DETAILED ACTION
Claims 1-20 are presented for examination.
The present application is being examined under the AIA  (America Invents Act) First Inventor to File.
This Office Action is Final.
This action is responsive to the following communication: the response filed on 12-12-2012. 

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-4, 6-13, 15 are rejected under 35 U.S.C. 103 as being unpatentable over U.S. Publication No. 2016/0364570 (hereinafter Stern) in view of U.S. Publication No. 2020/0073675 (hereinafter Duval) .

As per claims 1, 8, 12, Stern discloses a method of executing a software module in a computing system, the method comprising: 
executing, in a first processing device of the computing system, a first software module to verify a second software module and to cause a second processing device of the computing system to execute the second software module; (abstract states that an apparatus“ includes a processor configured to, during a boot process of the system processor, receive boot code from the storage device via the first interface.  The processor is configured to generate a first value based on the boot code.  The processor is further configured to provide the boot code to the system processor via the second interface.” According to Stern, the first value generated is in response to “measuring”. ¶ [0006] )
executing, in the second processing device, the second software module to execute, in the second processing device, (portions of first code boot executing by system processor 150; Fig 1)  a third software module (secondary or subsequent portions of boot code; ¶ [0003], [0020] ) and to provide a first key of a key pair to the third software module; and (measurements of the code may refer to the processor generating hash values based on the code; ¶ [0004]) 
protecting, by the second processing device, a memory space associated with the third software module, wherein the memory space contains the first key of the key pair; (memory are 104 storing “hash value” corresponding to first or subsequent portions of boot cod; ¶ [003], [0020] )
Stern does not distinctly discloses the following: 
wherein the processing device contains a second key of the key pair. 
However, Duval explicitly discloses wherein the processing device contains a second key of the key pair. (abstract states that the invention concurrently measuring and executing images by a “a first processing resource and a second processing resource.”  These measuring may be done in a way where “The cryptographic keys used to sign data and verify data can be different keys.” ¶ [0036] )

It would have been obvious before the effective filing date of the claimed invention to modify the teachings of Stern and Duval because both references are in the same field of endeavor. Duval’s teaching of using different keys to make measurements would enhance Sterns's system because it would further enhance system security from malicious code. 

