DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

This office action is a response to an application filed 08/11/2020 wherein claims 1-3, 11-20 and 27-46 are pending and ready for examination.  Claims 4-10 and 21-26 have been cancelled.
                                      Information Disclosure Statement 
The information disclosure statements (IDS) submitted on 5/7/2014, 5/29/2014, 10/24/2104 are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Claim Objections
Claim 11 objected to because of the following informalities:  Claim 11 depends from cancelled claim 10.  Appropriate correction is required.

CLAIM INTERPRETATION
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 

As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 
(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.

This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitations uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier.  Such claim limitations are: a first coupler configured to couple a second coupler configured to couple a forensic module configured to provide, a security engine configured to isolate, and a forensic module configured to provide access in claim 1, a communication manager configured to selectively couple in claim 2, a power manager configured to selectively couple in claim 3, a forensic module is configured to provide access in claims 11 and 13, the forensic module is further configured to interrogate in claim 12, a forensics module configured to provide in claim 13, the forensic module configured to push in claim 14, processing resources configured to implement in claim 15, functionality configured to replace in claim 15, and a failover component configure to implement in claim 16.


If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-3, 11-20, and 27-35 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.

Claim 1 cites a first coupler configured to couple, a second coupler configured to couple, a security engine configured to isolate, and a forensic module configured to provide access which invokes 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. However, the written description fails to disclose the corresponding structure, material, or acts for performing the 

         Claim 2 cites a communication manager configured to selectively couple which invokes 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. However, the written description fails to disclose the corresponding structure, material, or acts for performing the entire claimed “configured to couple” function and to clearly link the structure, material, or acts to the function. The disclosure fails to describe any structure for performing the said “configured to couple” function nor does the disclosure does not provide sufficient details regarding the structure for performing the function.  Therefore, claim 2 is indefinite and is rejected under 35 U.S.C. 112(b) or pre-AIA  35 U.S.C. 112, second paragraph.
          Claim 3 cites a power manager configured to selectively couple which invokes 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. However, the written description fails to disclose the corresponding structure, material, or acts for performing the entire claimed function and to clearly link the structure, material, or acts to the function. The disclosure fails to describe any structure for performing the said coupling function nor does the disclosure does not provide sufficient details regarding the structure for performing the “coupling” whereby the term “coupling” is not present in the disclosure. Therefore, claim 3 is indefinite and is rejected under 35 U.S.C. 112(b) or pre-AIA  35 U.S.C. 112, second paragraph.

configured to provide access which invokes 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. However, the written description fails to disclose the corresponding structure, material, or acts for performing the entire claimed function and to clearly link the structure, material, or acts to the function. The disclosure fails to describe any structure for performing the said coupling function nor does the disclosure does not provide sufficient details regarding the structure for performing the “configured to provide access”. Therefore, claim 11 is indefinite and is rejected under 35 U.S.C. 112(b) or pre-AIA  35 U.S.C. 112, second paragraph.

           Claim 12 cites a forensic module is configured to interrogate access which invokes 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. However, the written description fails to disclose the corresponding structure, material, or acts for performing the entire claimed function and to clearly link the structure, material, or acts to the function. The disclosure fails to describe any structure for performing the said coupling function nor does the disclosure does not provide sufficient details regarding the structure for performing the “configured to interrogate”. Therefore, claim 12 is indefinite and is rejected under 35 U.S.C. 112(b) or pre-AIA  35 U.S.C. 112, second paragraph.

           Claim 13 cites a forensic module is configured to provide access which invokes 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. However, the written description fails to disclose the corresponding structure, material, or acts for performing the entire claimed function and to clearly link the structure, material, or acts to the function. The disclosure fails to describe any structure for performing the said coupling function nor does the disclosure does not provide sufficient details regarding the structure for performing the “configured to provide”. Therefore, claim 13 is indefinite and is rejected under 35 U.S.C. 112(b) or pre-AIA  35 U.S.C. 112, second paragraph.
configured to push access which invokes 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. However, the written description fails to disclose the corresponding structure, material, or acts for performing the entire claimed function and to clearly link the structure, material, or acts to the function. The disclosure fails to describe any structure for performing the said coupling function nor does the disclosure does not provide sufficient details regarding the structure for performing the “configured to push”. Therefore, claim 14 is indefinite and is rejected under 35 U.S.C. 112(b) or pre-AIA  35 U.S.C. 112, second paragraph.

