DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

This action is response to communication:  amendments/arguments filed on 04/18/2022.
Claims 1-11 and 22-30 are currently pending in this application.  Claims 22-30 are new.
No new IDS has been filed for this application.

	
Response to Arguments
Applicant’s arguments concerning the amended claims have been fully considered but are moot in view of new grounds of rejection.  See rejection below. 

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.




Claims 24-26 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
	As per claims 24-26, the dependent method claims refer to “claim 1.”  However, Claim 1 is directed toward a device.  It seems that claim 24-26 should be dependent on the independent method claim of 22.  For purposes of examination, these claims will be interpreted as being dependent on claim 22. 
	

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim 1 and 22 are rejected under 35 U.S.C. 103 as being unpatentable over Cho et al. US Patent Application Publication 2008/0320311 (Cho) in view of Thurston et al. US Patent Application Publication 2003/0217193 (Thurston), and further in view of Rothman et al. US Patent Application Publication 2007/0150715 (Rothman)

As per claim 1, Cho teaches a computing device comprising: a memory component configured to store firmware (Figure 1, paragraph 31 with firmware storage unit); a bus device communicatively coupled to the memory component (Figure 3 and paragraph 32 with controller); a bus filter driver configured to attach to the bus device and retrieve firmware from the memory component, wherein the bus filter driver is configured to retrieve the firmware responsive to receipt of a start message by the bus device (Figure 3 and paragarph 32 with authenticator; controller initializes reading of firmware by commanding authenticator to start firmware authentication by reading data from firmware data; authenticator filters data by allowing or preventing data from being transmitted through data transmission bus, as seen in paragraph 35; see paragraph 46 wherein the device may be a driver); and a security agent configured to retrieve the firmware from the bus filter driver and to perform a security analiss of the firmware (paragraphs 32, 35, and 53-54 with software from authenticator analyzing firmware image and determining authenticity).
Although Cho teaches retrieving and authenticating firmware, Cho does not explicitly teach wherein the firmware is a firmware image.  However, retrieving and authenticating firmware images is notoriously well known in the art.  For example, see Thurston (abstract, claim 4, and throughout wherein firmware image is retrieved and authenticated).  Further, Thurston teaches retrieving the firmware image and performing a security analysis of the firmware image (claim 4, 15, and 26 with authenticating the firmware update)
At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of the Cho with Thurston.   One of ordinary skill in the art would have been motivated to perform such an addition to to provide improved techniques for updating firmware of hardware device (paragraph 7 of Thurston). 

	The Cho combination teaches metadata having firmware information (Thurston abstract, paragraph 8, and throughout), but does not explicitly teach retrieving bus device metadata including a date from the bus device and if the date is less recent than a specific date, retrieving a firmware image.  However, it would have been obvious to retrieve date information of a component and retrieving firmware if the date is less than a specific date.  For example, see Rothman (Figure 4, paragraph 36, wherein system checks current firmware date of component and compares it with date of firmware in database; if current firmware date is less recent than the one in database, firmware is retrieved).
	At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of Rothman with the Cho combination.  One of ordinary skill in the art would have been motivated to perform such an addition to provide more efficiency by automatically providing firmware updates (paragraph 7 of Rothman). 
	Claim 22 is rejected using the same basis of arguments used to reject claim 1 above. 

Claim 2, 7, and 23 are rejected under 35 U.S.C. 103 as being unpatentable over the Cho combination as applied above, and further in view of Heinrich et al. US Patent Application Publication 2012/0110562 (Heinrich).
	As per claim 2, Cho as modified does not explicitly teach wherein the bus filter driver is further configured to retrieve bus device metadata and acquire a bus interface and utilize the bus interface to locate the memory component.  However, acquiring a bus interface and utilizing the bus interface to locate a memory componentis well known in the art.  For example, see Heinrich (paragraph 30 with bus interface reposnding to bus transactions and locating memory).
	At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of the Cho combination with Heinrich.  One of ordinary skill in the art would have been motivated to perform such an addition to provide an improved system and method for updating firmware (paragraph 3).
	As per claim 7, the Cho shows the obvisouness of utilizing a bus device including a PCI bus or a PCIe bus (see Rothman 23, 35, and throughout wherein PCI is notoriously well known in the art).  However, the Cho combination does not explicitly teach an LPC bus or an eSPI bus connected to a memory component. However, utilizing such buses is well known in the art.  FOr example, see Heinrich (paragraph 19 with communication via an LPC bus).
	At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of the Cho combination with Heinrich.  One of ordinary skill in the art would have been motivated to perform such an addition to provide an improved system and method for updating firmware (paragraph 3).
	Claim 23 is rejected using the same basis of arguments used to reject claim 2 above. 

