DETAILED ACTION


1.	This action is responsive to an amendment filed on 4/7/2022.
 
2.	Claims 1-15 are pending.  Claims 1 and 2 are independent and currently amended.  Amendments to the claims are accepted.

Response to Arguments
3.	Applicant’s arguments based on rejections under 35 U.S.C. 103 have been fully considered; however, they are not persuasive.
	In responding to Applicant’s first argument “the alleged “design model” would not “consist of” the alleged “state transition diagram”,” Examiners respectfully disagree.  Loihl discloses a design model that performs testing of the received/input objects for determining vulnerabilities [col. 4 line 58 thru col. 5 line 22 and col. 5 line 62 thru col. 6 line 3].  Loihl does not discloses the design model consisting of a state transition diagram.  Greenwald discloses a design model consisting of a state transition diagram [FIGS. 3-7; state transition diagrams].  Therefore, combination of Loihl and Greenwald discloses limitation “the design model consists of state transition diagram” as recited in the amended claims 1 and 2.





Claim Rejections - 35 USC § 103
4.	In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  


5.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

6.	Claims 1-15 are rejected under 35 U.S.C. 103 as being unpatentable over Loihl (US Patent 10,599,850) in view of Greenwald (US PG Pub. 2011/0030059).
	As regarding claim 1, Loihl discloses A vulnerability evaluating apparatus comprising: 
	at least one hardware processor [FIG. 4 and col. 7 lines 15-54; CPU 410] configured to implement:
	inputting a design specification of a product with a built-in computer [col. 4 line 58 thru col. 5 line 22; receiving definitions and criteria specifying object tests]; 
producing a design model indicating an operation of the product and data used in the product, based on the design specification [col. 4 line 58 thru col. 5 line 22 and col. 5 lines 35-47; performing object tests using the thing to be collected for object tests to obtain expected states]; 
inputting a protected property of the product and a protection state of the protected property [col. 4 line 58 thru col. 5 line 22; receiving objects to be tested and expected states of the test objects]; 
producing a protection state model by extracting, out of the design model an operation portion associated with the protected property [col. 4 line 58 thru col. 5 line 22 and col. 5 line 62 thru col. 6 line 3; determining vulnerability of the tested objects based on results of the object tests]; and 
determining, based on the protection state model, whether or not there exists a state to violate the protection state of the protected property [col. 4 line 58 thru col. 5 line 22 and col. 5 line 62 thru col. 6 line 3; determining vulnerability of the tested objects based on results of the object tests]  
Loihl does not explicitly discloses that the design model consists of a state transition diagram; however, Greenwald discloses it [FIGS. 3-7; state transition diagrams].
It would have been obvious to one of ordinary skill in the art at the time the effective filing of the invention to modify Loihl’s design model to further comprise a state transition diagram, disclosed by Greenwald, in order to provide an description of how the system can transit from one state to another state [Greenwald para. 31 and 50].

As regarding claim 2, Loihl further discloses A vulnerability evaluating apparatus comprising: 
at least one hardware processor [FIG. 4 and col. 7 lines 15-54; CPU 410] configured to implement:
inputting a design model indicating an operation of a product with a built-in computer and data used in the product [col. 4 line 58 thru col. 5 line 22 and col. 5 lines 35-47; performing object tests using the thing to be collected for object tests to obtain expected states]; 
inputting a protected property of the product and a protection state of the protected property [col. 4 line 58 thru col. 5 line 22; receiving objects to be tested and expected states of the test objects]; 
producing a 19 protection state model by extracting, out of the design model, an operation portion associated with the protected property [col. 4 line 58 thru col. 5 line 22 and col. 5 line 62 thru col. 6 line 3; determining vulnerability of the tested objects based on results of the object tests]; and 
determining, based on the protection state model, whether or not there exists a state to violate the protection state of the protected property [col. 4 line 58 thru col. 5 line 22 and col. 5 line 62 thru col. 6 line 3; determining vulnerability of the tested objects based on results of the object tests]
wherein the design model consists a state transition diagram [FIG. 2 and col. 4 line 50 to col. 6 line 40; flow chart detailing operation of system design].

As regarding claim 3, Loihl further discloses The vulnerability evaluating apparatus according to claim 1, wherein the at least one hardware processor is further configured to implement producing an input to the product that leads to the state to violate the protection state of the protected property, based on determining that there exists the state to violate the protection state of the protected property [col. 4 line 58 thru col. 5 line 22 and col. 5 lines 35-47; performing object tests using the thing to be collected for object tests to obtain expected states].  

As regarding claim 4, Loihl further discloses The vulnerability evaluating apparatus according to claim 1, wherein the at least one hardware processor is further configured to implement: 
outputting the design model [col. 4 line 58 thru col. 5 line 22 and col. 5 line 62 thru col. 6 line 3; determining vulnerability of the tested objects based on results of the object tests]; and
selecting and inputting the protected property from the operation of the product and the data used in the product indicated by the design model outputted to the output part [col. 4 line 58 thru col. 5 line 22; receiving objects to be tested and expected states of the test objects].  

As regarding claim 5, Loihl further discloses The vulnerability evaluating apparatus according to claim 4, wherein the at least one hardware processor is further configured to implement selecting and inputting the operation that affects the protection state from the operations indicated by the design [col. 4 line 58 thru col. 5 line 22 and col. 5 lines 35-47; performing object tests using the thing to be collected for object tests to obtain expected states], and inputting, as the protection state, a state of the protected property after the selected operation is performed indicating that the protected property is protected [col. 4 line 58 thru col. 5 line 22; receiving objects to be tested and expected states of the test objects].  