Claim 15 cites the “failover functionality configured to replace which invokes 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. However, the written description fails to disclose the corresponding structure, material, or acts for performing the entire claimed function and to clearly link the structure, material, or acts to the function. The disclosure fails to describe any structure for performing the said coupling function nor does the disclosure does not provide sufficient details regarding the structure for performing the “configured to replace”. Therefore, claim 15 is indefinite and is rejected under 35 U.S.C. 112(b) or pre-AIA  35 U.S.C. 112, second paragraph.

Claim 16 cites the configuring the failover component to implement which invokes 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. However, the written description fails to disclose the corresponding structure, material, or acts for performing the entire claimed function and to clearly link the structure, material, or acts to the function. The disclosure fails to describe any structure for performing the said coupling function nor does the disclosure does not provide sufficient details regarding the structure for performing the “component to implement”. Therefore, claim 16 is indefinite and is rejected under 35 U.S.C. 112(b) or pre-AIA  35 U.S.C. 112, second paragraph.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claims 1-3, 11-14, 17-20, 27-33, and 35-46 are rejected under 35 U.S.C. 103 as being unpatentable over Mulder; John et al, US 9032522 B1 May 12, 2015 hereafter referred to as Mulder in view of Ricci; Christopher P., US 20130145482 A1, June 6, 2013 hereafter referred to as Ricci.

           As to claim 1, Mulder teaches a security device – Mulder [column 3, lines 66-68] … Devices 140A-140N can be any device associated with an operation controlled/monitored by controller 110.  Here, the claimed ‘security device’ is taught by Mulder as ‘controller 110’ protecting against malicious activity as illustrated in Figure 1), comprising:
          a component manager configured to be deployed at a coupling between an integration device of a control system and a component of the control system - Mulder [column 4, lines 7-13] Located in conjunction with controller 110 and backplane 130 is capture component 120. Capture component 120 can be utilized to capture data, information, a command, a command instruction, traffic, a control signal, … being conveyed across backplane 130 (e.g., between controller 110 and any of devices 140A-140N)  Here, the claimed ‘component manager’ is taught by Mulder as ‘capture component 120’ whereas the claimed ‘coupling’ is taught by Mulder as ‘in conjunction’ illustrated as a nodal interface to the backplane.  The claimed ‘integration device’ is taught by Mulder as ‘backplane 130’ because the backplane comprising:
                a first coupler configured to couple with an integration device of the control system - Mulder [column 5, lines 13-20] … while FIG. 1 illustrates capture component 120 being located between controller 110 and backplane 130, in a configuration, backplane 130 can be a shared backplane whereby a capture component (e.g., capture component 120A) can be connected to backplane 130 and capture control data (e.g., command instruction 196) being transmitted between a controller (e.g., controller 110A) connected directly to the backplane 130.  Here, the claimed ‘first coupler’ is taught by Mulder as ‘capture component 120’ since it is the first coupling designated in system 100), and
                 a second coupler configured to couple with the component whereby - Mulder [column 5, lines 24-29] command instruction 196 or return data 196A from the device to controller 110A can be captured by capture component 120A. Command instruction 196 and/or return data 196A can be replicated at capture component 120A and forwarded as data 196B to analysis system 150. Here, the claimed ‘second coupler’ is taught by Mulder as ‘capture component 120A’ since it is an additional coupling designated in system 100);
                 a forensic module configured to provide access to diagnostic data pertaining to the component while the component is isolated from the control system – Mulder [column 10, lines 33-32] …capture component 120 (or capture component 120A) and/or analyzer system 150 can operate in a forensic manner.   MULDER DOES NOT TEACH a security engine configured to isolate the component from the control system in response to detection of an anomaly pertaining to the component, HOWEVER IN AN ART DIRECTED TO THE PARTICULAR PROBLEM TO BE SOLVED RICCI TEACHES
           a security engine configured to isolate the component from the control system in response to detection of an anomaly pertaining to the component – Ricci [0025] a network security module to isolate a component encountering a security breach and/or isolate a primary processing module from one or more other components in a local vehicle network; and 
            wherein isolating the component comprises interrupting the coupling between the integration device and the component – Ricci [0149] A heath check module 2008 performs checks or tests, in response to internally generated interrupts or requests from the other processing module, its ability to perform both critical and non-critical tasks).  Thus, it would have been recognized by one of ordinary skill in the art before the effective filing date of the claimed invention that applying the known technique isolation and inspect taught by Ricci to controller 110 of Mulder would have yielded predicable results and resulted in an improved controller, namely, a controller that already can remove memory but now can isolate and diagnose a component provided by the “technique” of Ricci). 

