Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
Claims 1-17 are presented for examination.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees.   A nonstatutory obviousness-type double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and  In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the conflicting application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. 
Effective January 1, 1994, a registered attorney or agent of record may sign a terminal disclaimer. A terminal disclaimer signed by the assignee must fully comply with 37 CFR 3.73(b).

Claims 1 and 14 are compared to claims 1 and 2 in US Patent 10990432 in the following table:
Instant Application
Patent number 10990432
Claim 1. A system for cyber exercises which will comprise replicas of real life computing environments, where these replicas are adapted for participant interaction, and where these replicas comprise logical elements such as startup sequences of individual
components, wherein said replicas comprise one or more virtual machines, or VMs, and wherein said replicas can be made from systems in use, or from systems at rest.


Claim 1. A system for cyber exercises which will comprise replicas of real life computing environments, where these
replicas are adapted for participant interaction, and where these replicas comprise logical elements such as startup sequences of individual components, wherein said replicas
comprise one or more virtual machines, or VMs, and wherein said replicas can be made from systems in use, or from systems at rest, 

and also wherein a system comprises an authoring workspace, which comprises a computing environment which is adapted to execute creation tasks associated with the creation of the exercises in a simulation, and also wherein the authoring workspace is adapted to
enable publication of an exercise stage, wherein publication of an exercise stage comprises adding said exercise stage to
an exercise catalog, and wherein stages on the exercise catalog are adapted to be used as baselines that can be used
to create other canvas(es) in any simulation, and also wherein the exercise catalog is adapted to allow participants
to access exercises, and wherein an execution workspace is adapted to allow an operator to make available modifiable
copies of stages involved in an exercise.



Claim 14. A method for cyber exercises, comprising the steps of:

creating virtual machine replicas of computing systems,

creating a canvas, wherein the canvas comprises a collection of virtual machines and associated computing resources,

using an application dependency finder to analyze startup and shutdown
sequences,

 moving or copying a virtual machine replica to a repository, and

monitoring ingestion of a real-life computing environment into a repository.
Claim 2. A method for cyber exercises, comprising the steps of:

creating virtual machine replicas of computing systems,

creating a canvas, wherein the canvas comprises a collection of virtual machines and associated computing
resources,

using an application dependency finder to analyze startup
and shutdown sequences,

moving or copying a virtual machine replica to a repository,

monitoring ingestion of a real-life computing environment into a repository,
and also comprising the additional steps of:
using an authoring workspace to efficiently execute tasks associated with creation of exercises that make up a
specific simulation, selection of virtual machines to be modified in a specific
canvas, addition or modification of hardware, software, and data
to virtual machines, program execution to modify a VM state in a specific way,
utilizing a workspace to enable publication of a state as an exercise stage on an exercise catalog, making an exercise from an exercise catalog available to participants by making available, in an execution workspace,
modifiable copies of stages involved in the exercise, and creating exercises that are based on copies of an ingested
environment.


Claims 1-13 and 14-17 are provisionally rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claim 1 and 2 of US Patent 10990432.  
Although the conflicting claims are not identical, they are not patentably distinct from each other because the limitations of claims 1 and 2 of the patent, anticipates or otherwise renders obvious the limitations of 1-13 and 14-17, respectively of this instant application.  
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claim 1 is rejected under 35 U.S.C. 102(a)(2) as anticipated by Morton (US 2017/0304707 A1)

