Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
Claims 1-20 are pending.
	

Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.

Claims 8 and 10 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the enablement requirement.  The claim(s) contains subject matter which was not described in the specification in such a way as to enable one skilled in the art to which it pertains, or with which it is most nearly connected, to make and/or use the invention.
Regarding claim 8, the specification fails to teach how the “confidence parameter” is ascertained/generated and/or used, such that a skilled artisan could make or use the invention, as claimed.
Regarding claim 10, specification fails to describe how the code is “received” using a pair of keys, such that a skilled artisan could make or use the invention, as claimed.  

The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claim 8 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Regarding claim 8, it is unclear if "first entity" or "version of the first portion of code" has "confidence parameter".  

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 1-4, 6-7, 10-16 and 18-20 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by US 2020/0042709 A1 to Fu et al. (Fu).
Regarding claim 1, Fu discloses an apparatus, comprising: a memory array (oprom, ¶154); a controller coupled with the memory array (TPM, ¶154) and configured to cause the apparatus to: authenticate a root of trust entity as part of a boot-up procedure of a system that includes the root of trust entity (trusted security chip measures and authenticates BIOS, ¶154); receive, by the root of trust entity (BIOS) and as part of the boot-up procedure, a first portion of code associated with a first entity of the system (BIOS measures integrity of option memory firmware of trusted card, ¶153) based at least in part on authenticating the root of trust entity (based on authentication of BIOS, ¶153); generate a first measurement result of the first portion of code associated with the first entity based at least in part on receiving the first portion of code (BIOS measures option ROM, ¶153); identify, by the root of trust entity, a second measurement result associated with the first portion of code associated with the first entity based at least in part on generating the first measurement result (trusted measurement includes comparing a hash value of code calculated with a stored hash value, ¶70); determine, by the root of trust entity, whether the first measurement result matches the second measurement result as part of authenticating the first portion of code associated with the first entity as part of the boot-up procedure (trusted measurement includes comparing a hash value of code calculated with a stored hash value, ¶70, ¶159); and transmit, by the root of trust entity, an indication of whether the first measurement result matches the second measurement result (option memory firmware, measured by BIOS, further measures the integrity of one or more firmware in the device when BIOS determines that the option memory firmware is valid, ¶155).
Regarding claim 13, the claim is similar in scope to claim 1 and is therefore rejected using a similar rationale.
Regarding claim 20, the claim is similar in scope to claim 1 and is therefore rejected using a similar rationale.
Regarding claims 2 and 14, Fu discloses wherein the controller is further configured to cause the apparatus to: authenticate, by the root of trust entity (BIOS), the first portion of code associated with the first entity based at least in part on the first measurement result matching the second measurement result (trusted measurement includes comparing a hash value of code calculated with a stored hash value, ¶70, ¶159), wherein the indication transmitted by the root of trust entity causes the first portion of code of the first entity to initialize as part of the boot-up procedure of the system (option memory firmware, measured by BIOS, further measures the integrity of one or more firmware in the device when BIOS determines that the option memory firmware is valid, ¶155).
Regarding claims 3 and 15, Fu discloses wherein the controller is further configured to cause the apparatus to: receive, by the root of trust entity (alternatively, the Oprom is considered the root of trust entity) and as part of the boot-up procedure of the system, a second portion of code associated with a second entity of the system based at least in part on authenticating the first entity (Oprom measures and determines integrity of firmware associated with the high-speed encryption card and the integrity of other peripheral ROM and hardware firmware, ¶171, loads the validated firmware, ¶¶177-188 (first entity), and then measures the Boot Loader, ¶179); generate a third measurement result associated with the second entity based at least in part on receiving the second portion of code (measure Boot Loader, ¶¶179-181, where trusted measurement includes comparing a hash value of code calculated with a stored hash value, ¶70, ¶159); identify, by the root of trust entity, a fourth measurement result associated with the second portion of code associated with the second entity based at least in part on generating the third measurement result (trusted measurement includes comparing a hash value of code calculated with a stored hash value, ¶70, ¶159); determine, by the root of trust entity, whether the third measurement result matches the fourth measurement result as part of authenticating the second portion of code associated with the second entity as part of the boot-up procedure; and transmit, by the root of trust entity, an indication of whether the third measurement result matches the fourth measurement result (load Boot Loader, ¶¶179-181).
Regarding claims 4 and 16, Fu discloses wherein the first portion of code of the first entity initializes prior to generating the third measurement result (firmware loads, ¶¶175-178, followed by verification and loading of Boot Loader, ¶¶179-181).
Regarding claims 6 and 18, Fu discloses wherein the controller is further configured to cause the apparatus to: fail to authenticate, by the root of trust entity, the first portion of code associated with the first entity based at least in part on the first measurement result failing to match the second measurement result, wherein the indication transmitted by the root of trust entity causes the first portion of code of the first entity to refrain from initializing as part of  the boot-up procedure of the system (system is prohibited from being started when integrity is not confirmed, ¶¶187-188).  
Regarding claims 7 and 19, Fu discloses wherein the controller is further configured to cause the apparatus to: retrieve the second measurement result from memory associated with the root of trust entity (trusted measurement includes comparing a hash value of code calculated with a stored hash value, ¶70, ¶159), wherein identifying the second measurement result is based at least in part on retrieving the second measurement result (note that the measurement result can also be decrypted after retrieval, ¶198).  
Regarding claim 10, Fu discloses wherein the root of trust entity is associated with a pair of keys that comprise a public key and a private key (public and private key for decrypting/encrypting measurement root, ¶130), and wherein the root of trust entity receives the first portion of code using the pair of keys (host processor decrypts trusted measurement root using public key and the security chip decrypts the measurement result using the private key, ¶130).  
Regarding claim 11, Fu discloses wherein the controller is configured to generate the first measurement result by being configured to cause the apparatus to: hash the first portion of code to generate a hash (trusted measurement includes comparing a hash value of code calculated with a stored hash value, ¶70, ¶159). 
Regarding claim 12, Fu discloses wherein the first measurement result 2 comprises a hash (trusted measurement includes comparing a hash value of code calculated with a stored hash value, ¶70, ¶159).