           As to claim 2, the combination of Mulder and Ricci teaches the security device of claim 1, further comprising:
           a communication manager configured to selectively couple the component to communication services provided through the coupling between the integration device and the component - Mulder [column 4, lines 7-13] Located in conjunction with controller 110 and backplane 130 is capture component 120. Capture component 120 can be utilized to capture data, information, a command, a command instruction, traffic, a control signal, … being conveyed across backplane 130 (e.g., between controller 110 and any of devices 140A-140N).  Here, the claimed ‘component manager’ is taught by Mulder as ‘capture component 120’);
           wherein isolating the component from the control system comprises decoupling the component from the communication services - Mulder [column 11, lines 39-43] Further, a removable memory 450 can be incorporated into capture component 120 to facilitate storage of any of baseline data 440A-440N and captured data 445A-445N, whereby memory 450 can be subsequently removed, e.g., as part of a diagnostic operation).

              As to claim 3, the combination of Mulder and Ricci teaches the security device of claim 2, further comprising:
            a power manager configured to selectively couple the component to power supplied through the coupling between the integration device and the component - Mulder [column 15, lines 13-16] any suitable system for providing power to the various components comprising configuration 800, for example a power supply 895 can be incorporated into the PLC chassis 810);
wherein isolating the component from the control system further comprises decoupling the component from power - Mulder [column 11, lines 39-44] Further, a removable memory 450 can be incorporated into capture component 120 to facilitate storage of any of baseline data 440A-440N and captured data 445A-445N, whereby memory 450 can be subsequently removed, e.g., as part of a diagnostic operation).

Claims 4-10 (cancelled)

          As to claim 11, the combination of Mulder and Ricci teaches the security device of claim 10, wherein:
      isolating the component from the control system comprises the component manager  
           maintaining connections by which power is supplied to the component through the integration device while blocking one or more communication interfaces of the component - Ricci [0252] In decision diamond 2408, the network controller 1528 determines whether or not the computational devices impacted or potentially impacted by the security breach can be isolated from other vehicular network components or whether the active processing module can be isolated from other non-critical computational components … For components in the vehicular wireless network, communications to and from the affected components, which normally do not pass through the gateway/firewall, can be redirected through and filtered by the gateway/firewall or, depending on the criticality of the affected component(s), such communications can be blocked.  Here, the claimed ‘component manager’ is taught by Ricci as ‘network controller 1528‘which is part of the Gateway firewall 1512 depicted in Figure 15 and preamble at the cited location above.  The claimed ‘power is supplied’ is taught by Ricci as ‘redirected’ because although the component is isolated the redirection requires power to communicate the component processes which are blocked upon gateway/firewall); and
          the forensic module is configured to provide access to the diagnostic data pertaining to the component – Mulder [column 10, lines 32-34] …capture component 120 (or capture component 120A) and/or analyzer system 150 can operate in a forensic manner)  while the component is isolated from the control system – Mulder [column 11, lines 33-34] Capture component 120 can further include a processor 390 which can be configured to execute instructions stored in datastore 440 (or other memory component.… Further, a removable memory 450 can be incorporated into capture component 120 to facilitate storage of any of baseline data 440A-440N and captured data 445A-445N, whereby memory 450 can be subsequently removed, e.g., as part of a diagnostic operation). To provide isolation and analysis of a device while powered on to the Controller 110 of  Mulder would have been obvious to one of ordinary skill in the art, in view of the teachings of Ricci, since all the claimed elements were known in the prior art and one skilled in the art could have combined the elements as claimed by known methods of providing residual power supply for analysis of isolated objects with no change in their respective functions, and the combination would have yielded nothing more than predictable results to one of ordinary skill in the art before the effective filing date of the claimed invention, i.e., one skilled in the art would have recognized that the failsafe feature used in Ricci would allow the the controller of Mulder to block the device from mainstream processing while enabling analysis of the device using residual power provided by Ricci).