As per claim 1, Morton teaches A system for cyber exercises which will comprise replicas of real life computing environments, where these replicas are adapted for participant interaction, and where these replicas comprise logical elements such as startup sequences of individual components, wherein said replicas comprise one or more virtual machines, or VMs, and wherein said replicas can be made from systems in use, or from systems at rest. (Morton [0016] By capturing essential network elements and components such as topology maps, component lists, host types and configurations, to name a few, extensible virtualized environments can emulate the key aspects of the production networks. Such virtual environments, comprised of a plurality of virtual machines, are more efficient than a fixed hardware configuration by reducing the number of hardware components and the associated maintenance costs and [0144] In one embodiment, each mission consists of a blueprint of virtual interconnected systems, tools, networks and devices. The YEM deploys the base mission blueprint on virtualized backend hardware infrastructure and ensures that the virtual systems are successfully started and inter-connected. Each running mission environment is set up so that it is completely isolated from other concurrently running missions in use by other players and [0369] The Env Master runs a SALT minion whose master resides on the YEM, as well as a SALT master which manages all VMs running within the mission instance and [0361] Mission Orchestration Service and [0487] Upon environment creation, the OM populates the OC with the required configuration files for the test environment. The OC runs the Mission Orchestration Service and a local DHCP service over the management network within the environment. [0515] Unique virtual environments are configured for each mission; the ability to invoke automated capabilities into the environment; verification and recording of results; automated offensive or defensive intelligence deployed based on mission selection; feedback on progress and constraints (e.g. time to accomplish each mission objective); tools the user can utilize in the mission, including: Nmap, Security Onion, Wireshark, etc.; 3rd party visualization of the exercise; user activity logging for post event replay; and a leader board for student result comparison.).

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claims 2 and 3 and 8 are rejected under 35 U.S.C. 103 as being unpatentable over Morton(US 2017/0304707 A1) in view of Suit (US 2012/0167084 A1).

As per claim 2, Morton does not teach said replicas comprise virtual machines, which are organized into application dependency groups, and wherein application dependency groups comprise components such as startup and shutdown sequences and data flow, and wherein an application dependency finder is adapted to identify application dependency groups.
However, Suit teaches said replicas comprise virtual machines, which are organized into application dependency groups, and wherein application dependency groups comprise components such as startup and shutdown sequences and data flow, and wherein an application dependency finder is adapted to identify application dependency groups. (Suit [0017] These network nodes that are part of the enterprise may be comprised of both physical and virtual machines.  Enterprise networks that include a plurality of virtual machines may require a physical host, which is required to allocate resources among the virtual machines.  [0018] Groups of network nodes included in the enterprise may form business process application service groups (BASGs).  The "components" of these groups are comprised of virtual machines, hosts, storage devices and network devices. Each of these components may be dependent on one another) and The method may also include initiating a simulation sequence for a predetermined amount of time, recording results of the simulation sequence and storing the results in a memory.  [0089] The simulator engine may compile the simulation results and create a simulation ontology, which is sent to the application server 101.  The simulation ontology may include, for example, the results, which provide a new "state" for the dependency nodes in the enterprise network that are affected by the user adding or "dropping in" a simulated node (see FIG. 8A) and [0109] Messages forwarded to the state and profiling engine 626 may there undergo sorting and processing.  The state and profiling engine 626, for example, may identify the entities within the IT infrastructure as well as their dependency on one another, based on messages received from the platform.).  

It would have been obvious to a person in the ordinary skill in the art before the filing date of the claimed invention to combine Suit with the system of Morton to find dependency groups. One having ordinary skill in the art would have been motivated to use Suit into the system of Morton for the purpose of maintaining optimal operating conditions of the business process application service groups (Suit paragraph 18).

As per claim 8, Morton does not teach an application dependency group comprises information which describes how different computers, physical or virtual, are dependent on each other and/or interact through information exchange, non-electronic dependencies, startup sequences, shutdown sequences, and/or data flow.
However, Suit teaches an application dependency group comprises information which describes how different computers, physical or virtual, are dependent on each other and/or interact through information exchange, non-electronic dependencies, startup sequences, shutdown sequences, and/or data flow. (Suit [0017] These network nodes that are part of the enterprise may be comprised of both physical and virtual machines.  Enterprise networks that include a plurality of virtual machines may require a physical host, which is required to allocate resources among the virtual machines.  [0018] Groups of network nodes included in the enterprise may form business process application service groups (BASGs).  The "components" of these groups are comprised of virtual machines, hosts, storage devices and network devices. Each of these components may be dependent on one another) and The method may also include initiating a simulation sequence for a predetermined amount of time, recording results of the simulation sequence and storing the results in a memory.  [0089] The simulator engine may compile the simulation results and create a simulation ontology, which is sent to the application server 101.  The simulation ontology may include, for example, the results, which provide a new "state" for the dependency nodes in the enterprise network that are affected by the user adding or "dropping in" a simulated node (see FIG. 8A) and [0109] Messages forwarded to the state and profiling engine 626 may there undergo sorting and processing.  The state and profiling engine 626, for example, may identify the entities within the IT infrastructure as well as their dependency on one another, based on messages received from the platform.).  

