DETAILED ACTION
Claims 1-4, 6, 11-13, 15 and 18-26 are pending in this action with claims 18-21 withdrawn from consideration.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Allowable Subject Matter
Claims 2-4, 6, 15 and 24 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Claim Objections
Claim 1 is objected to because of the following informalities:  “the on-chip network” lacks antecedent basis.  Appropriate correction is required.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.



The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1, 11-13, 22, 23, 25 and 26 are rejected under 35 U.S.C. 103 as being unpatentable over de Cesare et al. (US PGPUB No. 2016/0055102) [hereinafter “de Cesare”] in view of Sastry et al. (CN-104981815-A) [hereinafter “Sastry”].

A per claim 1, de Cesare teaches a system, comprising: a central processing unit (CPU) fabric communicatively coupled to a processor core ([0039], CPU on integrated circuit with multiple cores), the CPU fabric comprising a first storage location to store a first security identifier value ([0048]-[0050], source ID of requests made by SEP processor) see ([0020], source can be any other component on SOC, i.e. processors, memory, controllers, etc.); and a security engine, comprising: a processor to execute instructions ([0019], SEP processor which handles secure accesses to secure memory from CPU); and circuitry to: obtain a request from the processor core to perform a security function targeting a secure asset ([0020], request by CPU to SEP processor to perform secure functions); determine that access to the secure asset by the security function is authorized based on the security identifier ([0050], source ID restrictions on accessing data by SEP – access controlled by SEP in tandem with memory controller based on source ID); and allow the request to be issued over the on-chip network ([0050], allowing access request based on source ID).
	De Cesare does not explicitly teach the first security identifier value to indicate a security attribute associated with a processor core. Sastry teaches the first security identifier value to indicate a security attribute associated with a processor core (Page 8, para. 3-4, security attribute of initiator (SAI) associated with processor core type and also is specific to a particular system on chip (SOC)).
	At the time of filing, it would have been obvious to one of ordinary skill in the art to combine de Cesare with the teachings of Sastry, the first security identifier value to indicate a security attribute associated with a processor core, to control access to secure data based on particular processor cores in a multi-core system. 

As per claim 11, de Cesare teaches a method comprising: obtaining, by a security co-processor in a system-on-chip (SoC) (Abstract, a system-on-chip including a security co-processor), a request to perform a security function targeting a secure asset on an on-chip network of the SoC ([0020], a request is made to perform a security function targeting encryption keys, secure memory, etc.), the request obtained from a processor core of a host central processing unit (CPU) ([0020], request by CPU to SEP processor to perform secure functions or by the SEP processor to “control circuit” which in this case the SEP is another processor core and the control circuit acts as a security co-processor); and determining, by the security co-processor that access to the secure asset is authorized based on stored values of one or more security attributes identified by one or more security identifiers ([0050], “control circuit” implements source ID restrictions, i.e. ID restriction is an attribute, on accessing data by CPU thru the SEP).
De Cesare does not explicitly teach one or more security identifiers to indicate a security attribute associated with a processor core of a host CPU. Sastry teaches one or more security identifiers to indicate a security attribute associated with a processor core of a host CPU (Page 8, para. 3-4, security attribute of initiator (SAI) associated with processor core type and also is specific to a particular system on chip (SOC)).
	At the time of filing, it would have been obvious to one of ordinary skill in the art to combine de Cesare with the teachings of Sastry, one or more security identifiers associated with a processor core of a host CPU, to control access to secure data based on particular processor cores in a multi-core system.

As per claim 12, the combination of de Cesare and Sastry teaches the method of claim 11, further comprising: determining that access to the security asset by the security function is not authorized (de Cesare; [0020], determining if access request is a success/failure); and preventing issuing of the request over the on-chip network (de Cesare; [0020], result of request would be an indication of failure if authentication and access to data fails).

As per claim 13, the combination of de Cesare and Sastry teaches the method of claim 11, further comprising: obtaining, from a CPU fabric of the SoC, an indication of a security state of the host CPU (de Cesare; [0050], locking portions of the secure memory, i.e. locked state applied to CPU with respect to memory); and wherein determining that access to the secure asset by the security function is authorized comprises determining that the processor core is able to modify the stored values of the one or more security attributes associated with the processor core based on the indication of the security state of the host CPU (de Cesare; [0050], determining if locked which determines if the SEP address space can be read or modified by the SOC, i.e. host CPU).

As per claim 22, the combination of de Cesare and Sastry teaches the system of claim 1, wherein a security mechanism is extended to the security co-processor from a CPU fabric of the SoC (de Cesare; Fig. 1, SEP state code extended to SEP processor via fabric of SoC).

As per claim 23, the combination of de Cesare and Sastry teaches the system of claim 1, wherein the security co-processor is outside the CPU fabric and distinct from a host CPU on the CPU fabric (de Cesare; Fig. 1, SEP processor is connected to the CPU fabric but not inside it – it is inside the SoC and is distinct from the CPU).

As per claim 25, the combination of de Cesare and Sastry teaches the method of claim 11, wherein the request is provided by a processor core of a host central processing unit (CPU) (de Cesare; [0039], Processor encompasses one or more processor cores implemented on a single or multichip implementation). 

As per claim 26, the combination of de Cesare and Sastry teaches the method of claim 11, further comprising: determining that access to the security asset by the security function is not authorized (de Cesare; [0050], source ID restrictions on accessing data by SEP – access controlled by SEP in tandem with memory controller based on source ID) based on the security identifier associated with the processor core (Sastry; Page 8, para. 3-4, security attribute of initiator (SAI) associated with processor core type and also is specific to a particular system on chip (SOC)); and preventing issuance of the request over the on-chip network (de Cesare; [0050], allowing or denying access request based on source ID).

Response to Arguments
Examiner notes that the claim objection to claim 1 was not addressed and suggests changing the “the” to an “an” in the phrase “the on-chip network” appearing in line 14 of claim 1.

Applicant's arguments with respect to the rejection of claims 1, 11-13, 22, 23, 25 and 26 under 35 U.S.C. 102 and 103 have been fully considered but are moot in light of the newly introduced reference, Sastry.

To expedite prosecution, Examiner is open to conducting an after-final interview to discuss claim amendments to overcome the current rejection and/or to place the application in condition for allowance.

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Ding et al. (CN-105245543-A) and Liu et al. (CN-113988282-A), Kornaros et al. ("Hardware Support for Cost-Effective System-Level Protection in Multi-core SoCs," 2015 Euromicro Conference on Digital System Design, 2015, pp. 41-48, doi: 10.1109/DSD.2015.65), Knirsch et al. ("Prioritized access arbitration to shared resources on integrated software systems in multicore environments," 2012 IEEE 3rd International Conference on Networked Embedded Systems for Every Application (NESEA), 2012, pp. 1-8, doi: 10.1109/NESEA.2012.6474014) and Vaslin et al., "Memory security management for reconfigurable embedded systems," 2008 International Conference on Field-Programmable Technology, 2008, pp. 153-160, doi: 10.1109/FPT.2008.4762378), all disclose access/security attributes associated with processor cores.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to PETER C SHAW whose telephone number is (571)270-7179.  The examiner can normally be reached on Max Flex.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached on 571-272-3862.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/PETER C SHAW/Primary Examiner, Art Unit 2493                                                                                                                                                                                                        June 16, 2022