DETAILED ACTION
	Claims 1-20 are presented for examination.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Objections 
Claim 1 is objected to because it recites the terms: “the malicious circuit detection block” lack antecedent basis. Claim 1 is being interpreted as reciting “the malicious component detection block”. 

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


Claim 7 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention. Claim 7 depends on parent claim 1 which recites that the data processing system comprises: the malicious component detection block. However claim 7 recites that the malicious component detection block is on a different integrated circuit which contradicts the recitation of the parent claim. For the purpose of examination, claim 7 is interpreted as reciting that the malicious component detection block is implemented on a different integrated circuit than a circuit being monitored.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claims 1-3, 5-11, 13-18 and 20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Sethumadhavan et al (US Pub.No.2016/0275289), hereinafter Sethu.

Re Claim 1. Sethu discloses a data processing system comprising: a processor for executing instructions; a bus coupled to the processor; and a malicious component detection block coupled to the bus [Sethu, Fig.7, para.008-0099], the malicious circuit detection block comprising: a plurality of event counters for counting events in the data processing system (i.e. The sampling unit 212 is configured to obtain hardware performance data, including, for example, hardware performance counter data, from the one or more hardware-devices, which may include devices such as controller devices, e.g., processor devices such as the devices 220 and 222, or any other type of controller devices including controller devices implemented using modules such as an FPGA (field programmable gate array), an ASIC (application-specific integrated circuit), a DSP processor, etc. Generally, hardware-based controller devices include hardware-related performance counters that may be configured to count a variety of events, such as cycles, instructions, cache misses, etc., occurring during execution of processes and programs on one of the devices 220 and 222) [Sethu, para.0056]; and a machine learning model coupled to the plurality of event counters, wherein a normal pattern of behavior of the data processing system is determined using the plurality of event counters (i.e. determination of whether a hardware performance data resulting from execution of a process is such that it deviates from the process' normal hardware performance data may be performed using a machine learning system that may include one or more classifiers (such as the one or more classifiers 216a-n illustrated in FIG. 2) that were trained using, for example, clean (non-infected) hardware performance data obtained for the various legitimate processes or programs that are to be monitored) [Sethu, para.0106, para.0054], (i.e. hardware performance data, including hardware performance counter data (e.g., from hardware-based performance counters) is obtained from a hardware device (such as a processor/computing-based device on which the legitimate processes and programs are executing), and the data is analyzed using machine-learning procedures (e.g., classification procedures), to determine whether the collected hardware performance data deviates from normal, previously obtained, hardware performance data resulting from normal execution of such legitimate programs or processes) [Sethu, para.0046], and wherein during operation of the data processing system an internal state of the data processing system is monitored, and in response to detecting a pattern of behavior that is different from the normal pattern of behavior (i.e. The antivirus engine is further configured to determine whether a malicious process is affecting performance of the first process based on a determination of an extent of deviation of the obtained current hardware performance data corresponding to the first process from the pre-recorded hardware performance data representative of the normal behavior of the first process………. The sampling unit 212 is configured to obtain hardware performance data, including, for example, hardware performance counter data, from the one or more hardware-devices, which may include devices such as controller devices, e.g., processor devices such as the devices 220 and 222, or any other type of controller devices including controller devices implemented using modules such as an FPGA (field programmable gate array), an ASIC (application-specific integrated circuit), a DSP processor, etc. Generally, hardware-based controller devices include hardware-related performance counters that may be configured to count a variety of events, such as cycles, instructions, cache misses, etc., occurring during execution of processes and programs on one of the devices 220 and 222) [Sethu, para.0054-0056], the malicious component detection block providing an indication (i.e. the information necessary for forensics can be logged only when the AV engine makes a determination of the possible execution of a malicious process) [Sethu, para.0131].

Re Claim 8. This claim recites features similar to those in claim 1, therefore it is rejected in a similar manner. 

Re Claim 14. This claim recites features similar to those in claim 1, 5 and 13, therefore it is rejected in a similar manner as in the rejection of claims 1, 5 and 13. 

Re Claims 2, 9 and 15. Sethu discloses the features of claims 1, 8 and 14, Sethu further discloses wherein the machine learning model includes one of a support vector machine, a neural network, or a nearest neighbor algorithm (i.e. such one or more classifiers may include one or more of, for example, a support vector machine implementing a non-linear radial basis function (RBF) kernel, a k-nearest neighbor procedure, a decision tree procedure, a random forest procedure, an artificial neural network procedure) [Sethu, para.00106,0088].

Re Claim 3. Sethu discloses he data processing system of claim 1, Sethu further discloses: wherein the data processing system is characterized as being an integrated circuit system on a chip (SoC) (i.e. at least part of the AV engine may be implemented in hardware directly on the hardware device that is to be monitored, and/or may be implemented in software executing on a dedicated (and/or secure) controller device. For example, as depicted in FIG. 7, the CPU 712 may be a multi-core processor, and the hardware portion of the AV engine may be realized on one or more of the cores 713 of the CPU 712, and be configured (e.g., through pre- or post-manufacturing programming) to perform one or more of the functions of the AV engine (e.g., collect hardware performance data). If the hardware device to be monitored is an application-specific controller device (e.g., implemented as an application-specific integrated circuit), the hardware-portion of the AV may be realized at the time of manufacturing of the controller, e.g., as a special-purpose malware detection units that sit on a network-on-chip, on-chip/off-chip FPGA, or off-chip ASIC co-processor.) [Sethu, para.0098].

