DETAILED ACTION
This Office Action is in response to the Amendment filed on 05/09/2022.
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the instant Amendment, filed on 05/09/2022, claims 1 and 12, have been amended; claim 10 has been cancelled. 
Claims 1-9 and 11-14 have been examined and are pending in this application. Claims 1 and 12 are independent.  This Action is made FINAL.
Response to Arguments/Remarks
As to the objection to the drawing, Fig 1-4, the objection is maintained as the Applicant has not submitted Replacement Sheet with corrected drawings.
The Applicant has stated that since paragraph [0030]-[0033] provide information on the drawings, “texts describing names/labels for each numerically labeled components” should be unnecessary for understanding the drawings or the related disclosure. Additionally, the Applicant submitted that amending the drawings to include text for each depicted feature is unfeasible given the high level of detail provided in the drawings, especially FIG. 1 (Applicant Arguments/Remarks, 05/09/2022, page 7).
The Examiner respectfully traverses the Applicant’s arguments regarding the drawings. The Examiner respectfully submits that the applicant has not made any attempt to make any correction to Fig 2-4, and at least labeling the major elements, if not all the elements, of the Fig 1, which could not have been very difficult to make.
The Examiner disagrees with the Applicants on the issue of texts describing names/labels “should be unnecessary.” Going back and forth reading the paragraphs of the disclosures to identify the elements in the drawings, to understand the drawing is not easy simple task, and certainly does not provide the Examiner assistance in proper examination process, and does not provide the public an ease to understand the claimed invention. The Applicant cited four paragraphs [0030]-[0033] of the disclosure does not provide any information on the elements/components depicted on the drawings, but just list the drawing and recites a generic function that the drawings are directed to. 
The Examiner respectfully submits that the Applicant has not made any attempt to make any correction to Fig 2-4, and at least labeling the major elements of the Fig 1, which could not have been very difficult to make.
In accordance with 37 C.F.R. § 1.84 (o), the Examiner request that applicant include legend/label of the elements/components for Fig 2-4, and for some of the main elements/components for Fig 1, for better understanding of the drawing. 37 C.F.R. § 1.84 (o), cites, “Suitable descriptive legends may be used subject to approval by the Office, or may be required by the examiner where necessary for understanding of the drawing. They should contain as few words as possible,” for maintaining standard for drawings (emphasis added).

Applicants’ arguments in the instant Amendment, filed on 05/09/2022, with respect to the prior-art rejections to claims 1-9 and 11-14, and limitations listed below, have been fully considered but they are not persuasive.
Applicant’s Remarks: As to independent claim 1, the Applicant submits that applied prior does not teach the limitations, specifically, limiattion reciting the fetures of “Log” and “protocol,” of the former dependent claim 10 those have been inccorporated to the all base claim (Applicant Arguments/Remarks, 05/09/2022, pages 8-9).
The Examiner disagrees with the Applicants. The Examiner respectfully submits that applied PriorArt teaches the addressed limitation. One in to one of ordinary skill in the art would understand that a “protocol” is, in the area of invention, a technical configuration/setup or standard rules in computer communication. The claim does not refine as to what specific type of protocol is that the claim is directed to. Also, there is no refine limitation as to what specific process and structure is used for “log.”  Without any refine limitation, “logs the communication” would broadly mean, keep information on at least some pieces of the communication information. Applied reference, Alderucci, is used in the rejection for the detail mapping of these limitations. Please see rejection section.
Drawing Objections
The drawings associated with figures 1-4, are maintained incorporated with the description addressed in the non-final office action, mailed out on 01/07/2022.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

Claims 1-9 and 11-14 are rejected under 35 U.S.C. 103 as being unpatentable over Alderucci et al (“Alderucci,” US 2008/0113785, published on 05/15/2008), in view of Deuser et at (“Deuser” DE 102012109348 [English Translation], published on 04/03/2014).
