Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Priority
Receipt is acknowledged of certified copies of papers required by 37 CFR 1.55.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 12/16/2020 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Specification
Applicant is reminded of the proper language and format for an abstract of the disclosure.
The abstract should be in narrative form and generally limited to a single paragraph on a separate sheet within the range of 50 to 150 words in length. The abstract should describe the disclosure sufficiently to assist readers in deciding whether there is a need for consulting the full patent text for details.
The language should be clear and concise and should not repeat information given in the title.  It should avoid using phrases which can be implied, such as, “The disclosure concerns,” “The disclosure defined by this invention,” “The disclosure describes,” etc.  In addition, the form and legal phraseology often used in patent claims, such as “means” and “said,” should be avoided.
The abstract of the disclosure is objected to because it repeats information given in the title (ln. 1). Correction is required.  See MPEP § 608.01(b).

The use of the terms “TrustZone” and “ARM” in [0014], which are trade names or marks used in commerce, has been noted in this application. The term should be accompanied by the generic terminology; furthermore the term should be capitalized wherever it appears or, where appropriate, include a proper symbol indicating use in commerce such as ™, SM , or ® following the term.
Although the use of trade names and marks used in commerce (i.e., trademarks, service marks, certification marks, and collective marks) are permissible in patent applications, the proprietary nature of the marks should be respected and every effort made to prevent their use in any manner which might adversely affect their validity as commercial marks.

The disclosure is objected to because of the following informalities:
[0014] “When a program classified into the secure world runs on the processor 125, the processor 125 becomes at a secure world state" should read “…processor 125 becomes a secure world state”
[0014] “When a program classified into the non-secure world runs on the processor 125, the processor 125 becomes at a non-secure world state" should read “…processor 125 becomes a non-secure world state”
[0023] “tempered” should read “tampered”
Appropriate correction is required.


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 1, 7-8, 14 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Diluoffo et al. (US-PGPUB 2013/0124840 A1) in view of Kato et al. (US-PGPUB 2018/0239896 A1), hereinafter Diluoffo and Kato.

	Regarding claim 1, Diluoffo discloses a read-only memory (320) and a one-time programmable circuit (322) which are configured within the electronic device and a flash memory externally coupled to the electronic device; (304)
starting and executing a reset handler of the read-only memory to load a specific initialization program code when a system of the electronic device is powered up; ([0038] “As part of the first stage of the boot up, the processor 316 retrieves the initial stage instructions 326 from the ROM 320.”)
using the specific initialization program code to initialize a decryption engine; (Fig. 3 #390 [0041] “As part of execution of the first stage firmware 330, the processor 316 enables the cryptographic processor 390…”)
obtaining a key from the one-time programmable circuit and loading the key into the decryption engine; ([0040] “As part of execution of the initial stage instructions, the processor 316 retrieves the cryptographic key needed for validation of the first stage firmware 330 from the location defined by the boot logic 328. In this example, the processor 316 retrieves the cryptographic key 334 from the programmable nonvolatile machine-readable medium 322.” And [0042] “the processor 316 may be required to retrieve a cryptographic key based on the definitions in the boot logic 328 (if a different cryptographic key is used for validating the second stage firmware 332).”)
reading a cipher text of the firmware from the flash memory; ([0041] “As part of execution of the first stage firmware 330, the processor 316 then retrieves the second stage firmware 332 from the reprogrammable nonvolatile-readable medium 304.”)
decrypting the cipher text of the firmware to generate a plain text of the firmware by using the decryption engine and the key; and ([0042] “the cryptographic processor 390 can perform a decryption of the second stage firmware 332 that is encrypted with the retrieved cryptographic key.”)
determining whether a secure boot procedure successfully completes according to the cipher text of the firmware and the plain text of the firmware. ([0042] “The processor 316 then instructs the cryptographic processor 390 to validate the second stage firmware 332. The cryptographic processor 390 can validate based on one or more cryptographic operations and cryptographic keys using the retrieved cryptographic key.”)

