DETAILED ACTION
The following claims are pending in this office action: 1-20
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Drawings
The drawings filed on 05/14/2020 is accepted.  
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 06/02/2020 has been considered.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, an initialed and dated copy of Applicant’s IDS form 1449 filed 06/02/2020 is attached to the instant Office action. 
Claim Objections
Claims 6, 13, and 19 are objected to because of the following informalities:
Claims 6, 13 and 19 recites the limitation “changed clock frequency (Fclk)/supply voltage (Vdd)” (claim 6, ln. 2-3; claim 13, ln. 4, and claim 19, ln. 2-3). It is unclear whether applicant is referring to “detected change of a clock frequency (Fclk)/supply voltage (Vdd) of the CPUSS hardware” (claim 1, ln. 4-5; claim 8, ln. 5-6; and claim 15, ln. 6-7).  If so, examiner suggests “changed clock frequency (Fclk)/supply voltage (Vdd)” to be “the changed… “ similar to claim 3, ln. 3.  
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-4, 6, 8-11, 13, and 15-17, and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Bowman et al. (US Patent No. 9,413,344) (hereinafter “Bowman”) included in the IDS dated 06/02/2020, in view of Lentz et al. (US Pub. 2020/0402929) (hereinafter “Lentz”), and in view of Koay et al. (US Pub. 2019/0138754) (hereinafter “Koay”).

As per claim 1, Bowman teaches a method to prevent a malicious attack on CPU subsystem (CPUSS) hardware, comprising: auto-calibrating tunable delay elements of a dynamic variation monitor (DVM) ([Bowman, Fig. 7, col. 13, ln. 1-6; col. 13, ln. 49-52] the circuit initiates automatic calibration by adding timing margin to the tunable delay path elements of the dynamic variation monitor) using an auto-calibration value computed ([col. 13, 32-44)] after placing the clocked circuit in a safe mode, the system tunes the timing margin of the dynamic variation monitor to produce a tunable delay path delay [an auto-calibration value]; this automatic calibration design observes the voltage droop indication signal generated by the dynamic variation monitor to guide the delay-path settings to determine the calibration point for a zero margin additional delay) in response to each detected change of a clock frequency (Fclk)/supply voltage (Vdd) of the CPUSS hardware; ([Fig. 3; col. 10, ln. 38-67; col. 11, ln. 1-37)] a change of a clock frequency of the CPUSS hardware is detected which indicates voltage drop of the CPUSS hardware and triggers an auto-calibration/adaptive response procedure)
Bowman does not teach comparing the auto-calibration value with a threshold reference calibration value to determine whether the malicious attack is detected; 
However, Lentz teaches comparing the auto-calibration value ([Lentz, para. 0014; para. 0015] a voltage glitch attack causes a local supply voltage drop, which causes a delay in the element; the delay is an auto-calibration value that is filtered out so that no error response or reaction is generated and corresponds to the tunable delay-path delay of Bowman) with a threshold reference calibration value ([para. 0040; para. 0042] the delay is converted to numerical form, and compared with a computed min/max margin [threshold] reference value [reference value]; [para. 0028] the margin may be adapted [calibrated] to different profiles) to determine whether the malicious attack is detected; ([para. 0042] if the numerical measurement exceeds the min/max margin, an error output signal is generated [an indication of a malicious attack – see para. 0015])
It would have been obvious before the effective filing date of the claimed invention for one of ordinary skill in the art to have modified the elements disclosed by Bowman with the teachings of Lentz to include comparing the auto-calibration value with a threshold reference calibration value to determine whether the malicious attack is detected.  One of ordinary skill in the art would have been motivated to make this modification because by using reference handling with a threshold reference, the SoC device (a CPUSS) can be protected against noisy environment by filtering or removing glitches introduced from noise on the input signals.  (Lentz, para. 0028)
Bowman in view of Lentz does not teach forcing a safe clock frequency (Fclk)/safe supply voltage (Vdd) to the CPUSS hardware when the malicious attack is detected.
However, Koay teaches forcing a safe clock frequency (Fclk)/safe supply voltage (Vdd) to the CPUSS hardware when the malicious attack is detected. ([Koay, para. 0021] in response to the comparator circuit detecting the supply voltage decreasing below the threshold voltage [a malicious attack, see para. 0003], the clock signal generation circuit reduces [forces] the frequency of the clock signal of a secure device [CPUSS hardware – see para. 0016], to a reduced frequency that allows circuits to store signals without setup, hold, or timing violations [a safe clock frequency])
It would have been obvious before the effective filing date of the claimed invention for one of ordinary skill in the art to have modified the elements disclosed by Bowman in view of Lentz with the teachings of Koay to include forcing a safe clock frequency (Fclk)/safe supply voltage (Vdd) to the CPUSS hardware when the malicious attack is detected.  One of ordinary skill in the art would have been motivated to make this modification because this allows the hardware to continue functioning during a low supply voltage VCC caused by supply voltage noise or an attack.  (Koay, para. 0021)

