Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION

1.        This action is in response to application amendments filed on 12-6-2021. 
2.        Claims 1 - 20 are pending.  Claims 1 - 19 have been amended.  Claims 1, 10, 14 are independent.  This application was filed on 6-9-2020.  

Response to Arguments

3.    Applicant’s arguments, see Arguments/Remarks Made in an Amendment, filed 12-6-2021, with respect to the rejection(s) under Golden have been fully considered and are persuasive.  Therefore, the rejection has been withdrawn.  However, upon further consideration, a new ground(s) of rejection is made in view of Golden in view of Rao.

A.  Applicant argues on page 9 of Remarks: Golden is silent regarding establishing a secure communication between two implanted medical devices and exchanging data between the two medical devices.

    The Examiner respectfully disagrees.  Rao discloses establishing a secure communication between two implantable devices.  (see Rao Figure 1; paragraph [0105], lines 1-27: communication path between implanted devices is intended to be a wireless communication path; connection path is routed through a server to enable the server to exclusively communicate with devices/networks outside the body wherein the implant 

B.  Applicant argues on pages 9-10 of Remarks: “   ...   Golden does not disclose at least “establishing a second secure communication pathway between the first implantable device and the second implantable device” and “exchanging data between the first implantable device and the second implantable device via the second secure communication pathway”   ...   . 

    The Examiner respectfully disagrees. Rao discloses establishing a secure communication session between two implantable devices. (see Rao Figure 1; paragraph [0105], lines 1-27: communication path between implanted devices is intended to be a wireless communication path; connection path is routed through a server to enable the server to exclusively communicate with devices/networks outside the body wherein the implant devices communicate with each other in conjunction with the server; paragraph [0033], lines 1-4: enable seamless and secure communication of information among one or more of the implantable devices within an implant device network)  
    Rao discloses exchanging messages between the two implantable devices. (see Rao paragraph [0105], lines 1-27: communication path between implanted devices is intended to be a wireless communication path; connection path is routed through a server to enable the server to exclusively communicate with devices/networks outside the body wherein the implant devices communicate with each other in conjunction with 

C.  Applicant argues on page 10 of Remarks: “   ...   claims 2-9 are allowable over the cited document of record for at least their dependency from an allowable base claim,   ...   “. 

    Responses to arguments against the independent claims also answer arguments against the associated dependent claims.    

D.  Applicant argues on page 11 of Remarks:    ...   Golden does not disclose at least “establishing a second secure communication channel between the first implantable device and the second implantable device” and “exchanging data between the first implantable device and the second implantable device via the second secure communication channel”   ...   . 

    The Examiner respectfully disagrees.  Rao discloses establishing a secure communication session between two implantable devices. (see Rao Figure 1; paragraph [0105], lines 1-27: communication path between implanted devices is intended to be a wireless communication path; connection path is routed through a server to enable the server to exclusively communicate with devices/networks outside the body wherein the implant devices communicate with each other in conjunction with the server; paragraph [0033], lines 1-4: enable seamless and secure communication of information among one or more of the implantable devices within an implant device 
    Rao discloses exchanging messages between the two implantable devices. (see Rao paragraph [0105], lines 1-27: communication path between implanted devices is intended to be a wireless communication path; connection path is routed through a server to enable the server to exclusively communicate with devices/networks outside the body wherein the implant devices communicate with each other in conjunction with the server; paragraph [0033], lines 1-4: enable seamless and secure communication of information (exchange information between implantable devices) among one or more of the implantable devices within an implant device network)

E.  Applicant argues on page 12 of Remarks: “   ...   claims 11-13 are allowable over the cited document of record for at least their dependency from an allowable base claim,   ...   “. 

    Responses to arguments against the independent claims also answer arguments against the associated dependent claims.   

F.  Applicant argues on page 13 of Remarks:    ...   Golden does not disclose at least “establishing a second secure communication link between the first implantable device and the second implantable device” and “exchanging data between the first implantable device and the second implantable device via the second secure communication link”   ...   . 

    The Examiner respectfully disagrees.  Rao discloses establishing a secure communication session between two implantable devices. (see Rao Figure 1; 
    Rao discloses exchanging messages between the two implantable devices. (see Rao paragraph [0105], lines 1-27: communication path between implanted devices is intended to be a wireless communication path; connection path is routed through a server to enable the server to exclusively communicate with devices/networks outside the body wherein the implant devices communicate with each other in conjunction with the server; paragraph [0033], lines 1-4: enable seamless and secure communication of information (exchange information between implantable devices) among one or more of the implantable devices within an implant device network)

G.  Applicant argues on page 13 of Remarks: “   ...   claims 15-20 are allowable over the cited document of record for at least their dependency from an allowable base claim,   ...   “. 

