DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statements (IDSs) submitted on 12/30/2019 and 7/13/2019 have been entered and considered by the examiner.  

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.



Claims 1-3 and 11 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Galula et al  (EP3113529) IDS provided by Applicant.
Regarding claims 1 and 11, Galula teaches an abnormality detection apparatus/method for a mobility entity and for detecting an abnormality in a network system, the network system including a first network and a second network that use different communication protocols (Abstract; Figs. 1C and 2), the abnormality detection apparatus/method comprising:
a first communication circuit that receives state information indicating a state of the mobility entity, the state information being acquired from the second network (Figs. 1C, 5, and 8; Paras. 0034, 0038, 0060, 0108, and 0139-0144; A plurality of contexts may be defined, known or identified by a system and method according to some embodiments of the invention. Table 590 shown an exemplary set of contexts; terms "vehicle context", "network context", "nodes context" or simply "context" as referred to herein may relate to a state, configuration or any operational or functional aspects of one or more of: a vehicle, an in-vehicle network, and/or one or more nodes connected to the in-vehicle network; i.e. context would be identified for the various components on the CAN bus 61, such as the engine control to determine if the car is accelerating);
a second communication circuit that transmits and receives a first frame according to a communication protocol used in the first network (Figs. 1C, 5, and 8; Paras. 0060, 0108, and 0139-0144; SEU 40A may operate in accordance with an embodiment of the invention to monitor CAN messages that are transmitted between high-speed bus CAN 61 and CAN gateway 80 and to detect anomalous messages that are transmitted to pass through CAN gateway 80 from one to the other of buses CAN 61 and CAN 71; i.e. CAN 71 would transmit messages to and from CAN 61 through gateway 80 where CAN 71 would read on the first network);
a memory that stores an abnormality detection rule; and a processor that, in operation, performs operations including (Figs. 1C, 2, 5, and 8; Paras. 0060, 0108, and 0139-0144; i.e. Fig. 2 shows the processor and memory for rules (45) that are part of the SEU 40A that detects anomalous messages):
detecting, based on the state information and the abnormality detection rule, whether a control command included in the first frame received by the second communication circuit is abnormal (Figs. 1C, 5, and 8; Paras. 0060, 0067, 0108, and 0139-0144; Processor 41 may process a message it receives via port 42 or port 52 in accordance with computer executable instructions stored in a memory 45 and data optionally stored in a data memory 46 to determine if the message is an anomalous message and optionally in accordance with a vehicle context during which the message is received; i.e. the context/state information along with the rule in memory 45 would determine if the message was anomalous); and 
in a case where the processor detects that the control command is abnormal, prohibiting the control command from being transmitted (Figs. 1C, 5, and 8; Paras. 0060-0061, 0067, 0108, and 0139-0144; An SEU 40 may, in response to detecting an anomalous message, operate to undertake any of various response actions to protect system 60 (or the network and components therein) from possible damage by the anomalous message. Response actions may, by way of example, include: blocking the message, delaying the message; limiting the frequency of the message, logging the message into a memory included in an SEU 40; and/or raising an alert responsive to the message; i.e. blocking a message would read on the command not being transmitted).
Regarding claim 2, Galula teaches the limitations of the previous claims.  Galula further teaches wherein the abnormality detection rule includes a first rule indicating a control command allowed in each of a plurality of different states of the mobility entity, and the operations further include: in a second case where the state of the mobility entity indicated by the state information is not included in any one of the plurality of states, for which the first rule indicates the allowed control command, detecting that the control command is abnormal (Figs. 1C, 5, and 8; Paras. 0034-0038, 0060, 0108, and 0139-0144; Anomalous messages and/or messages related to an anomaly as referred to herein may be messages that include content (or signal) that is different from an expected content or signal. Detecting or identifying anomalous messages and/or messages related to an anomaly may be according to a context as described. For example, and as further described herein, an embodiment of the invention may identify an anomaly by determining a context and comparing or relating timing values and/or content of one or more messages to expected timing values and content, e.g., expected for a specific context; i.e. if the value related to the context is outside the threshold, it is deemed anomalous).  
Regarding claim 3, Galula teaches the limitations of the previous claims.  Galula further teaches wherein the control command causes the mobility entity to execute at least one of moving forward, turning, and stopping (Figs. 1C, 5, and 8; Paras. 0108 and 0240; a sudden rise in rpm that may, in some cases, cause an SEU to determine an anomaly was detected may be regarded, by the SEU, as normal or non-anomalous if, immediately after a message that informs the SEU of the sudden rise in rpm is received, a message informing the SEU of a sudden large difference in values received from the oil pressure control unit or a message indicating an acceleration are received; i.e. a message can be received to accelerate/move forward faster).  

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claims 4-10 are rejected under 35 U.S.C. 103 as being unpatentable over Galula et al  (EP3113529) IDS provided by Applicant in view of Kim et al (US 2015/0229741 A1) IDS provided by Applicant.