It would have been obvious to a person in the ordinary skill in the art before the filing date of the claimed invention to combine Suit with the system of Morton to find dependency groups. One having ordinary skill in the art would have been motivated to use Suit into the system of Morton for the purpose of maintaining optimal operating conditions of the business process application service groups (Suit paragraph 18).

As to claim 3, it is rejected based on the same reason as claim 2. 

Claim 4 is rejected under 35 U.S.C. 103 as being unpatentable over Morton(US 2017/0304707 A1) in view of Ratcliffe (US 2009/0319247 A1).

As per claim 4, Morton does not teach said replicas are made from computer systems in use by making a point-in-time copy, and wherein the point-in-time copy is adapted to be moved or copied to a repository in a format that makes possible to start that point in time copy as a virtual machine inside the repository, and wherein the point-in-time copy includes all components in an application dependency group.
However, Ratcliffe teaches said replicas are made from computer systems in use by making a point-in-time copy, and wherein the point-in-time copy is adapted to be moved or copied to a repository in a format that makes possible to start that point in time copy as a virtual machine inside the repository, and wherein the point-in-time copy includes all components in an application dependency group. (Ratcliffe [0666] A system or module such as the Network Reconstitution module 238 can provide for the reconstitution of the network simulator by keeping "snapshots" of the equipment baseline. At any time, the operator can restore any or all of the simulated network and/ or network applications to a preconfigured state. This does not have to include a full simulated network rebuild, but can be a restoration of a previously existing baseline. Multiple sets of preconfigured baselines can be kept to provide differing levels of complexity for the students/users [0684] Reconstitution User Interface--The Reconstitution module user interface can provide the user with the ability to see an overall status and health of the virtual machines that make up the devices in the virtual network. The user interface can also enable the user to capture the state of a virtual device by taking a snapshot.  A snapshot of a virtual device can be reloaded at a later time to continue execution from the exact moment the snapshot was taken [0835] While the rest of the network hardware in various embodiments of the network simulator can be deployed otherwise, the traffic and attack operations originate at the Node 102.  Most of the servers existing on the simulated network can be emulated by either the Node 102 or an actual virtual machine sitting on another server in the simulator, but all users and attackers can be configured to originate from the Node 102.).

It would have been obvious to a person in the ordinary skill in the art before the filing date of the claimed invention to combine Ratcliffe with the system of Morton to store a copy in a respository. One having ordinary skill in the art would have been motivated to use Ratcliffe into the system of Morton for the purpose of providing a simulated environment for a computer network testing (Ratcliffe paragraph 02). 

Claim 5 is rejected under 35 U.S.C. 103 as being unpatentable over Morton(US 2017/0304707 A1) in view of Ratcliffe (US 2009/0319247 A1) in further view of Guo (US 2018/0165621 A1).

As per claim 5, Morton does not teach said replicas are housed in one or more repositories.
However, Ratcliffe teaches said replicas are housed in one or more repositories. (Ratcliffe [0666] A system or module such as the Network Reconstitution module 238 can provide for the reconstitution of the network simulator by keeping "snapshots" of the equipment baseline. At any time, the operator can restore any or all of the simulated network and/ or network applications to a preconfigured state. This does not have to include a full simulated network rebuild, but can be a restoration of a previously existing baseline. Multiple sets of preconfigured baselines can be kept to provide differing levels of complexity for the students/users [0684] Reconstitution User Interface--The Reconstitution module user interface can provide the user with the ability to see an overall status and health of the virtual machines that make up the devices in the virtual network. The user interface can also enable the user to capture the state of a virtual device by taking a snapshot.  A snapshot of a virtual device can be reloaded at a later time to continue execution from the exact moment the snapshot was taken [0835] While the rest of the network hardware in various embodiments of the network simulator can be deployed otherwise, the traffic and attack operations originate at the Node 102.  Most of the servers existing on the simulated network can be emulated by either the Node 102 or an actual virtual machine sitting on another server in the simulator, but all users and attackers can be configured to originate from the Node 102.).