               As to claim 12, the combination of Mulder and Ricci teaches the security device of claim 11, wherein the forensic module is further configured to interrogate the component through the second coupler of the component manager - Mulder [column 5, lines 24-29] command instruction 196 or return data 196A from the device to controller 110A can be captured by capture component 120A. Command instruction 196 and/or return data 196A can be replicated at capture component 120A and forwarded as data 196B to analysis system 150. Here, the claimed ‘second coupler’ is taught by Mulder as ‘capture component 120A’ since it is an additional coupling designated in system 100).

               As to claim 13 the combination of Mulder and Ricci teaches the security device of claim 11, wherein the forensic module is further configured to provide access to diagnostic data pertaining to the component through a forensics application programming interface (API) - Mulder [column 8, lines 25-30] … analysis can include parsing of the backplane data, displaying the backplane data (e.g., on a display associated with analyzer system 150), enabling an operator to filter the backplane data based on such techniques as sub-module addressing, message type, data conversation between devices). Here, the claimed ‘API’ is taught by Mulder as ‘display associated with analyzer system’ since it is an additional coupling designated in system 100).

              As to claim 14 the combination of Mulder and Ricci teaches the security device of claim 11, wherein the forensic module is further configured to push configuration data to the component through a recovery application programming interface (API) - Mulder [column9, lines 36-54] Analyzer system 150 can further include an update component 370. In a typical process of operation the control commands, instructions, machine settings, etc., for which one or more devices included in an automation environment are to operate may not change for a considerable amount of time … However, one or more of the devices may require an adjustment in operation …  Accordingly, controller 110 can be configured to subsequently issue a command instruction 190 which includes the new holding temperature). 


                As to claim 17, Mulder teaches the method for control system security, comprising: establishing electrical connections between a component of a control system and an integration device of the control system by a component security device, the electrical connections configured to couple the component to one or more services provided by the integration device - Mulder [column 2, lines 24-25] the communication being via a backplane connecting the controller with the at least one device. Here, the claimed ‘establishing’ is taught by Mulder as ‘connecting’ whereas the claimed ‘component’ is taught by Mulder as ‘device’. The claimed ‘integration device’ is taught by Mulder as ‘backplane’ whereas the claimed ‘one or more services’ is taught by Mulder as ‘communication’ because the backplane provides a communication service via a common plane to integrate component processes), and implementing one or more mitigation actions at the component security device in response to detection an anomaly pertaining to the component – Mulder [column 11, lines  58-65] analyzer component 330 of analyzer system 150 can receive an instruction to prevent data of a known configuration (e.g., data associated with a known malicious attack) from being transmitted from controller 110 across the control system 100. Hence, upon receipt of data having the identified configuration, the data can be captured by intrusion component 470 prior to transmission across process control system 100) , the mitigation actions comprising: isolating the component from one or more of the services provided by the integration device, and providing access to diagnostic data pertaining to the component while isolating the component from the one or more services provided by the integration device – Mulder [column 11, lines  39-44]  … a removable memory 450 can be incorporated into capture component 120 to facilitate storage of any of baseline data 440A-440N and captured data 445A-445N, whereby memory 450 can be subsequently removed, e.g., as part of a diagnostic operation. WHILE MULDER SUGGESTS isolating the component from one or more of the services provided by the integration device RICCI TEACHES isolating the component from one or more of the services provided by the integration device – Ricci [0025] a network security module to isolate a component encountering a security breach and/or isolate a primary processing module from one or more other components in a local vehicle network.  The rationale to consider Ricci feature with Mulder in claim 1 applies here in claim 17).

             As to claim 18, the combination of Mulder and Ricci teaches the method of claim 17, further comprising implementing the one or more mitigation actions at the component security device in response to receiving a security command pertaining to the component at the component security device - Mulder [column 11, lines  58-65] … analyzer component 330 of analyzer system 150 can receive an instruction to prevent data of a known configuration (e.g., data associated with a known malicious attack) from being transmitted from controller 110 across the control system 100). 

             As to claim 19, the combination of Mulder and Ricci teaches the method of claim 17, wherein the isolating comprises disconnecting the component from one or more of: an electronic communication network, an upstream communication interface, a downstream communication interface, outbound network communication, and inbound network communication  – Mulder [column 11, lines  33-43] Capture component 120 can further include a processor 390 which can be configured to execute instructions stored in datastore 440 (or other memory component.… Further, a removable memory 450 can be incorporated into capture component 120 to facilitate storage of any of baseline data 440A-440N and captured data 445A-445N, whereby memory 450 can be subsequently removed, e.g., as part of a diagnostic operation). Here, the claimed ‘disconnecting’ is taught by Mulder as ‘removed’ because removing memory 450 disconnects the medium from the system).