    Responses to arguments against the independent claims also answer arguments against the associated dependent claims.   

Claim Rejections - 35 USC § 103  

4.        The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

5.        Claims 1 - 20 are rejected under 35 U.S.C. 103 as being unpatentable over Golden et al. (US PGPUB No. 20100292556) in view of Rao et al. (US PGPUB No. 20160317822).     	

Regarding Claim 1, Golden discloses a system comprising: 
a)  a first implantable device configured to be implanted subcutaneously in a body; (see Golden paragraph [0058], lines 6-18: medical device denotes a device implanted in a patient to provide a medical function and exchange associated data; (i.e. medical devices such as infusion pump, pacemaker)) and 
c)  a control component coupled to the first implantable device, the control component including a processor having computer instructions that when executed cause the processor to perform (see Golden paragraph [0188], lines 1-10: implemented in one or more modules that include computer software stored on computer readable medium including instructions configured to be executed by one or more microprocessors to perform the described process steps or stages) 
operations comprising: 
ing a secure boot process of the first implantable device implanted subcutaneously in the body; (see Golden paragraph [0106], lines 8-10: user device configured to boot securely into the secure environment; reliable, separate, and secure operating environment for medical application; paragraph [0111], lines 1-7: device configured to support one or more secure environments and one or mode medical applications within each secure environment)    
e)  identifying an authorized device; (see Golden paragraph [0109], lines 1-5: secure environment configured to authorize and grant/deny access to secure environment operating on medical device; prohibits unauthorized devices and/or medical applications from communicating with medical device, para 82)    
f)   establishing a first secure communication pathway between the first implantable device and the authorized device; (see Golden paragraph [0082], lines 1-7: with appropriate authorization levels could be granted access to managing/monitoring functions associated with medical device through service platform, para. 109)    
g)  identifying an unauthorized device; (see Golden paragraph [0109], lines 1-5: secure environment configured to authorize and grant/deny access to secure environment operating on medical device; prohibits unauthorized devices and/or medical applications from communicating with medical device) and 
h)  blocking communications between the first implantable device and the unauthorized device. (see Golden paragraph [0109], lines 1-5: secure environment configured to authorize and grant/deny access to secure environment operating on medical device and prohibit or deny access (i.e. block 

Golden does not specifically disclose for b) a second implantable device configured to be implanted in a body, and for i) establishing a second secure communication pathway between a first implantable device and a second implantable device, and for j) exchanging data between a first implantable device and a second implantable device via a second secure communication pathway. 
However, Rao discloses: 
b)  a second implantable device configured to be implanted subcutaneously in the body;  (see Rao paragraph [0105], lines 1-27: implant device network labeled with the legend 230-IDN, comprising a plurality of implanted medical devices ID1, ID2, ID3, ID4, ID5, ID6, ID7 and ID8 that are configured to communicate via wired and wireless communication; normally the preferred communication path between one or more of the implanted devices is intended to be a wireless communication path; connection path is routed through a server to enable the server to exclusively communicate with devices/networks outside the body wherein the implant devices communicate with each other in conjunction with the server; (ID2, second implantable device)) and
i)   establishing a second secure communication pathway between the first implantable device and the second implantable device; (see Rao Figure 1; paragraph [0105], lines 1-27: communication path between implanted devices is intended to be a wireless communication path; connection path is routed through a server to enable the server to exclusively communicate with devices/networks and 
j)   exchanging data between the first implantable device and the second implantable device via the second secure communication pathway. (see Rao paragraph [0105], lines 1-27: communication path between implanted devices is intended to be a wireless communication path; connection path is routed through a server to enable the server to exclusively communicate with devices/networks outside the body wherein the implant devices communicate with each other in conjunction with the server; paragraph [0033], lines 1-4: enable seamless and secure communication of information (exchange information between implantable devices) among one or more of the implantable devices within an implant device network) 
        It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Golden for a) a second implantable device configured to be implanted in a body, and for i) establishing a second secure communication pathway between a first implantable device and a second implantable device, and for j) exchanging data between a first implantable device and a second implantable device via a second secure communication pathway as taught by Rao.  One of ordinary skill in the art would have been motivated to employ the teachings of Rao for the benefits achieved from a system 