As per claim 2, Stern as modified discloses wherein the first processing device comprises a trusted processing device. (Stern illustrates an automatic measuring processor; Fig 1) 
As per claim 3, Stern as modified discloses wherein the second software module comprises a boot firmware of the computing system. (Stern discloses a “boot code”; abstract. Alternatively, the system described may be implemented with “firmware device”. ¶ [0015] )
As per claim 4, Stern as modified discloses comprising generating, by the third software module, the first and second keys of the key pair and providing the second key of the key pair to the first processing device. (Duval; abstract states that the invention concurrently measuring and executing images by a “a first processing resource and a second processing resource.”  These measuring may be done in a way where “The cryptographic keys used to sign data and verify data can be different keys.” ¶ [0036] )
As per claim 6, Stern as modified discloses comprising monitoring, by the third software module, an integrity of the computing system, securing an indication of the integrity of the computing system using the first key of the key pair and providing the secured indication to the first processing device. (Stern: abstract states that an apparatus“ includes a processor configured to, during a boot process of the system processor, receive boot code from the storage device via the first interface.  The processor is configured to generate a first value based on the boot code.  The processor is further configured to provide the boot code to the system processor via the second interface.” According to Stern, the first value generated is in response to “measuring”. ¶ [0006] The measurement of the code may refer to the processor generating hash values based on the code; ¶ [0004]), (Duval: abstract states that the invention concurrently measuring and executing images by a “a first processing resource and a second processing resource.”  These measuring may be done in a way where “The cryptographic keys used to sign data and verify data can be different keys.” ¶ [0036] )
As per claim 7, Stern as modified discloses wherein the second key of the key pair is stored in a memory of the first processing device. (Duval: abstract states that the invention concurrently measuring and executing images by a “a first processing resource and a second processing resource.”  These measuring may be done in a way where “The cryptographic keys used to sign data and verify data can be different keys.” ¶ [0036] )
As per claim 9, Stern as modified discloses wherein the first code component comprises a firmware of the first processor and the second code component comprises a boot firmware of the processing apparatus. (Stern: abstract states that an apparatus“ includes a processor configured to, during a boot process of the system processor, receive boot code from the storage device via the first interface.  The processor is configured to generate a first value based on the boot code.  The processor is further configured to provide the boot code to the system processor via the second interface.” According to Stern, the first value generated is in response to “measuring”. ¶ [0006] )
As per claim 10, Stern as modified discloses wherein the second processor is to run the third code component to generate the first and second keys of the key pair and to provide the first key of the key pair to the first processor. Stern: abstract states that an apparatus“ includes a processor configured to, during a boot process of the system processor, receive boot code from the storage device via the first interface.  The processor is configured to generate a first value based on the boot code.  The processor is further configured to provide the boot code to the system processor via the second interface.” According to Stern, the first value generated is in response to “measuring”) (Duval: ¶ [0006] abstract states that the invention concurrently measuring and executing images by a “a first processing resource and a second processing resource.”  These measuring may be done in a way where “The cryptographic keys used to sign data and verify data can be different keys.” ¶ [0036] ))
As per claim 11, Stern as modified discloses  wherein the second processor is to run the third code component to determine a status of at least one operational characteristic of the processing apparatus and to provide a message secured by the second key to the first processor, wherein the message includes an indication of the status. (Duval: he status register can indicate that the second portion of the image is ready to be accessed and/or that the second portion of the image has been successfully 
measured. ¶ [0049] )
As per claim 13, Stern as modified discloses wherein the first processing apparatus comprises a trusted processor. (Stern: Measuring processor Fig 1) 

As per claim 15, Stern as modified discloses the second processing apparatus is to run the software module to generate the first and second keys of the key pair and to send the second key of the key pair to the first processing apparatus. (Stern:abstract states that the invention concurrently measuring and executing images by a “a first processing resource and a second processing resource.”  These measuring may be done in a way where “The cryptographic keys used to sign data and verify data can be different keys.” ¶ [0036] )

Claims 5, 14 are rejected under 35 U.S.C. 103 as being unpatentable over U.S. Publication No. 2016/0364570 (hereinafter Stern) in view of U.S. Publication No. 2020/0073675 (hereinafter Duval)  and further view of U.S. Publication No 2013/0013931 (hereinafter O’Hare).

As per claims 5, 14, Stern as modified discloses wherein the key pair comprises one of a symmetric key pair (Duval; ¶ [0037] ) 
O’Hare does not discloses an asymmetric key pair. 
However, O’Hare discloses an asymmetric key pair.¶ [002]
It would have been obvious before the effective filing date of the claimed invention to modify the teachings of Stern as modified and O’Hare because all references are in the same field of endeavor. O’Hare’s teaching of using asymmetrical keys to make measurements would enhance Sterns's as modified system because it will increase security when protecting data from malicious code. 


Remarks
Response to Arguments
Applicant's arguments filed on 04-19-2022 have been fully considered but they are not persuasive to the extent that is applicable to the claims.