            As to claim 20, the combination of Mulder and Ricci teaches the method of claim 17, wherein the isolating comprises:
           disconnecting communication couplings of the component from communication couplings of the integration device; and maintaining a connection between the communication couplings of the component and communication couplings of the component security device – Mulder [column 11, lines 39-43] … Further, a removable memory 450 can be incorporated into capture component 120 to facilitate storage of any of baseline data 440A-440N and captured data 445A-445N, whereby memory 450 can be subsequently removed, e.g., as part of a diagnostic operation). Here, the claimed ‘disconnecting’ is taught by Mulder as ‘removed’ because removing memory 450 disconnects the medium from the system.  The claimed ‘maintaining…connections’ is taught by Mulder as ‘incorporated into capture component 120’ because although the memory is removed the fact that its program is embedded into the capture component 120 does not remove the connections or interfaces because data is agnostic to the program being interfaced).

 Claims 21-26. (Canceled)

            As to claim 27, the combination of Mulder and Ricci teaches the method of claim 17, wherein implementing the one or more mitigation actions further comprises:
            blocking communication by the component at the component security device, while maintaining power to the component – Mulder [column 11, lines 23-32] Further, an alarm notification can be forwarded to controller 110 to indicate to controller 110 that an associated process (e.g., operation of controller 110, operation of any of devices 140A-N, etc.) is deemed to have been compromised and appropriate action is to be implemented. Such action can be of any suitable type such as putting one or more devices associated with process control configuration 100 into a `safe` operating mode, terminating operation of the one or more devices, terminating the process, etc);
            retrieving the diagnostic data from the component through electrical connections maintained between the component security device and the component – Mulder [column 13, lines 34-40] The operational data can be intercepted by the capture component, while the operational data can be forwarded onto the receiving device, a copy of the operational data can be generated by the capture component and forwarded to the analyzer system); and
providing access to the diagnostic data through an electronic communication network – Mulder [column 12, lines 56-62] At 530, an analyzer system can be incorporated into the process control system, whereby the analyzer system can be utilized to review, and further diagnose, data being transmitted between components associated with the backplane. In an embodiment, the analyzer system can be connected directly to the capture component to facilitate communication of data there between).

           As to claim 28, the combination of Mulder and Ricci teaches the method of claim 27, further comprising providing access to the diagnostic data by use of communication services supplied through electrical connections between the component security device and the integration device - Mulder [column 12, lines 56-62] At 530, an analyzer system can be incorporated into the process control system, whereby the analyzer system can be utilized to review, and further diagnose, data being transmitted between components associated with the backplane. In an embodiment, the analyzer system can be connected directly to the capture component to facilitate communication of data there between).

            As to claim 29, the combination of Mulder and Ricci teaches the method of claim 27, further comprising providing access to the diagnostic data through a communication interface of the component security device, the communication interface configured to couple the component security device to a secondary electronic communication network, the secondary electronic communication network separate from a primary electronic communication network of the integration device – Mulder [column 5, lines 36-46] Further, while the various embodiments presented herein relate to capturing command instructions and/or data being conveyed by backplane 130, the various concepts can be extended to include capturing and analyzing command instructions and/or data being conveyed to a controller 110 and/or any device 140A-N via network 175. Any command instruction and/or data being conveyed via network 175 can be transmitted in conjunction with a network component 198, where network component 178 can be connected directly to backplane 130 (e.g., via a slot in a chassis associated with backplane 130) or network component 178 can be remotely connected). 

              As to claim 30, the combination of Mulder and Ricci teaches the method of claim 27, further comprising providing access to the diagnostic data through an application programming interface (API) - Mulder [column 8, lines 25-30] Further, analysis can include parsing of the backplane data, displaying the backplane data (e.g., on a display associated with analyzer system 150), enabling an operator to filter the backplane data based on such techniques as sub-module addressing, message type, data conversation between devices, etc. Here, the claimed ‘API’ is taught by Mulder as ‘displaying the backplane data’ because the 

            As to claim 31, the combination of Mulder and Ricci teaches the method of claim 27, further comprising transferring configuration data to the component through the electrical connections maintained between the component security device and the component – Mulder [column 5, lines 41-47] Any command instruction and/or data being conveyed via network 175 can be transmitted in conjunction with a network component 198, where network component 178 can be connected directly to backplane 130 (e.g., via a slot in a chassis associated with backplane 130) or network component 178 can be remotely connected). 