Regarding claim 4, Galula teaches the limitations of the previous claims.  Galula further teaches the second network is according to CAN protocol, the first communication circuit receives the state information by receiving a CAN frame including the state information, the abnormality detection rule includes a first rule for detecting whether the CAN frame is abnormal, and the operations further include: in a second case where the processor detects that the CAN frame is abnormal, prohibiting the control command from being transmitted (Figs. 1C, 5, and 8; Paras. 0034, 0038, 0060, 0108, and 0139-0144; A plurality of contexts may be defined, known or identified by a system and method according to some embodiments of the invention. Table 590 shown an exemplary set of contexts; terms "vehicle context", "network context", "nodes context" or simply "context" as referred to herein may relate to a state, configuration or any operational or functional aspects of one or more of: a vehicle, an in-vehicle network, and/or one or more nodes connected to the in-vehicle network; i.e. context would be identified for the various components on the CAN bus 61, such as the engine control to determine if the car is accelerating).  
However, while Galula teaches the use of ethernet, Bluetooth, and WiFi and that an intruder or hacker is sending malicious messages over the in-vehicle network (Para. 108) which would indicate an intrusion from outside the wired network of the car and the intrusion would be over the wireless network which would include ethernet communication, he does not specifically disclose wherein the first network is according to Ethernet protocol.
Kim teaches in-vehicle communication and, more particularly, a signal conversion method in a vehicle having Ethernet and controller area network (CAN) communication coexisting therein (Abstract).  He further teaches wherein the first network is according to Ethernet protocol (Fig. 2B; Para. 0003; present invention relates to in-vehicle communication and, more particularly, to a signal conversion method within a vehicle having Ethernet and controller area network (CAN) communication coexisting therein and an apparatus to perform the signal conversion method). 
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings as in Kim with the teachings as in Galula.  The motivation for doing so would have been to improve conversion efficiency (Kim at para. 0041).
Regarding claim 5, Galula teaches the limitations of the previous claims.  Galula further teaches the second network is according to CAN protocol, and the first communication circuit receives an Ethernet frame in which a CAN frame indicating the state information is included (Figs. 1C, 5, and 8; Paras. 0034, 0038, 0060, 0108, and 0139-0144; A plurality of contexts may be defined, known or identified by a system and method according to some embodiments of the invention. Table 590 shown an exemplary set of contexts; terms "vehicle context", "network context", "nodes context" or simply "context" as referred to herein may relate to a state, configuration or any operational or functional aspects of one or more of: a vehicle, an in-vehicle network, and/or one or more nodes connected to the in-vehicle network; i.e. context would be identified for the various components on the CAN bus 61, such as the engine control to determine if the car is accelerating).  
However, while Galula teaches the use of ethernet, Bluetooth, and WiFi and that an intruder or hacker is sending malicious messages over the in-vehicle network (Para. 108) which would indicate an intrusion from outside the wired network of the car and the intrusion would be over the wireless network which would include ethernet communication, he does not specifically disclose wherein the first network is according to Ethernet protocol.
Kim teaches in-vehicle communication and, more particularly, a signal conversion method in a vehicle having Ethernet and controller area network (CAN) communication coexisting therein (Abstract).  He further teaches wherein the first network is according to Ethernet protocol (Fig. 2B; Para. 0003; present invention relates to in-vehicle communication and, more particularly, to a signal conversion method within a vehicle having Ethernet and controller area network (CAN) communication coexisting therein and an apparatus to perform the signal conversion method). 
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings as in Kim with the teachings as in Galula.  The motivation for doing so would have been to improve conversion efficiency (Kim at para. 0041).
Regarding claim 6, the combination of references Galula and Kim teach the limitations of the previous claims.  Galula further teaches the plurality of CAN frames including the CAN frame indicating the state information, the abnormality detection rule includes a first rule for detecting whether each of the plurality of CAN frames is abnormal, the plurality of CAN frames includes identifiers that are different depending on frame type, the first rule indicates allowable CAN frame reception period ranges corresponding to the identifiers, and the operations further include: detecting an abnormality based on reception times corresponding to CAN frames having a same identifier such that, in a second case where a difference between a first reception time of a first CAN frame of the plurality of CAN frames and a second reception time of a second CAN frame of the plurality of CAN frames received one frame before the first CAN frame is out of an associated allowable CAN frame reception period range indicated by the first rule, the first CAN frame is abnormal (Figs. 1C, 5, and 8; Paras. 0034, 0038, 0060, 0108, and 0139-0144; A plurality of contexts may be defined, known or identified by a system and method according to some embodiments of the invention. Table 590 shown an exemplary set of contexts; terms "vehicle context", "network context", "nodes context" or simply "context" as referred to herein may relate to a state, configuration or any operational or functional aspects of one or more of: a vehicle, an in-vehicle network, and/or one or more nodes connected to the in-vehicle network; i.e. context would be identified for the various components on the CAN bus 61, such as the engine control to determine if the car is accelerating. Kim shows that multiple CAN messages can be put into a single ethernet message and Galula shows that each CAN messages context is compared to the rules to determine if it is abnormal or not and that there is a time period where the messages need to be received).   Kim further teaches wherein the Ethernet frame includes a plurality of CAN frames (Fig. 2B; Para. 0029; p data link region may be provided to map a plurality of signals into one message).  Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings as in Kim with the teachings as in Galula.  The motivation for doing so would have been to improve conversion efficiency (Kim at para. 0041).