I.	Rejections under 35 USC § 103 

Claim Interpretation
During examination of patent application, claims are given their broadest reasonable interpretation under the BRI standard. Furthermore, under the BRI, words of the claim must be given their plain meaning. In re Morris, 127 F.3d 1048, 1054-55, 44 USPQ2d 1023, 1027-28 (Fed. Cir. 1997).  Limitations appearing in the specification but not recited in the claim are not read into the claim.  In re Prater, 415 F.2d 1393, 1404-05, 162 USPQ 541, 550-551 (CCPA 1969)” (MPEP p 2100-8, c 2, I 45-48; p 2100-9, c 1, l 1-4).  
Remarks
Applicants asserts that the cited prior art allegedly fails to disclose at least “executing, in the second processing device, the second software module to execute, in the second processing device, a third software module and to provide a first key of a key pair to the third software module” by adding further that Stern’s hash value determined by the processor is used for the verification and not for the providing to a software module executed by Stern’s system processor. 
At the outset, Applicant provides no factual evidence for the above assertions that the prior art fails to disclose “executing, in the second processing device, the second software module to execute, in the second processing device, a third software module and to provide a first key of a key pair to the third software module”.  Arguments do not take place where there is a preponderance of evidence suggesting otherwise.  A distinction that is based on conclusory statement without any factual basis cannot stand to show non-obviousness.
As noted in the previous Office Action, Stern’s abstract is directed to a computer system illustrated by Fig. 1. The system in Fig. 1 discloses an automatic measuring processor and system processor, which equivalent to the claimed first and second processing devices. Stern’s automatic measuring processor is capable to generate a first value of the first boot code based on the measuring that is delivered to the system processor. However, the measuring is not limited to a single boot code but to multiple boot codes, namely discloses as at least a “second boot code”. After multiple of these measuring operations, the system processor may extent a hash value 242 to the automatic measuring processor. ( see Fig. 2) Therefore, Stern explicitly discloses providing at least a hash value (claimed as first key) to the automatic measuring processor after subsequent executed boot codes.  These teachings are consistent with the explicit recitation of the claimed invention. Therefore, Applicants alleged distinction that the hash value provided is used for verification and not provided is simply contrary to the preponderance of evidence. 
Applicant further argues supposed nonsensical interpretations from the Office with respect to Stern’s features. First applicant representative provides no evidence why such interpretation are nonsensical. In fact, the Office submits that the Applicant fails to currently comprehend and appreciate Stern’s teaching. The teaching provided by the Office are directed to a person of ordinary skill in the computer arts and not to a layman. For example, Applicant first wrongly asserts that the Office equates each first and second boot codes as equivalent to the claimed first and second processing devices. As noted above, the system in Fig. 1 discloses an automatic measuring processor and system processor, in which is equivalent to the claimed first and second processing devices. The automatic measuring processor is responsible for executing the measuring software for each subsequent boot code software. On the other hand, the system processor executes each subsequent boot code software without the measuring software. Thus, it is clear that the Office’s interpretation is that each processor is responsible for performing separate software execution contrary to was is erroneously asserted. 
Regarding the last argument that the prior art fails to discloses the limitations associated with claims 4, 10, 15, it not clear what those limitations are. Applicant has not provided any arguments where the Examiner has supposedly erred, other than naked assertions that the corresponding expressions are not found on the prior art. In other words, 37 CFR 1.111 (b) requires specific findings. Simply put, a statement that merely points put what a claim recites cannot be considered an argument for patentability of the claim. 
Notwithstanding, Duval’s teaching is an improvement over Stern because unlike Stern using a single hash value (i.e., key) for verification, Duval is capable of measuring software by using unique keys that are different, thus improving system security from adverse attacks. Thus, Dual’s teaching is very much relevant contrary to the Applicant attempt at hand waving and dismissing such teaching because Duval’s teaching of different keys is equivalent to the claimed feature of “second key”.


For at least the above reasons the rejections are believed to be proper and maintained.


Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to AUREL PRIFTI whose telephone number is (571)270-1743.  The examiner can normally be reached on M-F 8 a.m.- 6 p.m..
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kim Ngoc Huynh can be reached on 571-272-4147.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/AUREL PRIFTI/Primary Examiner, Art Unit 2186                                                                                                                                                                                                        




Aurel Prifti     
 Primary Examiner
Art Unit 2186
Tel. (571) 270-1743
Fax (571) 270-2743

aurel.prifti@uspto.gov