DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claims 1-5, 9-11, 13-19 are rejected under 35 U.S.C. 103 as being unpatentable over Raugas et al. (Patent No.: US 9,537.884) in view of Sbandi (Pub. No.: US 2021/0021636).
Regarding claim 1: Raugas discloses . A non-transitory computer-readable medium (CRM) comprising instructions stored thereon to cause one or more processors to:
receive a request for a risk analysis report for an undesired event (Raugas - [Col. 20, Line 60-61]: requesting data indicating effects of the computer-based threats on the organization);
identify, from a predefined attack database, at least one attack type able to cause the undesired event and for each attack type, at least one requirement for a successful attack (Sbandi - [0062]: Threat model depicts an example where the office of personnel management (OPM) 708 and its systems of record (SOR) might be the target of an attack by a nation-state or other nefarious entity);
for each of the at least one attack type:
for each simulation in a plurality of Monte Carlo simulations for the attack type:
perform the simulation a number N of times based on the undesired event, the attack type, and the protection data (Raugas - [Col. 22, Line 4-6]: Performing the plurality of simulations and sampling the outcomes can include performing Monte Carlo simulations and sampling of the DBN);
determine whether the N performances indicate at least one wildcard (Raugas - [Col. 22, Line 6-9]:  The Monte Carlo simulations may be conducted to determine a distribution of a total value that may be lost to the threats represented by the threat nodes, over the time window);
in response to a determination that the N performances indicate at least one wildcard, perform the simulation an additional N times (Raugas - [Col. 22, Line 14-16]: At least the determined number of simulations is performed to achieve the desired accuracy level);
identify, based on the performances of the plurality of Monte Carlo simulations, at least one vulnerability of the protection measures to the attack type (Raugas - [Col. 22, Line 17-21]: Based on the sampled outcomes of the simulations, a measure of impact of the computer-based threats to the organization over the time window is determined (610). The measure may include a confidence interval for losses of the organization due to the computer-based threats); and
generate the risk analysis report for the undesired event based on the at least one attack type and the at least one vulnerability (Raugas - [Col. 22, Line 22-25]: The measure of impact of the computer-based threats to the organization over the time window is provided (612). The measure can be an estimated amount of value at risk due to a set of cyber threats over the time window).
However Raugas doesn’t explicitly teach, but Sbandi discloses: obtain protection data associated with protection measures that affect the at least one requirement for a successful attack (Sbandi - [0062]: visual threat model 700 showing the components and relationship between a threat actor, attack type, control mechanisms, and target is shown … a review of OPM's systems of record and architecture shows that OPM has several control mechanisms 702 in place to protect against attacks);
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Raugas with Sbandi so that the control mechanisms can be obtained in order to protect against attacks. 
Regarding claim 2: Raugas as modified discloses wherein the at least one requirement comprises one or more of: an attacker type, an attacker motivation threshold, and a tactical feasibility threshold (Raugas - [Col. 3, Line 35-37]: the mitigation nodes specifying one or more rates of effectiveness against particular types of computer-based threats).
Regarding claim 3: Raugas as modified discloses wherein the protection data comprises an effectiveness of the protection measures (Raugas - [Col. 1, Line 39-40]: the specification of rates of effectiveness against particular threat types or exploits) and a maturity model for the effectiveness of the protection measures over time (Raugas - [Col. 22, Line 22-25]The measure of impact of the computer-based threats to the organization over the time window is provided (612). The measure can be an estimated amount of value at risk due to a set of cyber threats over the time window).
Regarding claim 4: Raugas as modified discloses wherein the instructions to generate the risk analysis report further comprise instructions to:
determine at least one mitigation strategy for the at least one vulnerability (Raugas - [Col. 12, Line 48-50]: Each mechanism may also specify a list of mitigation types (with subtype qualifiers) that the mechanism is assumed to defeat); and
determine an effectiveness of the at least one mitigation strategy and a maturity model for the effectiveness of the at least one mitigation strategy over time (Raugas - [Col.13, Line 66-67]: a default effectiveness rate may be specified (to be used for mitigated Threat Stage nodes for which a threat-specific effectiveness is not indicated)).