Diluoffo fails to disclose dividing an operating system environment of an electronic device into a secure world and a non-secure world.
 
However, Kato teaches dividing an operating system environment of an electronic device into a secure world and a non-secure world (Fig. 1, “Secure World” and “Non-Secure World (Normal World)”) 
wherein the secure world comprises a read-only memory (Fig. 2 #16, [0037]) and a one-time programmable circuit (Fig. 2 #15, [0037]) which are configured within the electronic device 
while the non-secure world comprises a flash memory externally coupled to the electronic device; (Fig. 2 #13m, [0037]). It is noted, (13m) is externally coupled to device (11) according to Fig. 2 in Kato. This corresponds with the device of the present invention.

Therefore, it would be obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Diluoffo to incorporate the teachings of Kato to include dividing an operating system environment of an electronic device into a secure world and a non-secure world. Such modification(s) would be motivated to prevent attacks against the secure world by restricting access of the secure world from the non-secure world. (Kato, [0005])

	Regarding claim 7, Diluoffo in view of Kato discloses the method of claim 1 as set forth above, wherein the decryption engine is one of a decryption engine hardware circuit, a decryption engine software program, and a hardware and software combined decryption engine. (Diluoffo, 390) 
It is noted, “one of” is an alternative form, and the prior art need only satisfy one limitation. In this case, Diluoffo teaches a hardware “Cryptographic Processor” component communicatively coupled through a communications bus 314 [0034].

	Regarding claim 8, Diluoffo discloses an electronic device capable of securely storing and loading a firmware, (Fig. 3)
the electronic device being externally coupled to a flash memory (304), and the electronic device comprises:
a read-only memory (320), for storing a specific initialization program code (326);
a one-time programmable circuit (322), for storing a key (334);
a decryption engine circuit (390), for decrypting the firmware ([0042] “the cryptographic processor 390 can perform a decryption of the second stage firmware 332 that is encrypted with the retrieved cryptographic key.”); and
a processor (316-318), coupled to the read-only memory, the one-time programmable circuit, and the decryption engine circuit (314), 
the processor based on a default/preset setting is arranged for starting and executing a reset handler of the read-only memory to perform boot up and start up ([0015] “Upon Power On Rest (POR), one or more processors can execute initial stage instructions from its embedded ROM...”)
and for loading an initialization program code when a system of the electronic device is powered up ([0038] “As part of the first stage of the boot up, the processor 316 retrieves the initial stage instructions 326 from the ROM 320.”), 
and using the initialization program code to initiate the decryption engine circuit; (Fig. 3 #390 [0041] “As part of execution of the first stage firmware 330, the processor 316 enables the cryptographic processor 390…”)
wherein the decryption engine circuit after being initialized is arranged for obtaining the key from the one-time programmable circuit and loading and configuring the key into the initialized decryption engine circuit, ([0042] “the cryptographic processor 390 can perform a decryption of the second stage firmware 332 that is encrypted with the retrieved cryptographic key.”)
reading a cipher text of the firmware from the flash memory, ([0041] “As part of execution of the first stage firmware 330, the processor 316 then retrieves the second stage firmware 332 from the reprogrammable nonvolatile-readable medium 304.”)
decrypting the cipher text of the firmware to generate a plain text of the firmware by using the key, and determining whether a secure boot procedure successfully completes according to the cipher text of the firmware and the plain text of the firmware. ([0042] “The processor 316 then instructs the cryptographic processor 390 to validate the second stage firmware 332. The cryptographic processor 390 can validate based on one or more cryptographic operations and cryptographic keys using the retrieved cryptographic key.”)

Dilluoffo fails to disclose a flash memory which belongs to a non-secure world of an operating system environment of the electronic device; 
the read-only memory belongs to a secure world of the operating system environment of the electronic device; 
the one-time programmable circuit belongs to the secure world of the operating system environment of the electronic device; 
the decryption engine circuit belongs to the secure world of the operating system environment of the electronic device. 