Regarding claim 7, the combination of references Galula and Kim teach the limitations of the previous claims.  Galula further teaches wherein the first rule further indicates allowable amounts of change corresponding to the identifiers, the allowable amounts of change determined from a data value of a CAN frame immediately previous to a current CAN frame, and the operations further include: detecting an abnormality such that, in a third case where a difference of a first data value of the first CAN frame from a second data value of the second CAN frame is greater than an associated allowable amount of change indicated by the first rule, the first CAN frame is abnormal (Figs. 1C, 5, and 8; Paras. 0071-0074, 0108, and 0240; a sudden rise in rpm that may, in some cases, cause an SEU to determine an anomaly was detected may be regarded, by the SEU, as normal or non-anomalous if, immediately after a message that informs the SEU of the sudden rise in rpm is received, a message informing the SEU of a sudden large difference in values received from the oil pressure control unit or a message indicating an acceleration are received).  
Regarding claim 8, the combination of references Galula and Kim teach the limitations of the previous claims.  Galula further teaches wherein the operations further include: acquiring, as the abnormality detection rule, rules associated with the identifiers, and detecting that the CAN frame that indicates the state information is abnormal based on the abnormality detection rule (Figs. 1C, 5, and 8; Paras. 0010, 0071-0074, 0108, and 0240; a plurality of messages communicated on the in-vehicle communication network and having the same message identifier or identification (ID) value, and may calculate an average time lapse for the ID value. Based on relating the average time lapse to a threshold, the controller may determine at least one message included in the plurality of messages is related to an anomaly and may perform at least one action related to the anomaly).  
Regarding claim 9, the combination of references Galula and Kim teach the limitations of the previous claims.  Galula further teaches wherein the Ethernet frame includes a plurality of CAN frames, the plurality of CAN frames including the CAN frame indicating the state information, the abnormality detection rule includes a first rule for detecting whether each of the plurality of CAN frames is abnormal, the plurality of CAN frames includes identifiers that are different depending on frame type, the first rule indicates unallowable CAN frame reception period ranges corresponding to the identifiers, and the operations further include: detecting an abnormality based on reception times corresponding to CAN frames having a same identifier such that, in a second case where a difference between a first reception time of a first CAN frame of the plurality of CAN frames and a second reception time of a second CAN frame of the plurality of CAN frames received one frame before the first CAN frame is within an associated unallowable CAN frame reception period range indicated by the first rule, the first CAN frame is abnormal (Figs. 1C, 5, and 8; Paras. 0010, 0071-0074, 0108, and 0240; a plurality of messages communicated on the in-vehicle communication network and having the same message identifier or identification (ID) value, and may calculate an average time lapse for the ID value. Based on relating the average time lapse to a threshold, the controller may determine at least one message included in the plurality of messages is related to an anomaly and may perform at least one action related to the anomaly).  Kim further teaches wherein the Ethernet frame includes a plurality of CAN frames (Fig. 2B; Para. 0029; p data link region may be provided to map a plurality of signals into one message).  Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings as in Kim with the teachings as in Galula.  The motivation for doing so would have been to improve conversion efficiency (Kim at para. 0041).
Regarding claim 10, the combination of references Galula and Kim teach the limitations of the previous claims.  Galula further teaches wherein the first rule further indicates unallowable amounts of change corresponding to the identifiers, the unallowable amounts of change determined from a data value of a CAN frame immediately previous to a current CAN frame, and the operations further include: detecting an abnormality such that, in a third case where a difference of a first data value of the first CAN frame from a second data value of the second CAN frame is within an associated unallowable amount of change indicated by the first rule, the first CAN frame is abnormal. (Figs. 1C, 5, and 8; Paras. 0071-0074, 0108, and 0240; a sudden rise in rpm that may, in some cases, cause an SEU to determine an anomaly was detected may be regarded, by the SEU, as normal or non-anomalous if, immediately after a message that informs the SEU of the sudden rise in rpm is received, a message informing the SEU of a sudden large difference in values received from the oil pressure control unit or a message indicating an acceleration are received).  
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KENT KRUEGER whose telephone number is (303)297-4238.  The examiner can normally be reached on M-F 8:00-5:00 MT.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Michael Thier can be reached on (571) 272-2832.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/KENT KRUEGER/Primary Examiner, Art Unit 2474