Regarding claim 5: Raugas as modified discloses wherein the instructions to determine at least one mitigation strategy further comprise instructions to determine an operational cost for the at least one mitigation strategy (Raugas - [Col. 18, Line 22-27]: the techniques discussed above may assign a monetary value to risk. In addition to modeling threat evolution, or identifying specific vulnerabilities and characterizing the severity of the threats that can exploit them, the system can estimate monetary costs of threat evolution).
Regarding claim 9: Raugas as modified discloses wherein the request for the risk analysis report for the undesired event comprises a user-defined attack script (Raugas - [Col. 18, Line 22-27]: the input described above, and represent it in computer memory as a set of Directed Acyclic Graphs (DAGS) instances, in which each vertex may represent a Threat Stage, Mitigation, Access, or Asset Node), and wherein the at least one attack type and the plurality of Monte Carlo simulations for the attack type are associated with the user-defined attack script (Raugas - [Col. 5, Line 40-44]: (B) for constructing, from the foregoing specification, a set of Dynamic Bayesian Networks (DBNs), via which: (5) Monte Carlo simulations may be conducted to assess the distribution of the total value of assets that may be lost to the threats, over a specified period of time).
Regarding claim 10: Raugas discloses A non-transitory computer-readable medium (CRM) comprising instructions stored thereon to cause one or more processors to:
receive a request for a risk analysis report for an asset (Raugas - [Col. 20, Line 60-61]: requesting data indicating effects of the computer-based threats on the organization);
identify at least one attack type based on an asset type for the asset (Sbandi - [0062]: Threat model depicts an example where the office of personnel management (OPM) 708 and its systems of record (SOR) might be the target of an attack by a nation-state or other nefarious entity);
for each of the at least one attack type:
generate a simulated attack scenario based on the asset, the attack type, and the protection data (Raugas - [Col. 6, Line 7-10]: A DBN may define a framework for Monte Carlo simulations. Starting at an initial time, one samples each variable in the network, from top-level parents (roots) to bottom-level children (leaves). See also [Col. 5, Line 34-39]);
identify, based on the simulated attack scenario, at least one vulnerability of the protection measures for the asset to the attack type (Raugas - [Col. 22, Line 17-21]: Based on the sampled outcomes of the simulations, a measure of impact of the computer-based threats to the organization over the time window is determined (610). The measure may include a confidence interval for losses of the organization due to the computer-based threats); and
generate the risk analysis report for the asset based on the at least one attack type and the at least one vulnerability (Raugas - [Col. 22, Line 22-25]: The measure of impact of the computer-based threats to the organization over the time window is provided (612). The measure can be an estimated amount of value at risk due to a set of cyber threats over the time window).
However Raugas doesn’t explicitly teach, but Sbandi discloses: obtain protection data relevant for the attack type, wherein the protection data is associated with protection measures for the asset (Sbandi - [0062]: visual threat model 700 showing the components and relationship between a threat actor, attack type, control mechanisms, and target is shown … a review of OPM's systems of record and architecture shows that OPM has several control mechanisms 702 in place to protect against attacks).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Raugas with Sbandi so that the control mechanisms can be obtained in order to protect against attacks. 
Regarding claim 11: Raugas as modified discloses wherein the instructions to identify at least one attack type based on the asset type further comprise instructions to obtain, from a pre-defined attack database, at least one attack type relevant to the asset type (Sbandi - [0052]: A threat model may visually illustrate the mapping between a threat actor (TCom), attack type (e.g., threat vector), control environment (e.g., current control, dimension, control by dimension, and recommended control), the targeted system, and the impact on the organization) and at least one requirement for a successful attack of the attack type (Sbandi - [0063]: extracting pertinent information from OPM's systems of record and determining whether or not the control mechanism is mitigated or unmitigated).
The reason for combining is similar as claim 10.
Regarding claim 13: Raugas as modified discloses wherein the protection data comprises an effectiveness of the protection measures (Raugas - [Col. 1, Line 39-40]: the specification of rates of effectiveness against particular threat types or exploits) and a maturity model for the effectiveness of the protection measures over time (Raugas - [Col. 22, Line 22-25]The measure of impact of the computer-based threats to the organization over the time window is provided (612). The measure can be an estimated amount of value at risk due to a set of cyber threats over the time window).