As per claim 2, Bowman in view of Lentz and Koay teaches claim 1. 
Bowman in view of Koay does not teach triggering a secure interrupt to the CPUSS hardware when the malicious attack is detected.
However, Lentz teaches triggering a secure interrupt to the CPUSS hardware when the malicious attack is detected.  ([Lentz, para. 0042] the error output signal [when the malicious attack is detected -see para. 0015] is a latched error signal which is connected to interrupt input of the CPU [triggering a secure interrupt])
It would have been obvious before the effective filing date of the claimed invention for one of ordinary skill in the art to have modified the elements disclosed by Bowman in view of Koay with the teachings of Lentz to include triggering a secure interrupt to the CPUSS hardware when the malicious attack is detected. One of ordinary skill in the art would have been motivated to make this modification because such triggering a secure interrupt in combination with a glitch detector circuit allows for a security protection countermeasure that is used to block hacking techniques. (Lentz, para. 0003)

As per claim 3, Bowman in view of Lentz and Koay teaches claim 1.
Bowman also teaches adjusting the tunable delay elements of the DVM until a zero time margin is detected based on the changed clock frequency (Fclk)/supply voltage (Vdd); and ([Bowman, Fig. 7; col. 13, ln. 32-40] the tunable delay path delay is tuned until the timing margin is zero as detected by the dynamic variation monitor which detects the frequency of the clock which is converted to a clock period)
computing the auto-calibration value according to a value of the tunable delay elements of the DVM.  ([Bowman, Fig. 7; col. 13, ln. 40-44] the delay-path settings [tunable delay element] determines the calibration point for the tunable delay path delay [auto-calibration value])

As per claim 4, Bowman in view of Lentz and Koay teaches claim 3.
Bowman also teaches in which adjusting the tunable-delay elements of the DVM comprises programing a DVM input register ([Bowman, col. 10, ln. 10-29] The tunable path delay is configured to delay propagation of an input signal based on the programmable delay path input in the form of configuration bits [a DVM input register]) after each detected change of the clock frequency (Fclk)/supply voltage (Vdd) of the CPUSS hardware. ([Fig. 3; col. 10, ln. 38-67; col. 11, ln. 1-37)] a change of a clock frequency of the CPUSS hardware is detected which indicates voltage droop of the CPUSS hardware and triggers an auto-calibration/adaptive response procedure, adjusting the tunable-delay elements)

As per claim 6, Bowman in view of Lentz and Koay teaches claim 1.
Bowman in view of Koay does not teach selecting the threshold reference calibration value corresponding to changed clock frequency (Fclk)/supply voltage (Vdd); and detecting the malicious attack if the auto-calibration value is less than the threshold reference calibration value.
However, Lentz teaches selecting the threshold reference calibration value corresponding to changed clock frequency (Fclk)/supply voltage (Vdd); and ([Lentz, Fig.6; para. 0034-0035] the upper and lower adaptable margin reference values [threshold reference calibration values], which change over a moving reference window, are set to adjust to noise in the system including system noise, and changes in the application which include noise on a the clock/supply voltage line [see para. 0004])
detecting the malicious attack if the auto-calibration value is less than the threshold reference calibration value.  ([Lentz, para. 0042] if the numerical measurement [auto-calibration value – see para. 0014-0015] exceeds the adaptable margin reference values, an error output signal is generated [an indication of a malicious attack – see para. 0015])
It would have been obvious before the effective filing date of the claimed invention for one of ordinary skill in the art to combine the teachings of Bowman, Lentz, and Koay for the same reasons as disclosed above.  