Claim 3, 10, 24, and 27 are rejected under 35 U.S.C. 103 as being unpatentable over the Cho combination as applied above, and further in view Vollmer et al. US Patent Application Publication 2004/0073791 (Vollmer).

	As per claim 3, Cho as modified does not explicitly teach wherein the bus filter driver is configured to attach to the bus device conditionally based on at least one of a vendor identifier or chipset identifier associated with the memory component.  However, controlling access via a bus based on a vendor identifier is well known in the art.  For example, see Vollmer (paragarph 37, wherein bus manager allows or block access to resources based on manufacturer’s ID or model ID).
	At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of the Cho combination with Vollmer.  One of ordinary skill in the art would have been motivated to perform such an addition to provide greater security (paragraph 6 of Vollmer).
	As per claim 10, the Cho combination does not explicitly each wherein the bus filter driver is further configured to retrieve hardware metadata from at least one of chipset tables or registers.  However, retrieving hardware metadata from chipset tables is well known in the art.  For example, see Cho (paragraph 37-39 wherein bus manager receives hardware metadata such as chipset information and determines access rights based on the retrieved data).
	At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of the Cho combination with Vollmer.  One of ordinary skill in the art would have been motivated to perform such an addition to provide greater security (paragraph 6 of Vollmer).
	Claim 24 is rejected using the same basis of arguments used to reject claim 3 above. 
	Claim 27 is rejected using the same basis of arguments used to reject claim 1 and 3 above. 


Claim 4 is rejected under 35 U.S.C. 103 as being unpatentable over the Cho combination as applied above, and further in view of Ghosh et al. US Patent Application Publication 2016/0321195 (Ghosh).

	As per claim 4, the Cho combination does not explicitly teach wherein the bus filter driver is configured to retrieve at least of the vendor identifier or chipset identifier from a registry and extract a subset of firmware information, chipset information, or register values when a chipset of the computing device is not supported.  However, retrieving such information and utilizing it would have been obvious.  For example, see Ghosh (paragraph 29, Figure 2, and throughout). 
	At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of Ghosh with the Cho combination.  One of ordinary skill I the art would have been motivated to perform such an addition to provide data storage security and device authentication without requiring changes to the operating system (paragraph 3 of Ghosh).

Claim 5 is rejected under 35 U.S.C. 103 as being unpatentable over the Cho combination as applied above, and further in view of Ghosh et al. US Patent Application Publication 2016/0321195 (Ghosh).

	As per claim 5, Cho as modified does not explicitly teach an external component libarary configured to enable access to the bus filter driver by the security agent.  However, utilizing an external component library to enable access is well known in the art.  For example, see Ghosh (paragraph 29, Figure 2, and throughout with database of external components that enable access). 
	At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of Ghosh with the Cho combination.  One of ordinary skill I the art would have been motivated to perform such an addition to provide data storage security and device authentication without requiring changes to the operating system (paragraph 3 of Ghosh).