As to claim 1, Alderucci teaches a method for secure communication between a field device in automation technology and an end device connected to the field device via an end device communication link (Alderucci: pars 0115-0117; Fig 1, teaches an authentication process for allowing services on a gaming communication device [i.e. field device], where a authentication device [i.e. and end device] transmit the authentication information, and a remote computer or service provider [i.e. an authentication server] performs the authentication) the method comprising: 
storing an individual access code in the end device (Alderucci: pars 0115-0117; Fig 1, discloses an authentication device [i.e. end device] in form of card/smart card that stores user authentication information, including an authentication token [i.e. individual access code], for authenticating user); 
transmitting the access code from the end device to the field device (Alderucci: pars 0115-0117; Fig 1, the stored user authentication information or the authentication token [i.e. individual access code] is transmitted form the authentication device [i.e. end device] to the gaming communication device [i.e. field device], for authenticating user);
connecting the field device to an authentication server via a server communication link (Alderucci: pars 0115-0117; Fig 1, a remote computer or service provider [i.e. an authentication server] is connected with the gaming communication device over communication network); 
using the field device to transmit the access code or an access code derived from the access code to the authentication server (Alderucci: pars 0114-0117; Fig 1, the authentication data is communicated [i.e. transmitted] to the remote computer or service provider [i.e. an authentication server] for authentication); 
storing authentication data on the authentication server, on the basis of which the authenticity of the access code is checked on the authentication server (Alderucci: pars 0114-0117; Fig 1, the remote computer or service provider [i.e. an authentication server] verifies the received authentication/identity-verification data with the previously stored authentication/identity-verification data to find match);
 transmitting the resulting authentication result from the authentication server via the server communication link to the field device (Alderucci: pars 0114-0117; Fig 1, the gaming communication device detecting a signal [i.e. result of authentication] from the authentication device over communication link for allowing user accessing service on the gaming communication device); and 
depending on the authentication result transmitted to the field device, making resources of the field device available (Alderucci: pars 0114-0117; Fig 1, the gaming communication device allowing user accessing service on the gaming communication device based on the detected signal from the authentication device).
wherein the field device at least partially logs the communication with the end device in a protocol such that influences on the field device can be traced; and wherein the protocol is transmitted to the authentication server upon completion of the communication and the protocol is stored or the authentication server, or is continuously transmitted to the authentication server during communication and the protocol is stored on the authentication server (Alderucci: pars 0067, 0104; object methods or behaviors of a database is used to implement various processes [i.e. communication logs and protocol], where the database is stored locally or remotely from a device. Par 0117, data used for the comparison is limited to being stored to areas only within the user's control, such as areas other than the authentication device).
Warren does not explicitly teach wherein the field device has a cause-effect relationship with a physical process and the field device can be connected via a field bus interface to other field devices and/or a process control system for the exchange of process information; and resources available to the end device. 
However, in an analogous art, Deuser teaches wherein the field device has a cause-effect relationship with a physical process and the field device can be connected via a field bus interface to other field devices and/or a process control system for the exchange of process information; and resources available to the end device (Deuser:  pars 0007, 0012, 0015; Fig 1, an automation technology for a set of field devices. Where the filed devices are connected with operating units (BE) [i.e. end device] over wireless or direct connection to a filed bus, providing one or more work stations for operating, monitoring, and managing by the specific filed devices, based on the access rights and availability associated with the user role).
wherein the field device at least partially logs the communication with the end device in a protocol such that influences on the field device can be traced: and wherein the protocol is transmitted to the authentication server upon completion of the communication and the protocol is stored or the authentication server, or is continuously transmitted to the authentication server during communication and the protocol is stored on the authentication server.
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Deuser with the apparatus of Alderucci for the benefit of providing a user with a means for performing an  automation process using set of field devices that are connected over a bus, and user can access to the specific filed bus based on the access rights and availability associated with the user role, from a user device performing as an end device (Deuser: pars 0007, 0024-0025 ).
As to claim 2, the combination of Alderucci and Deuser teaches the method according to claim 1,
Alderucci further teaches wherein an individual end device name and an individual end device password are stored as an individual access code; and/or wherein the individual access code has an individual username and an individual user password of a user of the end device connected to the field device (Alderucci: pars 0115-0117; Fig 1, discloses an authentication device [i.e. end device] in form of card/smart card that stores user authentication information, including an authentication token [i.e. individual access code],  for authenticating user).
As to claim 3, the combination of Alderucci and Deuser teaches the method according to claim 1, 
Alderucci further teaches wherein the address of the authentication server is stored in the field device and the server communication link is established using the address of the authentication server (Alderucci: pars 0114-0117; Fig 1, the gaming communication device [i.e. field device] is connected and communicates with the remote computer or service provider).
As to claim 4, the combination of Alderucci and Deuser teaches the method according to claim 1, 
Alderucci further teaches wherein cryptographic means are stored in the field device and in the authentication server, which means allow the field device and the authentication server to exchange encrypted data with one another; wherein the field device with its cryptographic means derives an encrypted derived access code from the access code and transmits it to the authentication server; and that wherein the authentication server with its cryptographic means decrypts the encrypted derived access code to the access code (Alderucci: pars 0114-0117, user authentication data is encrypted before transmitting over  communication  channel).