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 5 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Fu, as applied to claims 3 and 15 above, in view of US 2008/0126779 A1 to Smith.
Regarding claims 5 and 17, Fu is silent regarding wherein the first portion of code of the first entity initializes after determining whether the third measurement result matches the fourth measurement result.  However, Smith teaches a similar system that establishes a root of trust and extends trust outward (¶36), where initialization of code can precede completed verification to enable to minimize disruption in the sequence (¶33, ¶39).  Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Fu such that the first portion of code of the first entity initializes after determining whether the third measurement result matches the fourth measurement result.  One of ordinary skill in the art would have been motivated to perform such a modification to enable initialization to occur simultaneously with verification, thus increasing efficiency, as taught by Smith.

Allowable Subject Matter
Claim 9 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Regarding claim 9, the prior art teaches comparing the code to a previously-stored known hash/signature.  Therefore, the prior art, individually or in a reasonable combination, fails to teach retrieving a version of the first portion of code from memory associated with the root of trust entity and stored prior to receiving the first portion of code; and generating the second measurement result using the version of the first portion of code after receiving the first portion of code as part of the boot-up procedure and based at least in part on retrieving the version of the first portion of code, in combination with claims as a whole.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
US 9,792,440 B1 to Wang is cited for teaching a verification script verifying the security module 212, the boot loader 224, and selected portions or the entirety of the remainder of the primary electronic control unit 102 (self-check), then verifying additional ECUs of system.
US 2014/0040636 A1 to Jeansonne is cited for teaching the process flow of initially measuring a CRTM, using CRTM to measure BIOS, using BIOS to measure boot loader, and using the boot loader to measure the OS (¶16).

Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL J SIMITOSKI whose telephone number is (571)272-3841. The examiner can normally be reached Monday - Friday, 7:00-3:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached on 571-272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/Michael Simitoski/               Primary Examiner, Art Unit 2493                                                                                                                                                                                         
April 26, 2022