As per claim 8, Bowman teaches a non-transitory computer-readable medium having program code recorded ([Bowman, col. 16, ln. 52-59] the program described is stored in hardware and may reside in RAM ROM and other computer readable medium) thereon to prevent a malicious attack on CPU subsystem (CPUSS) hardware ([col. 2, ln. 27-56] disclosed are methods for preventing voltage droop [a malicious attack on CPUSS hardware]), the program code being executed by a processor ([col. 16, ln. 15-32] the processor executes the program)
The program code performs the method of claim 1, has language that is identical or substantially similar to the method of claim 1, and thus the non-transitory computer-readable medium claim is rejected with the same rational applied against claim 1.  

As per claim 9, the claim language is identical or substantially similar to that of claim 3. Therefore, it is rejected under the same rationale applied to claim 2.

As per claim 10, the claim language is identical or substantially similar to that of claim 3. Therefore, it is rejected under the same rationale applied to claim 3.

As per claim 11, the claim language is identical or substantially similar to that of claim 4. Therefore, it is rejected under the same rationale applied to claim 4.

As per claim 13, the claim language is identical or substantially similar to that of claim 6. Therefore, it is rejected under the same rationale applied to claim 6.

As per claim 15, Bowman teaches a voltage-frequency security monitor (VFSM) to prevent a malicious attack on CPU Subsystem (CPUSS) hardware.  ([Bowman, col. 2, ln. 42-56] system detects and prevents the effects of voltage droop [a malicious attack on CPU Subsystem hardware])
The VFSM contains components and circuits described by the method of claim 1, has language that is identical or substantially similar to the method of claim 1, and is rejected with the same rational applied against claim 1.  

As per claim 16, the claim language is identical or substantially similar to that of claim 3. Therefore, it is rejected under the same rationale applied to claim 2.

As per claim 17, the claim language is identical or substantially similar to that of claim 3. Therefore, it is rejected under the same rationale applied to claim 3.

As per claim 19, the claim language is identical or substantially similar to that of claim 6. Therefore, it is rejected under the same rationale applied to claim 6.

Claims 5, 7, 12, 14, 18, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Bowman in view of Lentz and Koay as applied to claims 1, 4, 8, 11, and 15 above, and further in view of Rosay et al. (US Pub. 2020/0104537) (hereinafter “Rosay”).

As per claim 5, Bowman in view of Lentz and Koay teaches claim 4.
Bowman in view of Lentz and Koay does not teach in which the DVM input register is only accessible to trusted software.
However, Rosay teaches in which the DVM input register is only accessible to trusted software. ([Rosay, para. 0109] the non-secure environment calls on a secure environment [inaccessible without certification/only accessible to trusted software – see para. 0006] to change an operating point [a computational result transmitted for generating control signals for controlling the voltage and frequency - see para. 0075] and the secure environment issues the command to the chip SOC.  The operating point is the equivalent of the DVM input register as both are values stored in secure memory for controlling the voltage/frequency of the target circuit [see para. 0042, and para. 0045 of the instant application]) 
It would have been obvious before the effective filing date of the claimed invention for one of ordinary skill in the art to have modified the elements disclosed by Bowman in view of Lentz and Koay with the teachings of Rosay to include in which the DVM input register is only accessible to trusted software. One of ordinary skill in the art would have been motivated to make this modification because secure environments are able to define permitted operating points in accordance with each hardware implementation, in order to make it impossible to configure the power supply under conditions introducing a system malfunction.  (Rosay, para. 0028)