Regarding claim 14: Raugas as modified discloses wherein the instructions to generate the risk analysis report further comprise instructions to:
determine at least one mitigation strategy for the at least one vulnerability (Raugas - [Col. 12, Line 48-50]: Each mechanism may also specify a list of mitigation types (with subtype qualifiers) that the mechanism is assumed to defeat); and
determine an effectiveness of the at least one mitigation strategy and a maturity model for the effectiveness of the at least one mitigation strategy over time (Raugas - [Col.13, Line 66-67]: a default effectiveness rate may be specified (to be used for mitigated Threat Stage nodes for which a threat-specific effectiveness is not indicated)).
Regarding claim 15: Raugas as modified discloses wherein the instructions to determine at least one mitigation strategy further comprise instructions to determine an operational cost for the at least one mitigation strategy (Raugas - [Col. 18, Line 22-27]: the techniques discussed above may assign a monetary value to risk. In addition to modeling threat evolution, or identifying specific vulnerabilities and characterizing the severity of the threats that can exploit them, the system can estimate monetary costs of threat evolution).
Regarding claim 16: Raugas as modified discloses wherein the instructions to identify the at least one vulnerability further comprise instructions to identify the at least one vulnerability based on at least one calculations and rating model identified in the request for the risk analysis report (Raugas - [Col. 5, Line 5-6]: a calculator module 400 to generate outputs based on the acquired data).
Regarding claim 17: Raugas as modified discloses wherein the instructions to generate the simulated attack scenario further comprise instructions to obtain at least one of:
attacker perception data for the asset and the protection measures, wherein the attacker perception data for the asset and the protection measures is associated with how the asset and the protection measures are perceived by an attacker,
attacker perception data for the attack type, wherein the attacker perception data for the attack type is associated with how the attack type is perceived by the attacker,
asset owner perception data for the asset and the protection measures, wherein the asset owner perception data for the asset and the protection measures is associated with how the asset and the protection measures are perceived by an asset owner, and
asset owner perception data for the attack type, wherein the asset owner perception data for the attack type is associated with how the attack type is perceived by the asset owner,
wherein the simulated attack scenario is further based on the obtained perception data (Raugas - [Col. 22, Line 4-15]: Performing the plurality of simulations and sampling the outcomes can include performing Monte Carlo simulations and sampling of the DBN. The Monte Carlo simulations may be conducted to determine a distribution of a total value that may be lost to the threats represented by the threat nodes, over the time window. To achieve an appropriate level of accuracy, the system can determine a threshold value indicating a minimum level of accuracy required. The system can also determine a number of simulations needed to reach the minimum level of accuracy indicated by the threshold value).
Regarding claim 18: this claim defines a method claim that corresponds to CRM claim 10 and does not define beyond limitations of claim 10. Therefore, claim 18 is rejected with the same rational as in the rejection of claim 10. 
Regarding claim 19: Raugas as modified discloses wherein receiving the request for the risk analysis report for the asset further comprises:
presenting, to a user, an undesired event template comprising parameter entry components for at least one of the asset type for the asset, the protection measures for the asset, the attack type, an attacker type, a threshold damage level, and an attack script (Raugas - [Col. 5, Line 26-28]: systems, and/or media may provide a framework for assessing organizational value at risk due to current and emerging cyber threats); and
receiving a user-defined undesired event comprising user-defined parameters from user input in the parameter entry components, wherein the at least one attack type, the simulated attack scenario, and the at least one vulnerability are further based on the user-defined parameters (Raugas - [Col. 5, Line 21-24]: conducted according to an encoding of the model parameters as a set of Dynamic Bayesian Networks).

Allowable Subject Matter
Claims 6-8, 12 and 20 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. The reason for allowance will be furnished upon allowance of the application.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Sparago (Pub. No.: US 2019/0316902) - Failure Prediction and Analysis Techniques 
DINH et al. (Pub. No.: US 2021/0142424) - Importance sketching of influence dynamics in massive-scale networks 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MENG LI whose telephone number is (571)272-8729.  The examiner can normally be reached on M-F 8:30-5:30.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s acting supervisor, Kristine Kincaid can be reached on (571) 272-4063.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8729.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MENG LI/
Primary Examiner, Art Unit 2437