It would have been obvious to a person in the ordinary skill in the art before the filing date of the claimed invention to combine Ratcliffe with the system of Morton to store a copy in a respository. One having ordinary skill in the art would have been motivated to use Ratcliffe into the system of Morton for the purpose of providing a simulated environment for a computer network testing (Ratcliffe paragraph 02). 

Ratcliffe does not teach wherein the repository is adapted to be utilized with data deduplication.
However, Guo teaches the repository is adapted to be utilized with data deduplication. (Guo [0004] The method further includes sampling the stored event data to generate a continuous historical view over the period of time and calculating a historical snapshot of a user network over the period of time based at least in part on the parameter.  Additionally, the method includes collecting event data for a current window of time and calculating a current snapshot of the user network over the current window of time.  The method also includes determining a delta between the historical snapshot of the user network and the current snapshot of the user network. and [0036] In some cases, e.g., where event data is collected and stored over a plurality of overlapping windows of time, data aggregator 116 may sample the aggregated event data to deduplicate event data corresponding overlapping periods within the overlapping windows).

It would have been obvious to a person in the ordinary skill in the art before the filing date of the claimed invention to combine Guo with the system of Morton and Ratcliffe to provide data deduplication. One having ordinary skill in the art would have been motivated to use Guo into the system of Morton and Ratcliffe for the purpose of calculating a snapshot of the user network over the period of time based at least in part on the parameter and provide the snapshot (Guo paragraph 06). 

Claim 6 is rejected under 35 U.S.C. 103 as being unpatentable over Morton(US 2017/0304707 A1) in view of Ratcliffe (US 2009/0319247 A1) in further view of McCondochie (US 2018/0113979 A1).

As per claim 6, Morton does not teach wherein said replicas are housed in one or more repositories.
However, Ratcliffe teaches wherein said replicas are housed in one or more repositories . (Ratcliffe [0666] A system or module such as the Network Reconstitution module 238 can provide for the reconstitution of the network simulator by keeping "snapshots" of the equipment baseline. At any time, the operator can restore any or all of the simulated network and/ or network applications to a preconfigured state. This does not have to include a full simulated network rebuild, but can be a restoration of a previously existing baseline. Multiple sets of preconfigured baselines can be kept to provide differing levels of complexity for the students/users [0684] Reconstitution User Interface--The Reconstitution module user interface can provide the user with the ability to see an overall status and health of the virtual machines that make up the devices in the virtual network. The user interface can also enable the user to capture the state of a virtual device by taking a snapshot.  A snapshot of a virtual device can be reloaded at a later time to continue execution from the exact moment the snapshot was taken [0835] While the rest of the network hardware in various embodiments of the network simulator can be deployed otherwise, the traffic and attack operations originate at the Node 102.  Most of the servers existing on the simulated network can be emulated by either the Node 102 or an actual virtual machine sitting on another server in the simulator, but all users and attackers can be configured to originate from the Node 102.).

It would have been obvious to a person in the ordinary skill in the art before the filing date of the claimed invention to combine Ratcliffe with the system of Morton to store a copy in a respository. One having ordinary skill in the art would have been motivated to use Ratcliffe into the system of Morton for the purpose of providing a simulated environment for a computer network testing (Ratcliffe paragraph 02). 

Ratcliffe does not teach a repository is adapted to be utilized with parallelized data ingestion.
However, McCondochie teaches a repository is adapted to be utilized with parallelized data ingestion. (McCondochie [0017] In response to recognizing the foregoing disadvantages, the inventors have conceived and reduced to practice a software and/or hardware facility for safe parallelized ingestion of data update messages).

It would have been obvious to a person in the ordinary skill in the art before the filing date of the claimed invention to combine McCondochie with the system of Morton and Ratcliffe to enable parallelized data ingestion. One having ordinary skill in the art would have been motivated to use McCondochie into the system of Morton and Ratcliffe for the purpose of providing safe parallelized ingestion of data update messages (McCondochie paragraph 17). 