As per claim 7, Bowman in view of Lentz and Koay teaches claim 1.
Bowman also teaches measuring DVM reference calibration codes across a dynamic voltage-frequency scaling of the CPUSS hardware during testing of the CPUSS hardware. ([Bowman, col. 12, ln. 4-17] the tunable delay path is configured during testing of the hardware [CPUSS hardware – see col. 16, ln. 22-24] to operate across a wide range of clock frequencies, operating voltages, and temperature conditions [dynamic voltage-frequency scaling] to provide a unique set of calibration bits [DVM reference calibration codes])
Bowman in view of Koay does not teach computing the threshold reference calibration value for each of the measured DVM reference calibration codes; 
However, Lentz teaches computing the threshold reference calibration value for each of the measured DVM reference calibration codes; ([Lentz, para. 0028-0029; para. 0037] programmable margin settings for updating [calculating] the adaptable margin reference value [threshold reference calibration value] is determined.  The margin settings are determined by performing tests on the chip across a wide range to determine supply voltage noise [see para. 0003] and correspond to the measured DVM reference calibration codes.  Measured DVM reference calibration codes were taught by Bowman above)
It would have been obvious before the effective filing date of the claimed invention for one of ordinary skill in the art to have modified the elements disclosed by Bowman in view of Koay with the teachings of Lentz to include computing the threshold reference calibration value for each of the measured DVM reference calibration codes.  One of ordinary skill in the art would have been motivated to make this modification because by providing programable margin settings, the glitch detection sensitivity can be adapted to different kinds of noise profiles on different SoCs and applications, thereby guaranteeing the best detection rate for glitches while avoiding false positives.  (Lentz, para. 0028)
Bowman in view of Koay and Lentz does not teach storing the threshold reference calibration value in a secure storage area of the CPUSS hardware.
However, Rosay teaches storing the threshold reference calibration value in a secure storage area of the CPUSS hardware.  ([Rosay, Fig. 4B; para. 0081; para. 0084-0085] a curve is plotted showing the upper limit of the possible frequencies depending on the voltage [a threshold reference calibration value], used for scaling [calibrating] an REE instruction [see Fig. 3; para. 0096].  The threshold label representative of the curve is stored as a digital word in the TEE [see para. 0075, the secure instruction corresponds to an internal instruction of the secure execution environment].   A threshold reference calibration value for each of the measured DVM reference calibration codes was taught by the combination of Bowman, Koay and Lentz above) 
It would have been obvious before the effective filing date of the claimed invention for one of ordinary skill in the art to combine the teachings of Bowman, Koay, Lentz and Rosay for the same reasons as disclosed above.  

As per claim 12, the claim language is identical or substantially similar to that of claim 5. Therefore, it is rejected under the same rationale applied to claim 5.

As per claim 14, the claim language is identical or substantially similar to that of claim 7. Therefore, it is rejected under the same rationale applied to claim 7.

As per claim 18, Bowman in view of Lentz and Koay teaches claim 15.  
Bowman also teaches in which the DVM comprises a DVM input register ([Bowman, col. 10, ln. 10-29] The tunable path delay is configured to delay propagation of an input signal based on the programmable delay path input in the form of configuration bits [a DVM input register]) configured to store each detected change of the clock frequency (Fclk)/supply voltage (Vdd) of the CPUSS hardware. ([Fig. 3; col. 10, ln. 38-67; col. 11, ln. 1-37)] a change of a clock frequency of the CPUSS hardware is detected which indicates voltage droop of the CPUSS hardware and triggers an auto-calibration/adaptive response procedure, adjusting the tunable-delay elements)
Bowman in view of Lentz and Koay does not teach in which the DVM input register is only accessible to trusted software.  
However, Rosay teaches in which the DVM input register is only accessible to trusted software. ([Rosay, para. 0109] the non-secure environment calls on a secure environment [inaccessible without certification/only accessible to trusted software – see para. 0006] to change an operating point [a computational result transmitted for generating control signals for controlling the voltage and frequency - see para. 0075] and the secure environment issues the command to the chip SOC.  The operating point is the equivalent of the DVM input register as both are values stored in secure memory for controlling the voltage/frequency of the target circuit [see para. 0042, and para. 0045 of the instant application]) 
It would have been obvious before the effective filing date of the claimed invention for one of ordinary skill in the art to combine the teachings of Bowman, Koay, Lentz and Rosay for the same reasons as disclosed above.  

As per claim 20, the claim language is identical or substantially similar to that of claim 7. Therefore, it is rejected under the same rationale applied to claim 7.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Patel et al. (US Pub. 2020/0226295) discloses a voltage attack detection circuit that compares a current voltage associated with a tunable delay circuit with a threshold voltage to determine a voltage attack.  
Moss (US Pub. 2019/0303624) discloses a monitor circuit that detects jitter and sends an interrupt to a cryptographic processing device to disable it.  
Rajpathak et al. (US Pub. 2021/0294410) discloses a field-tunable circuit, on detecting that a voltage attack occurs on a particular power rail, such as when the supply voltage is below a threshold, trigger actions to disable the power or respond to the irregular voltage.  
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ZHE LIU whose telephone number is (571) 272-3634.  The examiner can normally be reached on Monday - Friday: 8:30 AM to 5:30 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached on (571) 272-3862.  The fax phone number for the organization where this application or proceeding is assigned is (571) 273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at (866) 217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call (800) 786-9199 (IN USA OR CANADA) or (571) 272-1000.
/Z.L./Examiner, Art Unit 2493

/CARL G COLIN/Supervisory Patent Examiner, Art Unit 2493