However, Kato teaches a flash memory which belongs to a non-secure world of an operating system environment of the electronic device; (Fig. 2 #13m, [0037])
the read-only memory belongs to a secure world of the operating system environment of the electronic device; (Fig. 2 #16, [0037])
the one-time programmable circuit belongs to the secure world of the operating system environment of the electronic device; (Fig. 2 #15, [0037])
the decryption engine circuit belongs to the secure world of the operating system environment of the electronic device. (Fig. 2 #11, [0037] “The platform 10 includes the processor 11 that is equipped with the security support function…”)

Therefore, it would be obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Diluoffo to incorporate the teachings of Kato to include a flash memory which belongs to a non-secure world of an operating system environment of the electronic device; the read-only memory belongs to a secure world of the operating system environment of the electronic device; the one-time programmable circuit belongs to the secure world of the operating system environment of the electronic device; the decryption engine circuit belongs to the secure world of the operating system environment of the electronic device. Such modification(s) would be motivated to prevent attacks against the secure world by restricting access of the secure world from the non-secure world. (Kato, [0005]).

	Regarding claim 14, Diluoffo in view of Kato discloses the device of claim 8 as set forth above, and the device of claim 14 performs the method of claim 7. Therefore, claim 14 is rejected over similar grounds as claim 7.

Regarding claim 15, the limitations are similar to that of claim 8, which are disclosed by Diluoffo in view of Kato as set forth above. However, claim 15 does not claim the limitation a decryption engine circuit, for decrypting the firmware. The limitations unique to claim 15, which are also disclosed by Diluoffo, are: 
wherein the processor is arranged for obtaining the key from the one-time programmable circuit, (Fig. 4 #410, [0052] “the processor retrieves (as part of execution of the initial stage instructions) the cryptographic key(s) from the secure storage location (either on-chip or
off-chip).”)
loading and configuring the key into a decryption engine software program, (Fig. 4 #414, [0054] “the processor performs (as part of execution of the initial stage instructions) the cryptographic operation (defined by the boot logic) of the first stage firmware using a retrieved cryptographic key.”)
reading a cipher text of the firmware from the flash memory, (Fig. 4 #412, [0053] “the processor retrieves (as part of execution of the initial stage instructions) a first stage firmware from an off-chip nonvolatile machine-readable storage medium.”)
using the key and the decryption engine software program to decrypt the cipher text of the firmware to generate a plain text of the firmware, ([0054] “For example, the processor 216 can generate a digital signature for comparison to a stored digital signature, perform any type of decryption, etc.”) and 
determining whether a secure boot procedure successfully completes according to the cipher text of the firmware and the plain text of the firmware. (Fig. 4 #416, [0055])
	Therefore, Diluoffo in view of Kato discloses the device of claim 15, on similar grounds as claim 8.

Claims 2, 4-6, 9 and 11-13 are rejected under 35 U.S.C. 103 as being unpatentable over Diluoffo in view of Kato as applied to claim 1 above, and further in view of Kim et al. (US-PGPUB 2021/0279334 A1), hereinafter Kim.

	Regarding claim 2, Diluoffo in view of Kato discloses the method of claim 1 as set forth above, and calculating a specific hash value according to the plain text of the firmware; (Diluoffo, [0041] “the processor 316 can generate a hash across an image of the first stage firmware 330.”)
and determining whether the secure boot procedure successfully completes by determining whether the specific hash value matches a hash value recorded in the cipher text of the firmware. (Diluoffo, Fig. 4 #416, [0055] “For example if the cryptographic operation is generation of a digital signature, the processor 216 can compare the generated digital signature to a digital signature that is stored with the first stage firmware 230.”) It is noted, Diluoffo also teaches “hash operations” may take the place of “digital signatures” [0050].

