherein incoming failure data received at the inport are modelled by using an inport failure mode and outcoming failure data transmitted from the outport are modelled by using an outport failure mode, wherein the inport failure mode and the outport failure mode are defined by the model-based safety analysis model, 
wherein an internal failure behavior is defined for each component of the computing unit, and wherein the safety contract for the two or more components of the computing unit is an interface contract, and 
wherein the model-based safety analysis model is a component fault tree model,
wherein each inport failure mode and outport failure mode is described in an object constraint language, 
wherein each inport failure mode related to a respective inport is transformed into an assumption for the interface contract and each outport failure mode related to a respective outport is transformed into a guarantee of the interface contract, 
wherein transformation of each inport failure mode of the interface contract and outport failure mode of the interface contract includes negation of constraints specifying the respective inport failure mode and respective outport failure mode to automatically generate the interface contract. 

2-4. 	(Cancelled) 

5.	(Amended) The system as claimed in  claim 1, wherein outport failure modes of the two or more components that are not related to [[an]] the outport are transformed to guarantees of a component contract and inport failure modes of the two or more components that are not related to [[an]] the inport are transformed to assumptions of the component contract.   

6.	(Cancelled)  



8	(Original) The system as claimed in claim 1, wherein an integrity level is defined for the inport failure modes and the outport failure modes. 

9	(Amended) A method for providing safety analysis of failure behavior for a computing unit comprising two or more components, wherein each component of the two or more components has at least one inport for receiving failure data and one outport for transmitting failure data, and wherein separate safety analysis model modules are related to the respective components, comprising:
(a)	utilizing, by the computing unit, a model-based safety analysis model for the separate safety analysis modules; 
(b)	generating, by the computing unit, a safety contract from the model-based safety analysis model by the separate safety analysis modules; and
(c)	utilizing, by the computing unit, the generated safety contract for the analysis of the failures data of the components, 
wherein failure data received at the inport are modelled by using an inport failure mode and failure data transmitted from the outport are modelled by using an outport failure mode, wherein the inport failure mode and the outport failure mode are defined by the model-based safety analysis model,  
wherein an internal failure behavior is defined for each component of the computing unit, and wherein the safety contract for the two or more components of the computing unit is an interface contract, and 
wherein the model-based safety analysis model is a component fault tree model,
wherein each inport failure mode and outport failure mode is described in an object constraint language, 
wherein each inport failure mode related to a respective inport is transformed into an assumption for the interface contract and each outport failure mode related to a respective outport is transformed into a guarantee of the interface contract,
constraints specifying the respective inport failure mode and respective outport failure mode to automatically generate the interface contract.  

10-12.	(Cancelled) 

13.	(Amended) The method as claimed in claim 9, wherein outport failure modes of the two or more components that are not related to [[an]] the outport are transformed to guarantees of a component contract and inport failure modes of the two or more components that are not related to [[an]] the inport are transformed to assumptions of the component contract.

14.	(Cancelled) 

15.	(Previously Presented) The method as claimed in claim 9, wherein safety requirements and safety-related application conditions, SRAC, are defined for each of the components of the computing unit. 

16.	(Original) The method as claimed in claim 9, wherein an integrity level is defined for the inport failure modes and the outport failure modes. 


Reasons for Allowance
The following is a statement of reasons for the indication of allowable subject matter:  
Hofig et al (US 2017/0185470 A1) teaches a method for generating automatically a component fault tree of a safety-critical system on the basis of continuous function charts of system components of the respective safety-critical system.
Kaiser et al (NPL: Contract-Based design of embedded systems integrating nominal behavior and safety, 2015) teaches an integrated development approach that encompasses the systematic breakdown of nominal system behavior using contracts, the consistent derivation of safety analysis by interpreting several types of contract violations as a specification for failure modes, and the subsequent integration of safety mechanisms that cover these failure modes through safety contracts. The approach equally fits hardware and software and is therefore applicable on the system level.
These references taken either alone or in combination with the prior art of record fail to disclose instructions, including:
Claims 1 and 9: “wherein transformation of each inport failure mode of the interface contract and outport failure mode of the interface contract includes negation of constraints specifying the respective inport failure mode and respective outport failure mode to automatically generate the interface contract”
in combination with the remaining elements and features of the claimed invention. The dependent claims are allowable for at least their dependence on independent claims. 
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.” 

Conclusion
Claims 1, 5, 7-9, 13 and 15-16 are allowed.

Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Rehana Perveen can be reached on 571-272-3676. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/CHUEN-MEEI GAN/Primary Examiner, Art Unit 2148