As to claim 5, the combination of Alderucci and Deuser teaches the method according to claim 1, 
Alderucci further teaches wherein the authentication data of the authentication server also includes scopes of rights associated with an access code; and wherein the authentication result transmitted by the authentication server to the field device also includes the scopes of rights associated with an access code (Alderucci: pars 0114-0117; Fig 1, the gaming communication device allowing user accessing service on the gaming communication device based on the detected signal from the authentication device that is provided based on the verification of the access information/token).
As to claim 6, the combination of Alderucci and Deuser teaches the method according to claim 5, 
Deuser further teaches wherein a scope of rights is one of the following scope of rights: read access only, restricted read access, write access, restricted write access, function request; and wherein the scope of rights is provided with a parameter list and/or function list (Deuser:  pars 0007, 0012, 0015, 0024-0026, providing one or more work stations for operating, monitoring, and managing by the specific  filed devices, based on the access rights and availability associated with the user role. Where the access role parameters are read, write, and also, as an added option, the functional capability of change access role).
As to claim 7, the combination of Alderucci and Deuser teaches the method according to claim 5, 
Deuser further teaches wherein the scopes of rights designate groups of sub-rights; wherein the definitions of the groups of sub-rights are either stored on the field device or stored on the authentication server and are transmitted to the field device upon request; and wherein possible groups of sub-rights are user, operator, expert, service, factory (Deuser: pars 0007, 0017-0018, 0020 the access role parameters assigned to users are  stored in a LDAP server using a role parameter matrix (RP). As an option, role parameter matrix (RP) is stored locally on the corresponding field device).
As to claim 8, the combination of Alderucci and Deuser teaches the method according to claim 1, 
Alderucci further teaches wherein the authentication data of the authentication server also includes session attributes associated with an access code; wherein the authentication result transmitted from the authentication server to the field device also includes the session attributes associated with an access code; and wherein a session attribute includes at least one of: session language, session duration, absolute session time, number of session accesses, session interface (Alderucci: pars 0091, 0093, 0096, 0127, maintains and monitors established session periodically, and connected device location relative to the service provider).
As to claim 9, the combination of Alderucci and Deuser teaches the method according to claim 5, 
Deuser further teaches wherein the field device provides the end device with an individualized user interface and the user interface is individualized on the basis of the scopes of rights and/or the session attributes; and wherein the field device provides the end device with the individualized user interface by means of an individualized web server or the field device individualizes the user interface of a physical display of the field device itself (Deuser:  pars 0007, 0012, 0015, 0024-0026, providing one or more work stations for operating, monitoring, and managing by the specific  filed devices, based on the access rights and availability associated with the user role. Where the access role parameters are read, write, and also, as an added option, the functional capability of change access role).
As to claim 11, the combination of Alderucci and Deuser teaches the method according to claim 1, 
Alderucci further teaches wherein the end device communication link and/or the server communication link is/are designed according to one of the following technologies: Bluetooth, wireless local area network, infrared, Ethernet (Alderucci: pars 0115-0117; Fig 1, the gaming communication device [i.e. field device], the authentication device [i.e. and end device], and the remote computer or service provider [i.e. an authentication server] are connected over network conations).
As to claim 12, Alderucci teaches system for secure communication, comprising: 
a field device of automation technology; and an authentication server (Alderucci: pars 0115-0117; Fig 1, teaches an authentication process for allowing services on a gaming communication device [i.e. a field device], where a authentication device [i.e. an end device] transmit the authentication information, and a remote computer or service provider [i.e. an authentication server] performs the authentication);
wherein the field device includes data processing electronics, wherein the field device is configured to be connected to an end device via an end device communication interface (Alderucci: pars 0115-0117; Fig 1, the authentication device [i.e. end device] is connected with to the gaming communication device [i.e. field device], which includes processor and memory, for the stored user authentication information or the authentication token [i.e. individual access code] to the gaming communication device); and 
wherein the field device is connected to the authentication server via a server communication interface (Alderucci: pars 0115-0117; Fig 1, a remote computer or service provider [i.e. an authentication server] is connected with the gaming communication device over communication network); 
wherein the data processing electronics is designed to receive an individual access code of the connected end device via the end communication interface (Alderucci: pars 0115-0117; Fig 1, the stored user authentication information or the authentication token [i.e. individual access code] is transmitted form the authentication device [i.e. end device] to the gaming communication device [i.e. field device], for authenticating user); 
wherein the data processing electronics is designed to transmit the access code or an access code derived from the access code to the authentication server via the server communication interface (Alderucci: pars 0114-0117; Fig 1, the authentication data is communicated [i.e. transmitted] to the remote computer or service provider [i.e. an authentication server] for authentication); 
wherein authentication data is stored on the authentication server, on the basis of which the authenticity of the access code is checked on the authentication server (Alderucci: pars 0114-0117; Fig 1, the remote computer or service provider [i.e. an authentication server] verifies the received authentication/identity-verification data with the previously stored authentication/identity-verification data to find match); 
wherein the data processing electronics is designed to receive an authentication result determined by the authentication server via the server communication interface (Alderucci: pars 0114-0117; Fig 1, the gaming communication device detecting a signal [i.e. result of authentication] from the authentication device over communication link for allowing user accessing service on the gaming communication device); and 
wherein the data processing electronics is designed such that it makes resources of the field device available [ ] depending on the received authentication result (Alderucci: pars 0114-0117; Fig 1, the remote computer or service provider [i.e. an authentication server] verifies the received authentication/identity-verification data with the previously stored authentication/identity-verification data to find match).