Diluoffo in view of Kato fails to disclose transmitting and storing information content of the plain text of the firmware into a secure storage region of the secure world. 
However, Kim teaches transmitting and storing information content of the plain text of the firmware into a secure storage region of the secure world; (Kim, [0057] “The firmware (FW) loader 312 of the kernel 310 may copy ( or load) the target firmware (FW) 392 to some area of the memory 390. For example, the target firmware 392 may be firmware of the first DSP 362. After loading, in order to prevent hacking of the target firmware 392 before performing verification on the target firmware 392, the hypervisor 330 may block access of the main processor 352, the first DSP 362, the IP 372, and the second DSP 382 to the memory 390 by controlling the second control area CSR2.”).
Therefore, it would be obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Diluoffo in view of Kato to incorporate the teachings of Kim to include transmitting and storing information content of the plain text of the firmware into a secure storage region of the secure world. Such modification(s) would be motivated to prevent hacking the target firmware before performing verification. (Kim, [0057] “…in order to prevent hacking of the target firmware 392 before performing verification…”)

	Regarding claim 4, Diluoffo in view of Kato and Kim discloses the method of claim 2 as set forth above, and reading a portion of the cipher text of the firmware from the flash memory; (Diluoffo, Fig. 4 #412)
decrypting the portion of the cipher text of the firmware to generate a portion of the plain text of the firmware by using the decryption engine and the key; (Diluoffo, Fig. 4 #414)
calculating the specific hash value according to content of the plain text of the firmware which has been read; and (Diluoffo, [0054] “For example, the processor 216 can generate a digital signature for comparison to a stored digital signature, perform any type of decryption, etc.”)
transmitting and storing information content of the portion of the plain text of the firmware into the secure storage region located within the secure world. (Kim, [0057] “The firmware (FW) loader 312 of the kernel 310 may copy ( or load) the target firmware (FW) 392 to some area of the memory 390. For example, the target firmware 392 may be firmware of the first DSP 362. After loading, in order to prevent hacking of the target firmware 392 before performing verification on the target firmware 392, the hypervisor 330 may block access of the main processor 352, the first DSP 362, the IP 372, and the second DSP 382 to the memory 390 by controlling the second control area CSR2.”)

	Regarding claim 5, Diluoffo in view of Kato and Kim discloses the method of claim 4 as set forth above, and after transmitting and storing the information content of the portion of the plain text of the firmware into the secure storage region located within the secure world, (Diluoffo, Fig. 4 #410 & Fig. 5 #510)
determining whether the portion of the cipher text of the firmware is a last portion of the cipher text of the firmware; (Diluoffo, Fig. 4-5 “First Stage Firmware” and “Second Stage Firmware”)
when the portion of the cipher text of the firmware is the last portion of the cipher text of the firmware, determining whether the specific hash value matches the hash value recorded in the cipher text of the firmware to determine whether the secure boot procedure successfully completes; (Diluoffo, Fig. 5 #514, [0062]) and 
when the portion of the cipher text of the firmware is not the last portion of the cipher text of the firmware, continuing to read a next portion of the cipher text of the firmware and using the decryption engine and the key to decrypt the next portion of the cipher text of the firmware (Diluoffo, Fig. 4 #410-412, [0052-0053]) 
so as to calculate the specific hash value according to the content of the plain text of the firmware which has been read. (Diluoffo, Fig. 4 #414, [0054]) 

	Regarding claim 6, Diluoffo in view of Kato and Kim discloses the method of claim 2 as set forth above, and wherein the information content of the plain text of the firmware is transmitted and stored into the secure storage region located within the secure world through a secure direct memory access channel or by using a memory copy operation. (Kim, [0057] “The firmware (FW) loader 312 of the kernel 310 may copy ( or load) the target firmware (FW) 392 to some area of the memory 390. For example, the target firmware 392 may be firmware of the first DSP 362. After loading, in order to prevent hacking of the target firmware 392 before performing verification on the target firmware 392, the hypervisor 330 may block access of the main processor 352, the first DSP 362, the IP 372, and the second DSP 382 to the memory 390 by controlling the second control area CSR2.”) 
It is noted, the prior art need only teach transmitting the plaint text of the firmware into the secure storage region through one of the following limitations: a secure direct memory access channel or by using a memory copy operation. In this case, Kim teaches “by using a memory copy operation.” 