Claim 7 is rejected under 35 U.S.C. 103 as being unpatentable over Morton(US 2017/0304707 A1) in view of Ratcliffe (US 2009/0319247 A1) in further view of Ouarraoui (US 2018/0088932 A1).

As per claim 7, Morton does not teach said replicas are housed in one or more repositories.
However, Ratcliffe teaches said replicas are housed in one or more repositories . (Ratcliffe [0666] A system or module such as the Network Reconstitution module 238 can provide for the reconstitution of the network simulator by keeping "snapshots" of the equipment baseline. At any time, the operator can restore any or all of the simulated network and/ or network applications to a preconfigured state. This does not have to include a full simulated network rebuild, but can be a restoration of a previously existing baseline. Multiple sets of preconfigured baselines can be kept to provide differing levels of complexity for the students/users [0684] Reconstitution User Interface--The Reconstitution module user interface can provide the user with the ability to see an overall status and health of the virtual machines that make up the devices in the virtual network. The user interface can also enable the user to capture the state of a virtual device by taking a snapshot.  A snapshot of a virtual device can be reloaded at a later time to continue execution from the exact moment the snapshot was taken [0835] While the rest of the network hardware in various embodiments of the network simulator can be deployed otherwise, the traffic and attack operations originate at the Node 102.  Most of the servers existing on the simulated network can be emulated by either the Node 102 or an actual virtual machine sitting on another server in the simulator, but all users and attackers can be configured to originate from the Node 102.).

It would have been obvious to a person in the ordinary skill in the art before the filing date of the claimed invention to combine Ratcliffe with the system of Morton to store a copy in a respository. One having ordinary skill in the art would have been motivated to use Ratcliffe into the system of Morton for the purpose of providing a simulated environment for a computer network testing (Ratcliffe paragraph 02). 

Ratcliffe does not teach wherein a repository is adapted to be utilized with zero overhead data copy (ZODC) techniques, which comprise creation of logical copies that operate as independent copies.
However, Ouarroui teaches wherein a repository is adapted to be utilized with zero overhead data copy (ZODC) techniques, which comprise creation of logical copies that operate as independent copies. (Ouarroui [0054] The management layers 110A-C can track metadata objects which can help create logical copies of VMs to create clones or backups).

It would have been obvious to a person in the ordinary skill in the art before the filing date of the claimed invention to combine Ouarroui with the system of Morton and Ratcliffe to make logical copies. One having ordinary skill in the art would have been motivated to use Ouarroui into the system of Morton and Ratcliffe for the purpose of providing interoperability of resources in the data center (Ouarroui paragraph 02). 

Claim 9 is rejected under 35 U.S.C. 103 as being unpatentable over Morton(US 2017/0304707 A1) in view of Wipel (US 2011/0126207 A1).

As per claim 9, Morton does not teach a virtual-machine canvas comprises a collection of virtual machines and associated computing resources, and wherein a read-only canvas baseline is adapted to serve as a master copy for use in creating one or more virtual-machine canvases.
However, Wipel teaches a virtual-machine canvas comprises a collection of virtual machines and associated computing resources, and wherein a read-only canvas baseline is adapted to serve as a master copy for use in creating one or more virtual-machine canvases. (Wipfel [0131] In one implementation, in response to loading the service blueprint template in operation 440, or alternatively in response to creating the virtual machine descriptions and defining the service level agreement in operation 450 and 460, the workload management system may then create an annotated service blueprint tailored to the requested service in an operation 470.  In particular, the annotated service blueprint may generally be created in a collaborative workload that includes interaction between various human and/or automated entities having responsibility for approving and deploying the requested service.  As such, operation 470 may create a canvas diagram or another suitable drawing that includes various elements to represent the virtual machines stacked within the tessellated service distribution, wherein the canvas diagram may be created from the service blueprint template loaded in operation 440 or the virtual machine descriptions created in operation 450.  Furthermore, in one implementation, the canvas diagram representing the tessellated service distribution may be created with a drawing tool or other suitable application that has drag-and-drop capabilities (e.g., Microsoft Visio), wherein operation 470 may display a visual drag-and-drop palette that one or more of the entities involved in the collaborative workload can use to add, remove, or modify the elements representing the stacked virtual machines to appropriately tailor the canvas diagram to the service.  In one implementation, the visual drag-and-drop palette may further include elements that can be used to add, remove, or modify communication links or other relationships between the stacked virtual machines within the tessellated service and/or relationships to other tessellated service distributions).