Claim 6 and 25 are rejected under 35 U.S.C. 103 as being unpatentable over the Cho combination as applied above, and further in view of Ionescu US Patent Application Publication 2017/0061127 (Ionescu).	
	As per claim 6, it would have been obvious over the Cho combination wherein the security agent includes a user-mode component parsing and analyzing at least the firmware image (see Cho Figure 5, paragraph 53, and throughout with reading firmware and signature and authenticating signature; see Thurston wherein firmware may be image).  However, the combination does not explicitly teach a kernel mode component providing at least metadata associated with the firmware image, memory component, or bus device to a remote security service for analysis.  However, this would have been obvious over Ionescu.  Ionescu teaches wherein the security agent includes a kernel-mode component, the kernel mode component providing at least metadata associated with the firmware image, memory component, or bus device to a remote security service for analysis (paragraphs 47 with kernel mode component providing data associated with memory to a remote security service for analysis)
	At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of the Cho combination with Ionescu.  One of ordinary skill in the art would have been motivated to perform such an addition to increase security by ensuring security exploits do not escape detection (paragraphs 2 and 3 of ionescu). 
	Claim 25 is rejected using the same basis of arguments used to reject claim 6 above. 


Claim 8 is rejected under 35 U.S.C. 103 as being unpatentable over the Cho combination as applied above, and further in view of Litichever et al. US Patent Application Publication 2018/0225230 (Litichever).

	As per claim 8, the Cho combination does not explicitly teach wherein the bus filter driver is a plug and play pnp upper device filter driver.  However, utilizing PnP upper-device filter drivers is notoriously well known in the art.  For example, see Litichever (paragraph 61).
	At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of the Cho combination with Litichever.  One of ordinary skill in the art would have been motivated to perform such an addition to utilize commonly drivers and buses to implement functions (paragraph 61). 

Claim 9 and 26 are rejected under 35 U.S.C. 103 as being unpatentable over the Cho combination as applied above, and further in view of Kumar et al. US Patent Application Publication 2009/0086981 (Kumar)

	As per claim 9, the Cho combination does not explictilyt each wherein the security agent is configured to perform, based on the firmware image and hardware metadata, at least one of determining indicators of attack, determining prevalence for the firmware, determining presence of the firmware on whitelists or blacklsits, or determining that the firmware is an expected firmware for hardware of the computing device.  However, this would have been obvious.  FOr example, see Kumar (claim 1 with identifying hardware and expected firmware and verifying the system with such data).
	At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of the Cho combination with Kumar.  One of ordinary skill in the art would have been motivated to perform such an addition to create more security by preventing unauthorized software from running on a processing system (paragraph 9 of Kumar).
	Claim 26 is rejected using the same basis of arguments used to reject claim 9 above. 


Claim 11 is rejected under 35 U.S.C. 103 as being unpatentable over the Cho combination as applied above, and further in view of Culter et al. US Patent Application Publication 2003/0204710 (Culter)
	As per claim 11, Cho as modified does not explicitly teach wherein the hardware metadata includes at least one of a processor-related register values, peripheral component interconnect configrelated register values, mmio related register values, spibar related register values, or efi variables.  However, this would have been obvious.  For example, see Culter (paragraph 28 with checking table for EFI information for supported functions).
  	At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of the Cho combination with Culter.  One of ordinary skill in the art would have been motivated to perform such an addition to provide more efficiency and speed when resetting functions in a computer system (paragraph 8 of Culter).

Claim 28 are rejected under 35 U.S.C. 103 as being unpatentable over the Cho combination as applied above (Cho, Thurston, Rothman, Vollmer), and further in view of Heinrich et al. US Patent Application Publication 2012/0110562 (Heinrich).
	Claim 28 is rejected using the same basis of arguments used to reject claim 2 above. 
	
Claim 29 is rejected under 35 U.S.C. 103 as being unpatentable over the Cho combination as applied above (Cho, Thurston, Rothman, Vollmer), and further in view of Ionescu US Patent Application Publication 2017/0061127 (Ionescu).	
	Claim 29 is rejected using the same basis of arguments used to reject claim 6 above. 

Claim 30 is rejected under 35 U.S.C. 103 as being unpatentable over the Cho combination as applied above (Cho, Thurston, Rothman, Vollmer), and further in view of Kumar et al. US Patent Application Publication 2009/0086981 (Kumar)
	Claim 30 is rejected using the same basis of arguments used to reject claim 9 above.


Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JASON KAI YIN GEE whose telephone number is (571)272-6431.  The examiner can normally be reached on Monday-Friday 8:30-5:00 PST Pacific.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on (571) 272-3739.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).

/JASON K GEE/Primary Examiner, Art Unit 2495