Regarding Claim 2, Golden-Rao discloses the system of claim 1, further comprising: a firewall component; an operation and maintenance component; a deactivation component; and a key database component. (see Golden paragraph [0075], lines 1-7: medical device and service platform utilizes security technologies such as encryption/decryption, cryptography, IPSec, SSL, firewalls and data management zones; token based security, public/private keys (i.e. key database); paragraph [0107], lines 1-6: limiting access to functions of secure environment based on public/private keys)    

Regarding Claim 3, Golden-Rao discloses the system of claim 1, wherein the secure boot process of the first implantable device includes: 
a)  receiving a key; b) determining the key is an authorized key; (see Golden paragraph [0075], lines 1-7: medical device and service platform utilizes security technologies such as encryption/decryption, cryptography, IPSec, SSL, firewalls and data management zones; token based security, public/private keys (i.e. utilize key as authorization mechanism); paragraph [0107], lines 1-6: limiting access to functions of secure environment based on public/private keys) and
c)  in response to determining the key is an authorized key, booting the first implantable device. (see Golden paragraph [0119], lines 1-5: boot configuration of device is configured so that an OS  or kernel associated with secure environment always boots first before any OS or application associated with non-secure environment; paragraph [0106], lines 8-10: user device configured to boot securely into the secure environment; reliable, separate, and secure operating environment for medical application; paragraph [0111], lines 1-7: device configured to support one or more secure environments and one or mode medical applications within each secure environment)

Regarding Claim 4, Golden-Rao discloses the system of claim 1, further comprising a gateway coupled to the first secure communication pathway. (see Golden paragraph [0035], lines 1-9: computing device operates as a gateway via which medical device receives and/or sends information; gateway functionality completed in a secure, controlled fashion)    

Regarding Claim 5, Golden-Rao discloses the system of claim 1, wherein the first secure communication pathway operates according to a secure communication protocol, the secure communication protocol including a handshaking protocol that utilizes a key. (see Golden paragraph [0075], lines 1-7: medical device and service platform utilizes security technologies such as encryption/decryption, cryptography, IPSec, SSL, firewalls and data management zones; token based security, public/private keys; (SSL communication utilizing a handshake type security protocol))    

Regarding Claim 6, Golden-Rao discloses the system of claim 1, wherein the first secure communication pathway includes a secure communication channel between the first implantable device and the authorized device. (see Golden paragraph [0082], lines 1-7: with appropriate authorization levels could be granted access to managing/monitoring functions associated with medical device through service platform; paragraph [0075], lines 1-7: medical device and service platform utilizes security technologies such as encryption/decryption, cryptography, IPSec, SSL, firewalls and data management zones; token based security, public/private keys; (SSL communication utilizing a handshake type security protocol))    

Regarding Claim 7, Golden-Rao discloses the system of claim 1, wherein the first secure communication pathway includes a first secure communication channel between a gateway and the first implantable device and a second secure communication channel between the gateway and the authorized device. (see Golden paragraph [0035], lines 1-9: computing device operates as a gateway via which medical device receives and/or sends information; gateway functionality completed in a secure, controlled fashion; paragraph [0082], lines 1-7: with appropriate authorization levels could be granted access to managing/monitoring functions associated with medical device through service platform)  

Regarding Claim 8, Golden-Rao discloses the system of claim 1, wherein the first implantable device is at least one of a pacemaker, a cardioverter defibrillator, an artificial pancreas, a glucose monitor, an insulin pump, an artificial kidney, a cochlear implant, an artificial joint, an artificial knee, an artificial elbow, a retina implant, or an iris implant. (see Golden paragraph [0107], lines 1-6: limiting access to functions of secure pacemaker))   

Regarding Claim 9, Golden-Rao discloses the system of claim 8, wherein the first secure communication pathway is a wireless communication channel compliant with at least one of a 802.11 family of protocols, Bluetooth, Zigbee, LTE, Wi-MAX, Wi-Fi, near field communication, or frequency hopping. (see Golden paragraph [0069], lines 19-22: provide communication connection to one or more medical devices; interface comprising a wired or wireless connection such as a 802.11 interface, Bluetooth interface, or ZigBee interface; (selected: 802.11 family of protocols, Bluetooth, Zigbee))    

Regarding Claim 10, Golden discloses a method comprising: providing power to a first implantable device and a second implantable device, the first implantable device and the second implantable device implanted subcutaneously in a body; (see Golden paragraph [0058], lines 6-18: medical device denotes a device implanted in a patient to provide a medical function and exchange associated data (medical devices such as infusion pump, pacemaker); paragraph [0100], lines 4-12: architecture configured with battery, power management components); obtaining an authorization key unique to the first implantable device; and confirming the authorization key unique to the first implantable device; (see Golden paragraph [0075], lines 1-7: medical device and first secure communication channel between the implantable device and a second device; (see Golden paragraph [0082], lines 1-7: with appropriate authorization levels could be granted access to managing/monitoring functions associated with medical device through service platform; paragraph [0109], lines 1-5: secure environment configured to authorize and grant/deny access to secure environment operating on medical device; prohibits unauthorized devices and/or medical applications from communicating with medical device)    