             As to claim 32, the combination of Mulder and Ricci teaches the method of claim 31, further comprising transferring the configuration data to the component in response to a request submitted through an application programming interface of the component security device – Mulder [column 11, lines 58-65] For example, analyzer component 330 of analyzer system 150 can receive an instruction to prevent data of a known configuration (e.g., data associated with a known malicious attack) from being transmitted from controller 110 across the control system 100. Hence, upon receipt of data having the identified configuration, the data can be captured by intrusion component 470 prior to transmission across process control system 100). 

            As to claim 33, claim 33 is a method that is directed to the security device of claim 15.  Therefore claim 33 is rejected for the reasons as set forth in claim 15.          

             As to claim 35, the combination of Mulder and Ricci teaches the method of claim 33, wherein implementing the failover functionality further comprises establishing electrical connections between a failover component and the integration device – Yang [0092] Another reconfiguration event example may be detection of a device failure to trigger a failover reconfiguration, among other examples. The circumstances of the event (e.g., a device failure, new device on the network, etc.) may be detected by the registrar device 270 and reported 1110 to the GA device 1115), the failover component configured to implement the failover functionality in response to being coupled to the control system through the integration device – Yang [0092] …The GA device 1115 may respond to the reconfiguration event with a request 1115 for more information concerning the availability of devices on the network that may be added to the IoT system to address the reconfiguration event). 

             As to claim 36, claim 36 is a non-transitory computer-readable storage medium that is directed to the method of claim 17.  Therefore, claim 36 is rejected for the reasons as set forth in claim 17.

             As to claim 37, claim 37 is a non-transitory computer-readable storage medium that is directed to the method of claim 18.  Therefore, claim 37 is rejected for the reasons as set forth in claim 18.

             As to claim 38, claim 38 is a non-transitory computer-readable storage medium that is directed to the method of claim 19.  Therefore, claim 38 is rejected for the reasons as set forth in claim 19.

            As to claim 39, claim 39 is a non-transitory computer-readable storage medium that is directed to the method of claim 20.  Therefore, claim 39 is rejected for the reasons as set forth in claim 20.

           As to claim 40, claim 40 is a non-transitory computer-readable storage medium that is directed to the method of claim 27.  Therefore, claim 40 is rejected for the reasons as set forth in claim 27.

           As to claim 41, claim 41 is a non-transitory computer-readable storage medium that is directed to the method of claim 28.  Therefore, claim 41 is rejected for the reasons as set forth in claim 28.

          As to claim 42, claim 42 is a non-transitory computer-readable storage medium that is directed to the method of claim 29.  Therefore, claim 42 is rejected for the reasons as set forth in claim 29.

          As to claim 43, claim 43 is a non-transitory computer-readable storage medium that is directed to the method of claim 30.  Therefore, claim 43 is rejected for the reasons as set forth in claim 30.

           As to claim 44, claim 44 is a non-transitory computer-readable storage medium that is directed to the method of claim 31.  Therefore, claim 44 is rejected for the reasons as set forth in claim 31.

           As to claim 45 is a non-transitory computer-readable storage medium that is directed to the method of claim 15.  Therefore, claim 45 is rejected for the reasons as set forth in claim 15.

          As to claim 46, claim 46 is a non-transitory computer-readable storage medium that is directed to the method of claim 35.  Therefore, claim 46 is rejected for the reasons as set forth in claim 35.

Claims 15-16 and 34 are rejected under 35 U.S.C. 103 as being unpatentable over Mulder and Ricci in view of Yang; Shao-Wen et al, US 20190296967 A1, September 26, 2019 hereafter referred to as Yang.

