DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Drawings
The drawing (Figure 5) is objected to because there are no corresponding descriptions to the labels 501, 502, and 503 in the figure.  Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. The figure or figure number of an amended drawing should not be labeled as “amended.” If a drawing figure is to be canceled, the appropriate figure must be removed from the replacement sheet, and where necessary, the remaining figures must be renumbered and appropriate changes made to the brief description of the several views of the drawings for consistency. Additional replacement sheets may be necessary to show the renumbering of the remaining figures. Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement Sheet” or “New Sheet” pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance.



Specification
The title of the invention is not descriptive.  A new title is required that is clearly indicative of the invention to which the claims are directed. 

Claim Objections
Claims 1 – 11, 13, and 14 are objected to because of the following informalities:  
Applicants are advised to amend the claims to show the following:

Claim 1. A network node comprising: 
a message handling module configured to control the sending of messages to one or more output ports of the network node based on a rule set stored at the network node, the rule set comprising one or more rules; 
a communication module configured to receive at least one update to the rule set from a controller node, separate from the network node, for changing the rule set; and
a supervisor module configured to verify that the changes to the rule set instructed by the update comply with at least a first set of rule-compliance-criteria and, if so, the network node is configured to modify the rule set to implement the changes of the update and, if not, the network node is configured not to implement the changes to the rule set.

Amend claims 2 – 11, and 13 from “A network node” to “The network node”.

 	Claim 14. A method comprising: 
 	controlling the sending of messages to one or more output ports of the network node based on a rule set stored at the network node, the rule set comprising one or more rules; 
 	receiving at least one update to the rule set from a controller node, separate from the network node, for changing the rule set; and
 	verifying that the changes to the rule set instructed by the update comply with at least a first set of rule-compliance-criteria and, if so, modifying the rule set to implement the changes of the update and, if not, not implementing the changes to the rule set.

 Appropriate correction is required.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

Claims 1, 2, 6, and 8 are rejected under 35 U.S.C. 112(b) as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.  
The claimed limitations of “a message handling module configured to…”, “a communication module configured to…”, and “a supervisor module configured to…” invoke 35 U.S.C. 112(f).  The term "module" is a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier.  Applicants illustrate Figure 2 to show a message handling module 201, a communication module 205, and a supervisor module 207 without providing some detail about the means to accomplish the functions as recited in the claims.  It is not clear what means or structural elements within Applicants’ specification correspond to “a message handling module”, “a communication module”, and “a supervisor module” as recited in the claims.  
Therefore, the claim is indefinite and is rejected under 35 U.S.C. 112(b).
Applicant may:
 (a)        Amend the claim so that the claim limitation will no longer be interpreted as a limitation under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph; 
(b)        Amend the written description of the specification such that it expressly recites what structure, material, or acts perform the entire claimed function, without introducing any new matter (35 U.S.C. 132(a)); or 
(c)        Amend the written description of the specification such that it clearly links the structure, material, or acts disclosed therein to the function recited in the claim, without introducing any new matter (35 U.S.C. 132(a)).
If applicant is of the opinion that the written description of the specification already implicitly or inherently discloses the corresponding structure, material, or acts and clearly links them to the function so that one of ordinary skill in the art would recognize what structure, material, or acts perform the claimed function, applicant should clarify the record by either: 
(a)        Amending the written description of the specification such that it expressly recites the corresponding structure, material, or acts for performing the claimed function and clearly links or associates the structure, material, or acts to the claimed function, without introducing any new matter (35 U.S.C. 132(a)); or 
(b)        Stating on the record what the corresponding structure, material, or acts, which are implicitly or inherently set forth in the written description of the specification, perform the claimed function. For more information, see 37 CFR 1.75(d) and MPEP §§ 608.01(o) and 2181.

	Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1 – 7, 12, and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Hecker et al. (Pub. No.: US 2018/0248755) in view of Sun et al. (Pub. No.: US 2009/0217341).
 	Regarding claim 1, Hecker discloses a network node (see Fig. 1, para. 0073, network nodes 14 – 28 with a memory and a processor) comprising: a message handling module configured to control the sending of messages to one or more output ports of the network node based on a rule set stored at the network node, the rule set comprising one or more rules (see para. 0073 – 0074, Each of the network nodes 14-28 has a data flow table stored in its memory identifying forwarding rules to be applied to available data packets…the network nodes 14-28 may comprise a multitude of ports and each link may enable a plurality of connections, wherein each connection may connect ports of two different network nodes 14-28); a communication module configured to receive at least one update to the rule set from a controller node, separate from the network node, for changing the rule set (see para. 0007, 0080, the control message that originates from the controller and is intended for a specific network node or vice versa; the control message may…update of a data flow table of a network node).
	Hecker does not disclose the following claimed features: regarding claim 1, a supervisor module configured to verify that the changes to the rule set instructed by the update comply with at least a first set of rule-compliance-criteria and, if so, the network node is configured to modify the rule set to implement the changes of the update and, if not, the network node is configured not to implement the changes to the rule set.
Regarding claim 1, Sun discloses a supervisor module configured to verify that the changes to the rule set instructed by the update comply with at least a first set of rule-compliance-criteria and, if so, the network node is configured to modify the rule set to implement the changes of the update and, if not, the network node is configured not to implement the changes to the rule set (see para. 0007, 0011, 0022, 0028, the Snort system host verifies a validity of the intrusion detection rule in the link data packet and subsequently, the intrusion detection rules pre-stored in rules storage are updated according to the type of the intrusion detection rule passing the verification and a rules tree).
It would have been obvious to one ordinary skilled in the art before the effective filing date of the claimed invention to modify the invention of Hecker, and have the features, as taught by Sun, where the newly-added intrusion detection rule may be broadcasted to each node in the LAN, thereby updating the intrusion detection rules adopted by all the Snort system hosts in the LAN in sync in order to significantly reduce the time for updating the intrusion detection rules, as discussed by Sun (para. 0031).
	
	Regarding claim 2, Hecker discloses wherein the communication module comprises a software defined networking, SDN, agent (see para. 0090, OpenFlow proxies (or agents)).
	Regarding claim 3, Hecker discloses wherein the control of the sending of the one or more messages comprises one or more of: control of forwarding of one or more messages generated at the network node to at least one of the one or more output ports based on one or more forwarding rules of the rule set (see para. 0073 – 0074, Each of the network nodes 14-28 has a data flow table stored in its memory identifying forwarding rules to be applied to available data packets…the network nodes 14-28 may comprise a multitude of ports and each link may enable a plurality of connections, wherein each connection may connect ports of two different network nodes 14-28); control of forwarding of one or more messages received at one or more input ports of the network node to one of the one or more output ports based on one or more forwarding rules of the rule set; control of flow of the one or more messages based on one or more bandwidth rules of the rule set; control of addressing of the one or more messages based on one or more addressing rules of the rule set; control of scheduling of the forwarding of the one or more messages based on one or more scheduling rules of the rule set; and control of the formatting or content of the one or more messages based on one or more modification rules.
	Regarding claim 4, Hecker discloses wherein the rule set is exclusively determined by the controller node (see para. 0003, 0007, 0080, the controller 112 to integrate the first network node 14 into the system by adding forwarding rules to the data forwarding tables).
	Regarding claim 5, Hecker discloses wherein the changes to the rule set defined by the update comprise one or more of: replacement of one or more of the rules of the rule set; addition to the rules of the rule set (see para. 0080, adding forwarding rules to the data forwarding tables); and removal of one or more of the rules of the rule set.
	Regarding claim 6, Hecker discloses wherein the communication module is configured to establish a secure communication channel between the network node and the controller node for the receipt of the at least one update to the rule set (see para. 0093, to support secure end to end channels for the switches).

	Hecker does not disclose the claimed features as recited in claims 7 and 11. 
	Regarding claim 7, Sun discloses wherein the network node is configured to receive the rule-compliance-criteria by a process that verifies the authenticity of the rule-compliance-criteria (see para. 0007 – 0008, 0010, 0022, 0028, Snort system hosts in the network verify the validity of the intrusion detection rule includes: firstly determining whether the verification code and authorization code of the link data packet are true or not, and then determining whether the link data packet has a newer rule version than that of the rules storage already stored in the storage).
It would have been obvious to one ordinary skilled in the art before the effective filing date of the claimed invention to modify the invention of Hecker, and have the features, as taught by Sun, where the newly-added intrusion detection rule may be broadcasted to each node in the LAN, thereby updating the intrusion detection rules adopted by all the Snort system hosts in the LAN in sync in order to significantly reduce the time for updating the intrusion detection rules, as discussed by Sun (para. 0031).

