Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This action is responsive the application filed September 22, 2020.  Claims 1-20 are pending.

Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.

Claim 10 is rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the enablement requirement.  The claim(s) contains subject matter which was not described in the specification in such a way as to enable one skilled in the art to which it pertains, or with which it is most nearly connected, to make and/or use the invention. The specification does not describe in any way the IT communication protocol.

The following is a quotation of 35 U.S.C. 112(b):



The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-8 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claim 1 recites the limitation "the second computing node" in the sixth limitation.  There is insufficient antecedent basis for this limitation in the claim.

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.



Claims 1-20 are rejected under 35 U.S.C. 102 (a)(1) as being anticipated by Zeng et al. United States Patent Application Publication No.  2020/0249928

As per claim 1, Zeng teaches A system, comprising:
a plurality of control systems for controlling a plurality of operations of a plurality of operational technology (OT) devices [automated patching of computer related systems of companies (pp 0019-0020); computing system includes various machines (pp 0030); patch management component (pp 0032)];
a first computing node of a cluster of computing nodes that are part of a container orchestration system, wherein the first computing node is configured to: receive update data for a first control system of the plurality of control systems, a first OT device of the plurality of OT devices, or both, wherein the first control system, the first OT device, or both are configured to perform one or more operations, wherein the update data is configured to update one or more software components being executed by the first control system, the first OT device, or both [managing patches in a hybrid computing environment (pp 0026, 0038)];
retrieve a plurality of machine state datasets from the plurality of control systems via a portion of the cluster of computing nodes, wherein each of the plurality of machine state datasets correspond to an operational state associated with each of the plurality of control systems, each of the plurality of OT devices, or both [determine workload dependencies (pp 0046-0047)];

store a first pod in a first filesystem accessible to the second computing node, wherein the first pod is configured to cause the second computing node to halt the one or more operations [pod comprises containers, workload can be taken down for patching (pp 0038); stopping resources (pp 0066, 0126); pmc contains patches (pp 0079-0081)].
store a second pod in a second filesystem accessible to a third computing node associated with the second control system, wherein the second pod is configured to cause the third computing node to perform the one or more operations via the second control system, a second OT device associated with the second control system, or both [rolling patching(pp 0038-0040)].  

As per claim 2, Zeng teaches the system of claim 1, wherein the first computing node is configured to coordinate an automatic process for managing or scheduling deployment of a plurality of containers for execution across the plurality of control systems via the cluster of computing nodes [patch management component runs the patch execution component which manages the replication controller (pp 0038)]].  

As per claim 3, Zeng teaches the system of claim 2, wherein each of the plurality of containers comprises one or more applications and one or more runtime dependencies 

As per claim 4, Zeng teaches the system of claim 1, wherein the first control system, the first OT device, or both is configured to update the one or more software components using the update data while the first control system, the first OT device, or both are offline [patch while offline (pp 0026-0029)].  

As per claim 5, Zeng teaches the system of claim 1, wherein the first computing node is configured to identify the second control system as the suitable host based on the plurality of machine state datasets as compared to a plurality of desired machine states [monitor network to determine dependencies (pp 0045-0046, pp0066)].  

As per claim 6, Zeng teaches the system of claim 1, wherein the second control system, the second OT device, or both correspond to a redundant control system, a redundant OT device, or both for performing the one or more operations [dependency of items of the same type (pp 0045)].  

As per claim 7, Zeng teaches the system of claim 1, wherein the first computing node is configured to transmit the first pod and the second pod during a run-time environment [patches can be patched while online (pp 0041, 0044, 0047)].  


As per claim 9, Zeng teaches method, comprising: receiving, via a first computing node of a cluster of computing nodes in a container orchestration system, a first pod from a second computing node in the cluster of computing nodes; retrieving, via the first computing node, a first image file comprising a first set of containers from a registry based on the first pod, wherein the first pod comprises an indication of a location of the first image file in the registry, and wherein the first set of containers is configured to cause a control system of a plurality of control systems to halt one or more operations [pod comprises containers, workload can be taken down for patching (pp 0038); stopping resources (pp 0066, 0126)];
generating, via the first computing node, a first package based on the first set of containers; storing, via the first computing node, the first package in a filesystem shared with the control system [pmc contains patches (pp 0079-0081)];
receiving, via the first computing node, a second pod from the second computing node; retrieving, via the first computing node, a second image file comprising a second set of containers from the registry based on the second pod, wherein the second pod comprises a second indication of a second location of the second image file in the registry, and wherein the second set of containers is configured to cause the control system to update one or more software components [managing patches in a hybrid computing environment (pp 0026, 0038)];

storing, via the first computing node, the second package in the filesystem [rolling patching(pp 0038-0040)].

As per claim 10, Zeng teaches the method of claim 9, comprising sending the first package and the second package directly to the control system via an operational technology (OT) communication protocol [different types of formations allowed in system (pp 0114-0115)].   

As per claim 11, Zeng teaches the method of claim 10, wherein the first pod and the second pod are received via an information technology (IT) communication protocol [different types of formations allowed in system (pp 0114-0115)].   

As per claim 12, Zeng teaches the method of claim 9, comprising: receiving, via the first computing node, a third pod from the second computing node after the one or more software components are updated; retrieving, via the first computing node, a third image file comprising a third set of containers from the registry based on the third pod, wherein the third pod comprises a third indication of a third location of the third image file in the registry, and wherein the third set of containers is configured to cause the control system to resume the one or more operations; generating, via the first computing node, a third package based on the 

As per claim 13, Zeng teaches the method of claim 12, comprising sending machine state data associated with the control system, an operational technology (OT) device communicatively coupled to the control system, or both to the second computing node before receiving the third pod [PMC sends patches in pods to workloads to update (pp 0038, 0054-0056)].  

As per claim 14, Zeng teaches the method of claim 9, wherein the one or more operations are being performed by the control system, an operational technology (OT) device communicatively coupled to the control system, or both [PMC perform patching (pp 0026)].  

15. The method of claim 9, comprising sending the package directly to the control system while the control system is operating in a run-time environment [patches can be patched while online (pp 0041, 0044, 0047)].  

Claim 16 is rejected under the same rationale as claim 1 as it does not further limit or define over the claim.

As per claim 17, Zeng teaches the non-transitory computer-readable medium of claim 16, wherein each of the plurality of machine state datasets correspond to an amount of computing resources available on a respective control system of the plurality of control systems [vulnerability scores (pp 0046-0050)].  

As per claim 18, Zeng teaches the non-transitory computer-readable medium of claim 16, wherein the computer-executable instructions are configured to cause the processor to perform operations comprising generating and storing a third pod in the first filesystem, wherein the third pod is configured to cause the first computing node to update the one or more software components [container pods used for patching (pp 0054); third and second patches, patches applied to different first, second and third workloads (pp 0055-0056)].  



As per claim 20, Zeng teaches the non-transitory computer-readable medium of claim 19, wherein the computer-executable instructions are configured to cause the processor to perform operations comprising generating and storing a fifth pod in the first filesystem, wherein the fifth pod is configured to cause the first computing node to resume the one or more operations [container pods used for patching (pp 0054); third and second patches, patches applied to different first, second and third workloads (pp 0055-0056)].  

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure is noted in PTO-892.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to UZMA ALAM whose telephone number is (571)272-3995. The examiner can normally be reached Monday - Friday 9am - 5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ario Etienne can be reached on 571-272-4001. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

UZMA . ALAM
Primary Examiner
Art Unit 2457



/UZMA ALAM/Primary Examiner, Art Unit 2457