	Regarding claims 9 and 11-13, Diluoffo in view of Kato discloses the device of claim 8 as set forth above, and the devices of claims 9 and 11-13 perform the methods of claims 2 and 4-6. Therefore, claims 9 and 11-13 are rejected over similar grounds as claims 2 and 4-6 respectively over Diluoffo in view of Kato and Kim, as set forth above.

Claims 3 and 10 is/are rejected under 35 U.S.C. 103 as being unpatentable over Diluoffo in view of Kato as applied to claims 1-2 and 7 above, and further in view of Froehlich et al. (US-PGPUB 2020/0089507 A1).

	Regarding claim 3, Diluoffo in view of Kato discloses the method of claim 2 as set forth above, but fails to disclose wherein when the specific hash value matches the hash value recorded in the cipher text of the firmware, it is determined that the secure boot procedure successfully completes; and, when the specific hash value does not match the hash value recorded in the cipher text of the firmware, it is determined that the secure boot procedure fails. 
However, Froehlich teaches wherein when the specific hash value matches the hash value recorded in the cipher text of the firmware, it is determined that the secure boot procedure successfully completes; ([0033] “Then the bootloader 6 calculates a firmware hash of the firmware image and compares it against the verified reference hash, whereas the bootloader 6 executes the firmware if the hash values match otherwise an error state is indicated.”)
and, when the specific hash value does not match the hash value recorded in the cipher text of the firmware, it is determined that the secure boot procedure fails. ([0033] “otherwise an error state is indicated. Any failed firmware signature verification is an indication of a corrupted or manipulated firmware image and requires special handling by the bootloader 6.”).
Therefore, it would be obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Diluoffo in view of Kato to incorporate the teachings of Froehlich to include wherein when the specific hash value matches the hash value recorded in the cipher text of the firmware, it is determined that the secure boot procedure successfully completes; and, when the specific hash value does not match the hash value recorded in the cipher text of the firmware, it is determined that the secure boot procedure fails. Such modification(s) would be motivated to detect if the firmware image has been corrupted or manipulated. (Froehlich, [0033] “Any failed firmware signature verification…”)

	Regarding claim 10, Diluoffo in view of Kato and Kim discloses the device of claim 9 as set forth above, and device of claim 10 performs the method of claim 3. Therefore, claim 10 is rejected over similar grounds as claim 3 as set forth above, over Diluoffo in view of Kato, Kim and Froehlich.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
US-PGPUB 2012/0072734 A1 – Regarding a method and apparatus for switching a platform firmware update mechanism located in a computer platform to a platform firmware armoring technology.
US-PGPUB 2021/0182398 A1 – Regarding a method for updating firmware, which includes receiving, at a device, an updated installation package.
US-PGPUB 2018/0034628 A1 – Regarding a secure programming system and method for provisioning and programming a target payload into a programmable device mounted in a programmer.
US Patent No. 6,715,085 B2 – Regarding initializing, maintaining, updating and recovering secure operation within an integrated system.
ARM Limited. "Security in an ARMv8 System." 2017. ARM Limited. Version 1.0.pp 1-12. – Regarding the security, the TRUSTZONE hardware architecture and the interaction of Normal and Secure worlds of an ARMv8-A system.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to JOSHUA NEIL GONZALES whose telephone number is (571)272-0286. The examiner can normally be reached 7:30-11:00 AM; 11:30 AM-5:30 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jorge L. Ortiz-Criado can be reached on (571) 272-7624. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/J.N.G./Examiner, Art Unit 2496                                                                                                                                                                                                        
/JORGE L ORTIZ CRIADO/Supervisory Patent Examiner, Art Unit 2496