As regarding claim 6, Loihl further discloses The vulnerability evaluating apparatus according to claim 4, wherein the at least one hardware processor is further configured to implement:
producing a protection state model by extracting, out of the state transition diagram, an initial state to the operation selected by the property input part [col. 4 line 58 thru col. 5 line 22 and col. 5 line 62 thru col. 6 line 3; determining vulnerability of the tested objects based on results of the object tests], and 
determining, based on the extracted protection state model, that there exists the state to violate the protection state if there is a state departing from the protection state of the protected property [col. 4 line 58 thru col. 5 line 22 and col. 5 line 62 thru col. 6 line 3; determining vulnerability of the tested objects based on results of the object tests]. 

As regarding claim 7, Loihl further discloses The vulnerability evaluating apparatus according to claim 2, wherein the at least one hardware processor is further configured to implement producing an input to the product that leads to the state to violate the protection state of the protected property, based on determining that there exists the state to violate the protection state of the protected property [col. 4 line 58 thru col. 5 line 22; receiving objects to be tested and expected states of the test objects].  

As regarding claim 8, Loihl further discloses The vulnerability evaluating apparatus according to claim 2, wherein the at least one hardware processor is further configured to implement:
outputting the design model [col. 4 line 58 thru col. 5 line 22 and col. 5 lines 35-47; performing object tests using the thing to be collected for object tests to obtain expected states]; and 
selecting and21 inputting the protected property from the operation of the product and the data used in the product indicated by the design model [col. 4 line 58 thru col. 5 line 22 and col. 5 lines 35-47; performing object tests using the thing to be collected for object tests to obtain expected states].  

As regarding claim 9, Loihl further discloses The vulnerability evaluating apparatus according to claim 3, wherein the at least one hardware processor is further configured to implement: 
outputting the design model [col. 4 line 58 thru col. 5 line 22 and col. 5 lines 35-47; performing object tests using the thing to be collected for object tests to obtain expected states]; and
selecting and inputting the protected property from the operation of the product and the data used in the product indicated by the design model [col. 4 line 58 thru col. 5 line 22 and col. 5 lines 35-47; performing object tests using the thing to be collected for object tests to obtain expected states].  

As regarding claim 10, Loihl further discloses The vulnerability evaluating apparatus according to claim 8, wherein the at least one hardware processor is further configured to implement selecting and inputting the operation that affects the protection state from the operations indicated by the design model [col. 4 line 58 thru col. 5 line 22 and col. 5 lines 35-47; performing object tests using the thing to be collected for object tests to obtain expected states], and inputting, as the protection state, a state of the protected property after the selected operation is performed indicating that the protected property is protected [col. 4 line 58 thru col. 5 line 22; receiving objects to be tested and expected states of the test objects].  

As regarding claim 11, Loihl further discloses The vulnerability evaluating apparatus according to claim 9, wherein the at least one hardware processor is further configured to implement selecting and inputting the operation that affects the protection state from the operations indicated by the design model [col. 4 line 58 thru col. 5 line 22 and col. 5 lines 35-47; performing object tests using the thing to be collected for object tests to obtain expected states], and inputting, as the protection state, a state22 of the protected property after the selected operation is performed indicating that the protected property is protected [col. 4 line 58 thru col. 5 line 22; receiving objects to be tested and expected states of the test objects].  

As regarding claim 12, Loihl further discloses The vulnerability evaluating apparatus according to claim 8, wherein the at least one hardware processor is further configured to implement:
producing a protection state model by extracting, out of the state transition diagram, an initial state to the operation [col. 4 line 58 thru col. 5 line 22 and col. 5 line 62 thru col. 6 line 3; determining vulnerability of the tested objects based on results of the object tests], and 
determining, based on the extracted protection state model, that there exists the state to violate the protection state if there is a state departing from the protection state of the protected property [col. 4 line 58 thru col. 5 line 22 and col. 5 line 62 thru col. 6 line 3; determining vulnerability of the tested objects based on results of the object tests].  

As regarding claim 13, Loihl further discloses The vulnerability evaluating apparatus according to claim 9, wherein the at least one hardware processor is further configured to implement:
producing a protection state model by extracting, out of the state transition diagram, an initial state to the operation [col. 4 line 58 thru col. 5 line 22 and col. 5 line 62 thru col. 6 line 3; determining vulnerability of the tested objects based on results of the object tests]; and 
determining, based on the extracted protection state model, that there exists the state to violate the protection state if there is a state departing from the 23 protection state of the protected property [col. 4 line 58 thru col. 5 line 22 and col. 5 line 62 thru col. 6 line 3; determining vulnerability of the tested objects based on results of the object tests].

As regarding claim 14, Loihl further discloses The apparatus according to claim 1, wherein inputting the protected property and the protection state comprises inputting a user selection from the design model [col. 5 lines 48-56; object tests performed by a user].

As regarding claim 15, Greenwald further discloses The vulnerability evaluating apparatus according to claim 1, wherein the operation portion indicates data from an initial state to a data rewrite state [FIG. 4; email data from “INITIATED” state to a state in which the email is allowed to be rewritten as suggested at line “S: 354 Enter mail, end with *.* on a line by itself”].


Conclusion
Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to THONG P TRUONG whose telephone number is (571)270-7905.  The examiner can normally be reached on M-F 8:30AM - 5:30PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on 57127267986798.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/THONG TRUONG/
Examiner, Art Unit 2433

/JEFFREY C PWU/Supervisory Patent Examiner, Art Unit 2433