wherein the field device at least partially logs the communication with the end device in a protocol such that influences on the field device can be traced; and wherein the protocol is transmitted to the authentication server upon completion of the communication and the protocol is stored or the authentication server, or is continuously transmitted to the authentication server during communication and the protocol is stored on the authentication server (Alderucci: pars 0067, 0104; object methods or behaviors of a database is used to implement various processes [i.e. communication logs and protocol], where the database is stored locally or remotely from a device. Par 0117, data used for the comparison is limited to being stored to areas only within the user's control, such as areas other than the authentication device).
Warren does not explicitly teach wherein the field device has a cause-effect relationship with a physical process and the field device is configured to be connected to other field devices and/or a process control system; Communication interface different from the field bus interface; and resources available to the end device. 
However, in an analogous art, Deuser teaches wherein the field device has a cause-effect relationship with a physical process and the field device is configured to be connected to other field devices and/or a process control system; Communication interface different from the field bus interface; and resources available to the end device (Deuser:  pars 0007, 0012, 0015; Fig 1, an automation technology for a set of field devices. Where the filed devices are connected with operating units (BE) [i.e. end device] over wireless or direct connection to a filed bus, providing one or more work stations for operating, monitoring, and managing by the specific filed devices, based on the access rights and availability associated with the user role).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Deuser with the apparatus of Alderucci for the benefit of providing a user with a means for performing an  automation process using set of field devices that are connected over a bus, and user can access to the specific filed bus based on the access rights and availability associated with the user role, from a user device performing as an end device (Deuser: pars 0007, 0024-0025).
As to claim 13, the combination of Alderucci and Deuser teaches the system according to claim 12, 
Alderucci and Deuser further teaches wherein the field device and the authentication server are designed to carry out a method including the steps of: storing an individual access code in the end device; transmitting the access code from the end device to the field device; connecting the field device to an authentication server via a server communication link; using the field device to transmit the access code or an access code derived from the access code to the authentication server (Alderucci: pars 0115-0117; Fig 1, the stored user authentication information or the authentication token [i.e. individual access code] is transmitted form the authentication device [i.e. end device] to the gaming communication device [i.e. field device], for authenticating user. The authentication data is communicated [i.e. transmitted] to the remote computer or service provider [i.e. an authentication server] for authentication; 
storing authentication data on the authentication server, on the basis of which the authenticity of the access code is checked on the authentication server transmitting the resulting authentication result from the authentication server via the server communication link to the field device; and depending on the authentication result transmitted to the field device, making resources of the field device available to the end device (Deuser: pars 0007, 0017-0018, 0020, 0026 the access role parameters assigned to users are  stored in a LDAP server using a role parameter matrix (RP). As an option, role parameter matrix (RP) is stored locally on the corresponding field device, and can be dynamically changed).
As to claim 14, the combination of Alderucci and Deuser teaches the system according to claim 12, 
Deuser further teaches wherein the server communication interface, the end device communication interface and any software services associated with these communication interfaces are implemented on the field device isolated from the field bus interface and from software services associated with the field bus interface, so that an influencing of the field bus interface and of software services associated with the field bus interface via the server communication interface, via the end device communication interface and via any software services associated with these communication interfaces is not possible (Deuser:  pars 0007, 0012, 0015, 0024-0026, the filed devices are connected with operating units (BE) [i.e. end device] over wireless or direct connection to a filed bus, providing one or more work stations for operating, monitoring, and managing by the specific filed devices. Providing one or more work stations for operating, monitoring, and managing by the specific filed devices, based on the access rights and availability associated with the user role. Where the access role parameters are read, write, and also, as an added option, the functional capability of change access role).
Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Jahangir Kabir whose telephone number is (571) 270-3355.  The examiner can normally be reached on 9:00- 5:00 Mon-Thu.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on (571) 270-5002.  The fax number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/JAHANGIR KABIR/             Primary Examiner, Art Unit 2439