	Regarding claim 12, Hecker discloses a network comprising: a controller node; and a plurality of network nodes according to claim 1, wherein the output ports of each of network nodes provides a communication channel to another one of the plurality of network nodes or the controller node (see Fig. 1, SDN controller 12 and network nodes 14 – 28, para. 0073 – 0074, Each of the network nodes 14-28 has a data flow table stored in its memory identifying forwarding rules to be applied to available data packets…the network nodes 14-28 may comprise a multitude of ports and each link may enable a plurality of connections, wherein each connection may connect ports of two different network nodes 14-28).
	Regarding claim 14, Hecker discloses a method comprising: controlling the sending of messages to one or more output ports of the network node based on a rule set stored at the network node, the rule set comprising one or more rules (see para. 0073 – 0074, Each of the network nodes 14-28 has a data flow table stored in its memory identifying forwarding rules to be applied to available data packets…the network nodes 14-28 may comprise a multitude of ports and each link may enable a plurality of connections, wherein each connection may connect ports of two different network nodes 14-28); receiving at least one update to the rule set from a controller node, separate from the network node, for changing the rule set (see para. 0007, 0080, the control message that originates from the controller and is intended for a specific network node or vice versa; the control message may…update of a data flow table of a network node). 
	Hecker does not disclose the following claimed features: regarding claim 14, verifying that the changes to the rule set instructed by the update comply with at least a first set of rule-compliance-criteria and, if so, modifying the rule set to implement the changes of the update and, if not, not implementing the changes to the rule set.
Regarding claim 14, Sun discloses verifying that the changes to the rule set instructed by the update comply with at least a first set of rule-compliance-criteria and, if so, modifying the rule set to implement the changes of the update and, if not, not implementing the changes to the rule set (see para. 0007, 0011, 0022, 0028, the Snort system host verifies a validity of the intrusion detection rule in the link data packet and subsequently, the intrusion detection rules pre-stored in rules storage are updated according to the type of the intrusion detection rule passing the verification and a rules tree).
It would have been obvious to one ordinary skilled in the art before the effective filing date of the claimed invention to modify the invention of Hecker, and have the features, as taught by Sun, where the newly-added intrusion detection rule may be broadcasted to each node in the LAN, thereby updating the intrusion detection rules adopted by all the Snort system hosts in the LAN in sync in order to significantly reduce the time for updating the intrusion detection rules, as discussed by Sun (para. 0031).


Claims 13 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Hecker et al. (Pub. No.: US 2018/0248755) in view of Sun et al. (Pub. No.: US 2009/0217341) and further in view of Fredman (Pub. No.: US 2021/0163017).
Hecker and Sun do not disclose the claimed features as recited in claims 13 and 15.
Regarding claim 13, Fredman discloses wherein the network comprises a network of an automobile and at least one of the plurality of network nodes comprise a driver assistance system (see Fig. 1, para. 0031 – 0032, vehicle 12 with driver-assist systems).
	Regarding claim 15, Fredman discloses an automobile comprising the network of claim 12 (see Fig. 1, para. 0031, vehicles 12).
It would have been obvious to one ordinary skilled in the art before the effective filing date of the claimed invention to modify the invention of Hecker and Sun, and have the features, as taught by Fredman, in order to enable vehicle and driver assist system manufacturers to quickly analyze the effectiveness of these systems and to detect problems or glitches in the driver assist systems as actually installed in and operating in vehicles, as discussed by Fredman (para. 0007).
	
Allowable Subject Matter
Claims 8 – 11 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

					Pertinent Prior Arts

The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Chetan et al. (US Pub. No. 2017/0054609), in the same field of endeavor as the present invention, disclose an invention where the sampling rule may include sampling criteria indicating how packets matching the flow rule should be sampled (para. 0011). 


Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Anh Ngoc M Nguyen whose telephone number is (571) 270-5139.  The examiner can normally be reached on Monday to Friday, from 7:30 am to 4:00 pm.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kwang Bin Yao can be reached on ((571) 272-3182.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
 	Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice .
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/ANH NGOC M NGUYEN/Primary Examiner, Art Unit 2473