    Furthermore, Golden does not specifically disclose a second implantable device implanted subcutaneously in a body, and establishing a second secure communication pathway between a first implantable device and a second implantable device, and exchanging data between a first implantable device and a second implantable device via a second secure communication pathway. 
    However, Rao discloses wherein a second implantable device implanted subcutaneously in a body.  (see Rao paragraph [0105], lines 1-27: implant device network labeled with the legend 230-IDN, comprising a plurality of implanted medical devices ID1, ID2, ID3, ID4, ID5, ID6, ID7 and ID8 that are configured to communicate via wired and wireless communication; normally the preferred communication path between one or more of the implanted devices is intended to be a wireless communication path; connection path is routed through a server to enable the server to 
    And, Rao discloses wherein establishing a second secure communication pathway between the first implantable device and the second implantable device; (see Rao Figure 1; paragraph [0105], lines 1-27: communication path between implanted devices is intended to be a wireless communication path; connection path is routed through a server to enable the server to exclusively communicate with devices/networks outside the body wherein the implant devices communicate with each other in conjunction with the server; paragraph [0033], lines 1-4: enable seamless and secure communication of information among one or more of the implantable devices within an implant device network) and 
    And, Rao discloses wherein exchanging data between the first implantable device and the second implantable device via the second secure communication pathway. (see Rao paragraph [0105], lines 1-27: communication path between implanted devices is intended to be a wireless communication path; connection path is routed through a server to enable the server to exclusively communicate with devices/networks outside the body wherein the implant devices communicate with each other in conjunction with the server; paragraph [0033], lines 1-4: enable seamless and secure communication of information (exchange information between implantable devices) among one or more of the implantable devices within an implant device network) 
        It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Golden for a second implantable device 

Regarding Claim 11, Golden-Rao discloses the method of claim 10, further comprising communicating between the first implantable device and the second device over the first secure communication channel. (see Golden paragraph [0082], lines 1-7: with appropriate authorization levels could be granted access to managing/monitoring functions associated with medical device through service platform; paragraph [0075], lines 1-7: medical device and service platform utilizes security technologies such as encryption/decryption, cryptography, IPSec, SSL, firewalls and data management zones; token based security, public/private keys; (SSL communication utilizing a handshake security type protocol))      

Regarding Claim 12, Golden-Rao discloses the method of claim 10, further comprising: detecting an abnormal condition of the first implantable device; (see Golden paragraph [0109], lines 1-5: secure environment configured to authorize and grant/deny access to secure environment operating on medical device; prohibits unauthorized devices and/or medical applications from communicating with medical device; (abnormal condition: first implantable device. (see Golden paragraph [0106], lines 8-10: user device configured to boot securely into the secure environment; reliable, separate, and secure operating environment for medical application)     

Regarding Claim 13, Golden-Rao discloses the method of claim 10, wherein the second device is at least one of a gateway device or an external device. (see Golden paragraph [0035], lines 1-9: computing device operates as a gateway via which medical device receives and/or sends information; gateway functionality completed in a secure, controlled fashion; (selected: gateway device))

Regarding Claim 14, Golden discloses a method for operating an implantable device, the method comprising:
a)  securely booting a first implantable device; (see Golden paragraph [0106], lines 8-10: user device configured to boot securely into the secure environment; reliable, separate, and secure operating environment for medical application; paragraph [0111], lines 1-7: device configured to support one or more secure environments and one or mode medical applications within each secure environment)     
b)  identifying an authorized device; (see Golden paragraph [0109], lines 1-5: secure environment configured to authorize and grant/deny access to secure environment operating on medical device; prohibits unauthorized devices and/or medical applications from communicating with medical device)     
prohibits unauthorized devices and/or medical applications from communicating with medical device) and
d)  communicating securely between the authorized device and the first implantable device via a first secure communication link, wherein an unauthorized device is prevented from accessing the first secure communication link. (see Golden paragraph [0082], lines 1-7: with appropriate authorization levels could be granted access to managing/monitoring functions associated with medical device through service platform; paragraph [0109], lines 1-5: secure environment configured to authorize and grant/deny access to secure environment operating on medical device; prohibits unauthorized devices and/or medical applications from communicating with medical device)      