It would have been obvious to a person in the ordinary skill in the art before the filing date of the claimed invention to combine Wipel with the system of Morton to provide a master copy for making virtual machines. One having ordinary skill in the art would have been motivated to use Wipel into the system of Morton for the purpose of creating annotated service blueprints to provision and manage tessellated service distributions in an information technology infrastructure. (Wipel paragraph 03) 

Claim 10 is rejected under 35 U.S.C. 103 as being unpatentable over Morton(US 2017/0304707 A1) in view of Shieh (US 2017/0180421 A1).

As per claim 10, Morton does not teach a stage comprises a read-only canvas baseline, a set of objectives and tools, and a supporting environment.
However, Shieh teaches a stage comprises a read-only canvas baseline, a set of objectives and tools, and a supporting environment. (Shieh [0038] In one embodiment, a threat detection system 142 receives traffic,  identified by a threat sensor from an unsolicited request/contact from a network element as potentially malicious network traffic.  Threat detection system 142 then emulates the requested service, response, etc. requested by the potentially malicious network traffic.  In one embodiment, threat detection system 142 continues the exchange of data with the network element, emulates the requested services, and analyzes the actions of the network element until threat detection system 142 determines that the network element is infected, the traffic is malicious, or no threat is present.  When a threat is detected, threat detection system 142 may then notify a network administrator of a corresponding network segment, identify the network element, and/or provide additional identification data to enable the network administrator to take remediative actions to address the identified threat to the network segment [objective] and [0081] Host operating system 720 can include a container engine 730.  Container engine 730 can create and manage containers 740.sub.1-740.sub.Z, for example, using an (high-level) application programming interface (API).  By way of non-limiting example, container engine 730 is at least one of Docker.RTM., Rocket (rkt), Solaris Containers, and the like.  For example, container engine 730 may create a container (e.g., one of containers 740.sub.1-740.sub.Z) using an image.  An image can be a (read-only) template [readonly canvas] comprising multiple layers and can be built from a base image (e.g., for host operating system 720) using instructions (e.g., run a command, add a file or directory, create an environment variable, indicate what process (e.g., application or service) to run, etc.).  Each image may be identified or referred to by an image type.  In some embodiments, images (e.g., different image types) are stored and delivered by a system (e.g., server side application) referred to as a registry or hub (not shown in FIG. 7).).

It would have been obvious to a person in the ordinary skill in the art before the filing date of the claimed invention to combine Shieh with the system of Morton to provide a read only canvas. One having ordinary skill in the art would have been motivated to use Shieh into the system of Morton for the purpose of providing a threat monitoring server to detect potential attacks. (Shieh paragraph 04) 

Claim 11 is rejected under 35 U.S.C. 103 as being unpatentable over Morton(US 2017/0304707 A1) in view of Obes (US 2011/0035803 A1).

As per claim 11, Morton does not teach a system comprises an authoring workspace, which comprises a computing environment which is adapted to execute creation tasks associated with the creation of the exercises in a simulation.
However, Obes teaches a system comprises an authoring workspace, which comprises a computing environment which is adapted to execute creation tasks associated with the creation of the exercises in a simulation. (Obes Fig 11 and 12)

It would have been obvious to a person in the ordinary skill in the art before the filing date of the claimed invention to combine Obes with the system of Morton to execute creation tasks. One having ordinary skill in the art would have been motivated to use Obes into the system of Morton for the purpose of developing a cost-efficient and scalable computer attack planner (Obes paragraph 02). 

Claim 12 is rejected under 35 U.S.C. 103 as being unpatentable over Morton(US 2017/0304707 A1) in view of Obes (US 2011/0035803 A1) in further view of Chinnaswamy (US 2017/0155569 A1).

