DETAILED ACTION
This communication is in response to Applicant’s Request for Continued Examination (RCE) filed 04/26/2022. Claims 1-2, 7, 11-12 and 17 have been amended, and claims 5-6, 10, 15-16 and 20 have been canceled. Claims 1-4, 7-9, 11-14, 17-19 and 21-22 are pending and directed towards SECURE REPROGRAMMING OF EMBEDDED PROCESSING SYSTEM. Claims 1-4, 7-9, 11-14, 17-19 and 21-22 are allowed.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 04/26/2022 has been entered.

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in an interview with Eric J. Baron (Reg. No. 56,025) on May 05, 2022.
The application has been amended as follows:

1. (Currently Amended) An embedded processing system comprising:
processing circuitry;
a memory system; and
a reprogramming control configured to:
authenticate a user associated with a reprogramming operation of the
embedded processing system;
receive transmitted cryptographic information comprising one or more
encryption parameters associated with the encrypted configuration item, wherein the
transmitted cryptographic information is received from a reprogramming system after an
authentication success indicator is sent to the reprogramming system and prior to receiving an encrypted configuration item from the reprogramming system;
receive the encrypted configuration item, wherein the embedded
processing system is a controller of a gas turbine engine, and the encrypted configuration
item comprises an application, the application comprising a sequence of executable
instructions configured to control operation of the gas turbine engine;
decrypt and authenticate the encrypted configuration item as a decrypted
and authenticated configuration item responsive to authenticating the user, wherein the
transmitted cryptographic information and stored cryptographic information are used to
decrypt the encrypted configuration item; and
store the decrypted and authenticated configuration item in the memory
system; and 
wherein the processing circuitry is configured to execute the application to control
the gas turbine engine after the decrypted and authenticated configuration item is stored in the memory system.

2. (Currently Amended) The embedded processing system of claim 1,
wherein the reprogramming control is further configured to authenticate the user based on
one or more user credentials received from the reprogramming system and user
authentication data stored in the embedded processing system.

5-6. (Cancelled)

7. (Currently Amended) The embedded processing system of claim 1,
wherein the transmitted cryptographic information is stored for a transaction duration
within the embedded processing system and erased upon completion of a load transaction, and the stored cryptographic information is retained after completion of the load transaction.

11. (Currently Amended) A method comprising:
authenticating, by a reprogramming control in an embedded processing system, a
user associated with a reprogramming operation of the embedded processing system;
receiving transmitted cryptographic information comprising one or more
encryption parameters associated with the encrypted configuration item, wherein the
transmitted cryptographic information is received from a reprogramming system after an
authentication success indicator is sent to the reprogramming system and prior to receiving an encrypted configuration item from the reprogramming system;
receiving the encrypted configuration item at the embedded processing system,
wherein the embedded processing system is a controller of a gas turbine engine, and the
encrypted configuration item comprises an application, the application comprising a
sequence of executable instructions configured to control operation of the gas turbine
engine;
decrypting and authenticating, by the reprogramming control, the encrypted
configuration item as a decrypted and authenticated configuration item responsive to
authenticating the user, wherein the transmitted cryptographic information and stored
cryptographic information are used to decrypt the encrypted configuration item;
storing the decrypted and authenticated configuration item in a memory system of
the embedded processing system; and
executing the application, by the embedded processing system, to control the gas
turbine engine after the decrypted and authenticated configuration item is stored in the
memory system.

12. (Currently Amended) The method of claim 11, further comprising:
authenticating the user based on one or more user credentials received from the
reprogramming system and user authentication data stored in the embedded processing
system. 

15-16. (Cancelled)

17. (Currently Amended) The method of claim 11, further comprising:
storing the transmitted cryptographic information for a transaction duration within
the embedded processing system; and
erasing the transmitted cryptographic information upon completion of a load
transaction while retaining the stored cryptographic information after completion of the
load transaction. 

Reasons for Allowance
The following is an examiner’s statement of reasons for allowance: 
The closest prior arts of record are Kim et al. US 2021/0012008 A1 and Skertic et al. US 2020/0204374A1.
Kim discloses a method of initiating a device managed by an authorized manager includes maintaining a security module connected to the device in hardware and an encrypted firmware image; loading the encrypted firmware image; confirming integrity of the encrypted firmware image by reading a header of the encrypted firmware image using a public key of the manager stored in the security module; decrypting an encrypted symmetric key in the encrypted firmware image by using the encryption key of the security module when the integrity of the encrypted firmware image is confirmed; decrypting encrypted firmware of the encrypted firmware image using the decrypted public key; and executing the decrypted firmware in the device.
Skertic discloses a method of communication, within a processing system of a gas turbine engine, between a first electronic component and a second electronic component, comprising: generating by the first electronic component, a request, comprising a digital certificate, intern comprising a first host public key and a first client public key, signed with a first host private key, to initiate a trusted communication session with a second electronic component; encrypting at the first electronic component, at least a portion of the request with a first client private key; transmitting the request to the second electronic component; the first host private key and the first host public key defining a first asymmetric keypair and the first client private key and the first client public key defining a second asymmetric keypair.
The prior arts of record fail to teach alone or in combination the limitation of independent claim 1 “receive transmitted cryptographic information comprising one or more encryption parameters associated with the encrypted configuration item, wherein the transmitted cryptographic information is received from a reprogramming system after an authentication success indicator is sent to the reprogramming system and prior to receiving an encrypted configuration item from the reprogramming system; receive an the encrypted configuration item, wherein the embedded processing system is a controller of a gas turbine engine, and the encrypted configuration item comprises an application, the application comprising a sequence of executable instructions configured to control operation of the gas turbine engine; decrypt and authenticate the encrypted configuration item as a decrypted and authenticated configuration item responsive to authenticating the user, wherein the transmitted cryptographic information and stored cryptographic information are used to decrypt the encrypted configuration item; and store the decrypted and authenticated configuration item in the memory system;” in combination with other claimed limitations. Independent claim 11 recite similar features.
Furthermore, the above additional elements in the claim provide meaningful limitations that transforms an abstract idea into patent eligible. The claim as a whole amounts to significantly more than the abstract idea itself. This is because the claim as a whole effect an improvement to another technology or technical field. The pending claims when taken as an ordered combination, result in the claims amounting to significantly more than the abstract idea and provide meaningful limitations beyond generally linking the use of the abstract idea to a particular technological environment.
None of the references of record alone, or in combination, anticipate or reasonably render the independent claims (1 and 11) obvious. For these reasons claims 1 and 11 are deemed to be allowable over the prior art of record, and claims 2-4, 7-9, 12-14, 17-19 and 21-22 are allowed by dependency.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KHALID M ALMAGHAYREH whose telephone number is (571)272-0179. The examiner can normally be reached Monday - Thursday 8AM-5PM EST & Friday variable.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, SALEH NAJJAR can be reached on (571)272-4006. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



Respectfully Submitted

/KHALID M ALMAGHAYREH/Examiner, Art Unit 2492                                                                                                                                                                                                        

/SALEH NAJJAR/Supervisory Patent Examiner, Art Unit 2492