Re Claim 5. Sethu discloses he data processing system of claim 1, Sethu further discloses: wherein an event counter of the plurality of event counters is associated with every event that is monitored in the data processing system (i.e. hardware-based controller devices include hardware-related performance counters that may be configured to count a variety of events, such as cycles, instructions, cache misses, etc., occurring during execution of processes and programs on one of the devices 220 and 222………………………………Examples of common counters (feature event number assignments) on an ARM Cortex-A9 cores architecture, through which hardware performance data can be obtained, include event numbers: 0x06—Memory-reading instruction architecturally executed (counter increments for every instruction that explicitly read data); 0x07—Memory-writing instruction architecturally executed (counter increments for every instruction that explicitly wrote data); 0x0C—Software change of PC, except by an exception, architecturally executed (counter does not increment for a conditional instruction that fails its condition code); 0x0D—Immediate branch architecturally executed (counter counts for all immediate branch instructions that are architecturally executed);0x0F—Unaligned access architecturally executed (counter counts each instruction that is an access to an unaligned address); and 0x12—Counter counts branch or other change in program flow that could have been predicted by the branch prediction resources of the processor) [Sethu, para.0056, para.0061-0067].

Re Claim 6. Sethu discloses he data processing system of claim 6, Sethu further discloses: further comprising a counter handler for controlling the plurality of event counters (i.e. the sampling unit 212 may be configured to obtain hardware performance data (including micro-architectural performance counter data) from the counters of the hardware monitored through data push procedures and/or through data pull procedures. For example, when pulling data, the AV engine 210 initiates the data collection, causing hardware targets (e.g., specific hardware performance counters implemented in the hardware being monitored) to be accessed by, for example, interrupting execution of the counters and/or querying the counters without interruptions. In some embodiments, the AV engine 210 may be configured, e.g., via the sampling module 212, to interrupt the hardware once every N cycles (where N may be a constant pre-determined number, or may be a varying number, e.g., based on a random or pseudo-random generator), and sample the various performance/event counters,) [Sethu, para.0069].

Re Claim 7. Sethu discloses he data processing system of claim 1, Sethu further discloses: wherein the malicious component detection block is implemented on a different integrated circuit than the data processing system (i.e. at least part of the AV engine may be implemented in hardware directly on the hardware device that is to be monitored, and/or may be implemented in software executing on a dedicated (and/or secure) controller device. For example, as depicted in FIG. 7, the CPU 712 may be a multi-core processor, and the hardware portion of the AV engine may be realized on one or more of the cores 713 of the CPU 712, and be configured (e.g., through pre- or post-manufacturing programming) to perform one or more of the functions of the AV engine (e.g., collect hardware performance data). If the hardware device to be monitored is an application-specific controller device (e.g., implemented as an application-specific integrated circuit), the hardware-portion of the AV may be realized at the time of manufacturing of the controller, e.g., as a special-purpose malware detection units that sit on a network-on-chip, on-chip/off-chip FPGA, or off-chip ASIC co-processor) [Sethu, para.0098].

Re Claim 10. Sethu discloses the method of claim 8, Sethu further discloses: wherein training the machine learning model further comprises training the machine learning model on-the-fly during normal operation of the data processing system (i.e. As noted, in some embodiments, an AV engine, such as the AV engine 210 of FIG. 2, may be configured to be updated with new clean baseline hardware performance data (for current or new processes that may be running on the local computing device(s)) as they become available) [Sethu, para.0133].

Re Claim 11. Sethu disclose the method of claim 8, Sethu further discloses: wherein the data processing system is implemented on one or more integrated circuits (i.e. at least part of the AV engine may be implemented in hardware directly on the hardware device that is to be monitored, and/or may be implemented in software executing on a dedicated (and/or secure) controller device. For example, as depicted in FIG. 7, the CPU 712 may be a multi-core processor, and the hardware portion of the AV engine may be realized on one or more of the cores 713 of the CPU 712, and be configured (e.g., through pre- or post-manufacturing programming) to perform one or more of the functions of the AV engine (e.g., collect hardware performance data). If the hardware device to be monitored is an application-specific controller device (e.g., implemented as an application-specific integrated circuit), the hardware-portion of the AV may be realized at the time of manufacturing of the controller, e.g., as a special-purpose malware detection units that sit on a network-on-chip, on-chip/off-chip FPGA, or off-chip ASIC co-processor) [Sethu, para.0098]..

Re Claim 13. Sethu discloses the method of claim 8, Sethu further discloses: wherein the machine learning model compares current event occurrences to the normal pattern of behavior to determine if the different pattern of behavior indicates an activated malicious circuit (i.e. The antivirus engine configured to determine whether the malicious process is affecting the performance of the first process may be configured to apply one or more machine-learning procedures, trained using the pre-recorded hardware performance data representative of the normal behavior of the first process, to the current hardware performance data to determine whether the current hardware performance data for the hardware device executing the first process deviates from the pre-recorded hardware performance data for the first process) [Sethu, para.0020].