             As to claim 15 the combination of Mulder and Ricci teaches the security device of claim 1.  THE COMBINATION OF MULDER AND RICCI DO NOT TEACH further comprising processing resources configured to implement failover functionality in response to isolating the component from the control system, the failover functionality configured to replace functionality implemented by the component within the control system, the failover functionality further configured to replace one or more of: input functionality, control functionality, output functionality, input/output functionality, and communication functionality, HOWEVER IN AN ANALGOUS ART THAT IS DIRECTED TO THE SAME FIELD OF ENDEAVOR YANG TEACHES further comprising processing resources configured to implement failover functionality in response to isolating the component from the control system – Yang [0042] asset discovery and abstraction can allow failover events to be dealt with automatically, by identifying new or substitute devices with functional characteristics to stand in for other devices (e.g., in a group or IoT network) that have been detected as malfunctioning, disabled, or otherwise unavailable.  Here, the claimed ‘failover functionality’ is taught by Yang as ‘abstraction’ because the function of failover require replacement or abstracting the element out of the baseline), the failover functionality configured to replace functionality implemented by the component within the control system - Yang [0050] The configuration manager 245 can also identify faults and errors with devices provisioned in an IoT system and perform failover tasks to identify potential substitute devices (detected by asset discovery module 225) and initiating the replacement of the failed device with the substitute device, among other instances.  Here. the claimed ‘replace’ is taught by Yang as ‘substitute’ because , the failover functionality further configured to replace one or more of: input functionality, control functionality, output functionality, input/output functionality, and communication functionality – Yang [0042]  … Additionally, asset discovery and abstraction can allow failover events to be dealt with automatically, by identifying new or substitute devices with functional characteristics to stand in for other devices (e.g., in a group or IoT network) that have been detected as malfunctioning, disabled, or otherwise unavailable. Thus, it would have been recognized by one of ordinary skill in the art before the effective filing date of the claimed invention that applying the known technique isolation and inspect taught by Ricci to controller 110 of Mulder would have yielded predicable results and resulted in an improved controller, namely, a controller that already can remove memory but now can isolate and diagnose a component provided by the “technique” of Ricci). 

             As to claim 16, the combination of Mulder, Ricci and Yang teaches the security device of claim 1, further comprising a failover component configured to implement failover functionality corresponding to functionality implemented by the component wherein isolating the component from the control system further comprises: the component manager coupling the failover component to the integration device – Yang [0046] A system manager 215 can also include an asset abstraction module 230. An asset abstraction module 230 can recognize defined mappings between specific IoT devices or, more generally, specific functionality that may be included in any one of a variety of present or future IoT devices with a collection of defined taxonomies, or asset abstractions for the devices. Here, the claimed  ‘failover functionality’ is taught by Yang as ‘abstraction module 230’ whereas the claimed ‘coupling’ is taught by Yang as ‘mapping’ and the claimed ‘failover component’ is taught by Yang as ‘specific functionality’ because the functionality conveys a taxonomy that is specific to the action/device capability), and the security engine configuring the failover component to implement the failover functionality corresponding to the functionality implemented by the component – Yang [0052]  A security engine 260 may operate in tandem with the enrollment engine 250 and provide functionality for storing, managing, and using authentication data (e.g., encryption keys, certificates, and other crypto data) to establish trusted relationships between the enrollment manager 250 (and its host system) and one or more assets (e.g., 105a-c) to be included in a particular group, or secure domain, managed by the enrollment manager 250)  Here, the claimed ‘configuring the failover component’ is taught by Yang ‘operate in tandem’ because Yang says the Host 205 may utilize any of the modules for identifying and managing the functionality of the Assets illustrated in Figure 2).

           As to claim 34, the combination of Mulder and Ricci teaches the method of claim 33.  THE COMBINATION OF MULDER AND RICCI DO NOT TEACH wherein the failover functionality comprises one or more of input functionality, control functionality, output functionality, input/output functionality, and communication functionality, HOWEVER IN AN ANALAGOUS ART THAT IS DIRECTED TO THE SAME FIELD OF ENDEAVOR YANG TEACHES wherein the failover functionality comprises one or more of input functionality, control functionality, output functionality, input/output functionality, and communication functionality – Yang [0050] The configuration manager 245 can also identify faults and errors with devices provisioned in an IoT system and perform failover tasks to identify potential substitute devices (detected by asset discovery module 225) and initiating the replacement of the failed device with the substitute device, among other instances).

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to WILLIAM B. JONES whose telephone number is (571) 272-9637.  The examiner can normally be reached on Mon - Fri., 7:00 a.m. to 3:00 p.m.  If attempts to reach the examiner by telephone are 
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
 /WILLIAM B JONES/Examiner, Art Unit 249103/18/2022


/ALEXANDER LAGOR/Primary Examiner, Art Unit 2491