As per claim 12, Morton and Obes do not teach said creation tasks comprise selection of which virtual machines are to be modified in a specific canvas, wherein said creation tasks comprise addition or modification of hardware, software, and data to virtual machines, and/or wherein said creation tasks comprise program execution to modify a virtual machine state in a specific way. 
However, Chinnaswamy teaches said creation tasks comprise selection of which virtual machines are to be modified in a specific canvas, wherein said creation tasks comprise addition or modification of hardware, software, and data to virtual machines, and/or wherein said creation tasks comprise program execution to modify a virtual machine state in a specific way (Chinnaswamy Fig 3 and [0026] The template generator component 145 is able to generate a VM template for the networking test based on the parameter values in the parameter file ( e.g., based on the set of network devices involved in the networking test and the network connectivity among the set of network devices). The VM template for the networking test defines a configuration of networked VMs that virtualizes the set of network devices involved in the networking test and the network connectivity among the set of network devices. For example, the VM template may define a configuration where a dedicated VM is created for each network device involved in the networking test to emulate that network device).

It would have been obvious to a person in the ordinary skill in the art before the filing date of the claimed invention to combine Chinnaswamy with the system of Morton and Obes to add or modify hardware. One having ordinary skill in the art would have been motivated to use Chinnaswamy into the system of Morton and Obes for the purpose of creating virtualized testing environments in which to perform networking tests. (Chinnaswamy paragraph 01)

Claim 13 is rejected under 35 U.S.C. 103 as being unpatentable over Morton(US 2017/0304707 A1) in view of Obes (US 2011/0035803 A1) in further view of Kryskow (US 2007/0124461 A1).

As per claim 13, Morton and Obes do not teach the authoring workspace is adapted to enable publication of an exercise stage, wherein publication of an exercise stage comprises adding said exercise stage to an exercise catalog, and wherein stages on the exercise catalog are adapted to be used as baselines that can be used to create other canvas( es) in any simulation.
However, Kryskow teaches the authoring workspace is adapted to enable publication of an exercise stage, wherein publication of an exercise stage comprises adding said exercise stage to an exercise catalog, and wherein stages on the exercise catalog are adapted to be used as baselines that can be used to create other canvas( es) in any simulation. (Kryskow Fig 1 and Fig 2 and   [0012] According to the present invention, a method for controlling aspects of network traffic for sites in a telecommunications network, comprises the steps of translating a default control template for each site into a site specific template in response to an automatic baseline input, translating the site specific template into 1oring and simulation templates, translating current end-to-end and component information into operational modes for monitoring and simulation modules according to the monitoring and simulation templates, and establishing operational controls for controlling the monitoring and simulation modules for controlling, in real time, the transmission of network management and simulation traffic).

It would have been obvious to a person in the ordinary skill in the art before the filing date of the claimed invention to combine Kryskow with the system of Morton and Obes to create baseline for creating other canvases. One having ordinary skill in the art would have been motivated to use Kryskow into the system of Morton and Obes for the purpose of minimizing or limiting the amount of network resources used by the service assessment monitoring and simulation system.(Kryskow paragraph 13)

Claims 14  and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Smith (US 2011/0314465 A1) in view of Ratcliffe (US 2009/0319247 A1) in further view of Chen (US 2016/0110213 A1).