Golden does not specifically discloses for e) establishing a second secure communication pathway between a first implantable device and a second implantable device, and for f) exchanging data between a first implantable device and a second implantable device via a second secure communication pathway. 
However, Rao discloses: 
e)  establishing a second secure communication pathway between the first implantable device and the second implantable device; (see Rao Figure 1; paragraph [0105], lines 1-27: communication path between implanted devices is intended to be a wireless communication path; connection path is routed through a server to enable the server to exclusively communicate with devices/networks and 
f)   exchanging data between the first implantable device and the second implantable device via the second secure communication pathway. (see Rao paragraph [0105], lines 1-27: communication path between implanted devices is intended to be a wireless communication path; connection path is routed through a server to enable the server to exclusively communicate with devices/networks outside the body wherein the implant devices communicate with each other in conjunction with the server; paragraph [0033], lines 1-4: enable seamless and secure communication of information (exchange information between implantable devices) among one or more of the implantable devices within an implant device network) 
        It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Golden for e) establishing a second secure communication pathway between a first implantable device and a second implantable device, and for f) exchanging data between a first implantable device and a second implantable device via a second secure communication pathway as taught by Rao.  One of ordinary skill in the art would have been motivated to employ the teachings of Rao for the benefits achieved from a system that enables the networking of implantable devices and associated medical device.   (see Rao paragraph [0024], lines 1-5)

Regarding Claim 15, Golden-Rao discloses the method of claim 14, wherein securely booting the first implantable device includes a secure boot process, and wherein the secure boot process includes utilizing a key. (see Golden paragraph [0106], lines 8-10: user device configured to boot securely into the secure environment; reliable, separate, and secure operating environment for medical application; paragraph [0075], lines 1-7: medical device and service platform utilizes security technologies such as encryption/decryption, cryptography, IPSec, SSL, firewalls and data management zones; token based security, public/private keys; paragraph [0107], lines 1-6: limiting access to functions of secure environment based on public/private keys)    

Regarding Claim 16, Golden-Rao discloses the method of claim 14, wherein communicating securely with the first implantable device includes operating according to a secure communication protocol, the secure communication protocol including a handshake protocol that utilizes a key. (see Golden paragraph [0106], lines 8-10: user device configured to boot securely into the secure environment; reliable, separate, and secure operating environment for medical application; paragraph [0111], lines 1-7: device configured to support one or more secure environments and one or mode medical applications within each secure environment; paragraph [0075], lines 1-7: medical device and service platform utilizes security technologies such as encryption/decryption, cryptography, IPSec, SSL, firewalls and data management zones; token based security, public/private keys; (SSL communication utilizing a public/private keys)   

Regarding Claim 17, Golden-Rao discloses the method of claim 14, wherein the authorized device is a gateway device. (see Golden paragraph [0035], lines 1-9: computing device operates as a gateway via which medical device receives and/or sends information; gateway functionality completed in a secure, controlled fashion) 

Regarding Claim 18, Golden-Rao discloses the method of claim 14, wherein the first secure communication link includes a first secure communication channel between a gateway and the first implantable device and a second secure communication channel between the gateway and the authorized device. (see Golden paragraph [0035], lines 1-9: computing device operates as a gateway via which medical device receives and/or sends information; gateway functionality completed in a secure, controlled fashion)    

Regarding Claim 19, Golden-Rao discloses the method of claim 14, wherein the first secure communication link is a wireless communication channel compliant with at least one of 802.11 family of protocols, Bluetooth, Zigbee, LTE, Wi-Fi, near field communication, and frequency hopping. (see Golden paragraph [0069], lines 19-22: provide communication connection to one or more medical devices; interface comprising a wired or wireless connection such as a 802.11 interface, Bluetooth interface, or ZigBee interface; (selected: 802.11 family of protocols, Bluetooth, Zigbee))     

Regarding Claim 20, Golden-Rao discloses the method of claim 14, further comprising initiating a firewall. (see Golden paragraph [0075], lines 1-7: medical device and service platform utilizes security technologies such as encryption/decryption, cryptography, IPSec, SSL, firewalls and data management zones; token based security, public/private keys; paragraph [0107], lines 1-6: limiting access to functions of secure environment based on public/private keys; (utilizing security technology associated with a firewall))    

Conclusion

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CARLTON JOHNSON whose telephone number is (571)270-1032.  The examiner can normally be reached on Work: 12-9PM (most days).

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on 571-272-4219.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/CJ/
February 28, 2022

                                                                                                                                                                                              

/SHEWAYE GELAGAY/Supervisory Patent Examiner, Art Unit 2436