Re Claim 16. Sethu discloses the method of claim 14, Sethu further discloses: wherein training the machine learning model further comprises training the machine learning model on-the-fly during normal operation of the data processing system (i.e. As noted, in some embodiments, an AV engine, such as the AV engine 210 of FIG. 2, may be configured to be updated with new clean baseline hardware performance data (for current or new processes that may be running on the local computing device(s)) as they become available,) [Sethu, para.0133].

Re Claim 17. Sethu discloses the method of claim 14, Sethu further discloses wherein the data processing system is implemented on one or more integrated circuits (i.e. at least part of the AV engine may be implemented in hardware directly on the hardware device that is to be monitored, and/or may be implemented in software executing on a dedicated (and/or secure) controller device. For example, as depicted in FIG. 7, the CPU 712 may be a multi-core processor, and the hardware portion of the AV engine may be realized on one or more of the cores 713 of the CPU 712, and be configured (e.g., through pre- or post-manufacturing programming) to perform one or more of the functions of the AV engine (e.g., collect hardware performance data). If the hardware device to be monitored is an application-specific controller device (e.g., implemented as an application-specific integrated circuit), the hardware-portion of the AV may be realized at the time of manufacturing of the controller, e.g., as a special-purpose malware detection units that sit on a network-on-chip, on-chip/off-chip FPGA, or off-chip ASIC co-processor) [Sethu, para.0098]. 

Re Claim 18. Sethu discloses the method of claim 17, Sethu further discloses wherein the machine learning model is implemented on a different integrated circuit than the data processing system (i.e. at least part of the AV engine may be implemented in hardware directly on the hardware device that is to be monitored, and/or may be implemented in software executing on a dedicated (and/or secure) controller device. For example, as depicted in FIG. 7, the CPU 712 may be a multi-core processor, and the hardware portion of the AV engine may be realized on one or more of the cores 713 of the CPU 712, and be configured (e.g., through pre- or post-manufacturing programming) to perform one or more of the functions of the AV engine (e.g., collect hardware performance data). If the hardware device to be monitored is an application-specific controller device (e.g., implemented as an application-specific integrated circuit), the hardware-portion of the AV may be realized at the time of manufacturing of the controller, e.g., as a special-purpose malware detection units that sit on a network-on-chip, on-chip/off-chip FPGA, or off-chip ASIC co-processor) [Sethu, para.0098].

Re Claim 20. Sethu discloses the method of claim 14, Sethu further discloses: wherein the detected different pattern of behavior indicates an activated malicious component (i.e. The antivirus engine configured to determine whether the malicious process is affecting the performance of the first process may be configured to apply one or more machine-learning procedures, trained using the pre-recorded hardware performance data representative of the normal behavior of the first process, to the current hardware performance data to determine whether the current hardware performance data for the hardware device executing the first process deviates from the pre-recorded hardware performance data for the first process) [Sethu, para.0020].

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 4, 12 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Sethumadhavan et al (US Pub.No.2016/0275289), hereinafter Sethu, in view of Chen et al. (US Patent No.9,824,243).

Re Claims 4, 12 and 19. Sethu discloses the features of claims 1, 8 and 14, Sethu does not explicitly disclose whereas Chen does: wherein a flag is set in response to the different pattern of behavior being detected (i.e. The SVM model includes the important samples on the boundary (noted as support vectors) with associated weights, and may be used to create a runtime classifier that monitors circuit behavior and flags patterns of bad behaviors by computing an outlier measure which identifies behavior that departs from the boundary by a specified threshold.) [Chen, Col.2].
	It would have been obvious to a person having ordinary skill in the art before the effective filing date of the invention to modify Sethu with Chen because by instrumenting the integrated circuit device to include the SVM model and runtime classifier, insecure circuit behavior can be flagged in the instrumented integrated circuit device during chip operations. In selected embodiments, the SVM security model that is stored on chip can be updated with the model derived from additional post-silicon training data to improve the model accuracy or shift the boundary space based on real applications [Chen, Col.2].

Pertinent prior art made of record, however not relied upon, includes:

Agerstam et al (US Pub.No.2019/0138423) discloses an apparatus includes a data interface to obtain first sensor data from a first sensor and second sensor data from a second sensor of a monitored system; a data analyzer to extract a feature based on analyzing the first and second sensor data using a model, the model trained based on historical sensor data, the model to determine the feature as a deviation between the first and second sensor data to predict a future malfunction of the monitored system; an anomaly detector to detect an anomaly in at least one of the first sensor data or the second sensor data based on the feature, the anomaly corresponding to the future malfunction of the monitored system; and a system applicator to modify operation of the monitored system based on the anomaly.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to NOURA ZOUBAIR whose telephone number is (571)270-7285. The examiner can normally be reached Monday - Friday.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on 571-272-3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/NOURA ZOUBAIR/Primary Examiner, Art Unit 2434