As per claim 14, Smith teaches A method for cyber exercises, comprising the steps of:
creating virtual machine replicas of computing systems, creating a canvas, wherein the canvas comprises a collection of virtual machines and associated computing resources (Smith [0005] a plurality of replica VMs, each of the pool of hosts comprising a physical computing device; replicating the head node VM at an each one of the plurality of replica VMs; coordinating amongst the plurality of replica VMs to assign at least one workload sub-task to the each one of the plurality of replica VMs; processing the at least one assigned workload sub-tasks at the respective each one of the plurality of replica VMs to provide at least one sub-task result; and receiving the at least one sub-task result at the head node VM.)
using an application dependency finder to analyze startup and shutdown sequences (Smith [0041] At step 203, head node VM 101 is replicated at each of the plurality of replica VMs.  At step 204, respective workload coordination module 113, 123, 133, 143 coordinate [includes dependency] amongst the plurality of replica VMs 111, 121, 131, 141 to assign at least one workload sub-task to each of the plurality of replica VMs 111, 121, 131, 141 for processing.  At step 205, the assigned workload sub-tasks are processed at the respective replica or worker VMs, to provide at least one sub-task result. [0046] FIG. 5 is a flowchart illustrating progressive workload distribution and processing with incorporation of termination operations.  In this exemplary embodiment, at step 501, head node VM 101 monitors an electronic heartbeat of the replica VMs created.  Even if any of the replica VMs have not completed and reported their respective assigned sub-tasks, should the electronic heartbeat be lost or otherwise fails to establish continuity, at step 502, head node VM 101 may remove that replica VM from the plurality of replica VMs created, and proceed, at step 503, to mark that replica VM as either idle or unavailable.  Further at step 504 would be for head node VM 101 to destroy that replica VM marked as idle or unavailable, and even yet further, at step 505, to delete its respective physical host from the pool of available physical hosts.)
Smith does not teach moving or copying a virtual machine replica to a repository and monitoring ingestion of a real-life computing environment into a repository.
However, Ratcliffe teaches moving or copying a virtual machine replica to a repository (Ratcliffe [0666] A system or module such as the Network Reconstitution module 238 can provide for the reconstitution of the network simulator by keeping "snapshots" of the equipment baseline. At any time, the operator can restore any or all of the simulated network and/ or network applications to a preconfigured state. This does not have to include a full simulated network rebuild, but can be a restoration of a previously existing baseline. Multiple sets of preconfigured baselines can be kept to provide differing levels of complexity for the students/users [0684] Reconstitution User Interface--The Reconstitution module user interface can provide the user with the ability to see an overall status and health of the virtual machines that make up the devices in the virtual network. The user interface can also enable the user to capture the state of a virtual device by taking a snapshot.  A snapshot of a virtual device can be reloaded at a later time to continue execution from the exact moment the snapshot was taken [0835] While the rest of the network hardware in various embodiments of the network simulator can be deployed otherwise, the traffic and attack operations originate at the Node 102.  Most of the servers existing on the simulated network can be emulated by either the Node 102 or an actual virtual machine sitting on another server in the simulator, but all users and attackers can be configured to originate from the Node 102.).

It would have been obvious to a person in the ordinary skill in the art before the filing date of the claimed invention to combine Ratcliffe with the system of Smith to store a copy in a respository. One having ordinary skill in the art would have been motivated to use Ratcliffe into the system of Smith for the purpose of providing a simulated environment for a computer network testing (Ratcliffe paragraph 02). 

Smith and Ratcliffe do not teach monitoring ingestion of a real-life computing environment into a repository.
However, Chen teaches monitoring ingestion of a real-life computing environment into a repository. (Chen [0052] More specifically, the virtual machine monitoring system generates snapshot data for the virtual machine that is in the runtime and transmits the snapshot data to the server.  The server receives the snapshot data corresponding to the virtual machine and transmits the snapshot data to the virtual machine monitoring system that is currently using the virtual machine.  The virtual machine monitoring system can lock the current virtual machine for update of the snapshot data).

It would have been obvious to a person in the ordinary skill in the art before the filing date of the claimed invention to combine Chen with the system of Smith and Ratcliffe to monitor ingestion of data into a respository. One having ordinary skill in the art would have been motivated to use Chen into the system of Smith and Ratcliffe for the purpose of providing a virtual machine monitoring method, which achieves data security, facilitates management, and is flexible in use. (Chen paragraph 09) 

As per claim 16, Ratcliffe teaches the additional step of: identifying an order in which to pause the computing systems to create application-consistent point-in-time replicas. (Ratcliffe [0666] A system or module such as the Network Reconstitution module 238 can provide for the reconstitution of the network simulator by keeping "snapshots" of the equipment baseline. At any time, the operator can restore any or all of the simulated network and/ or network applications to a preconfigured state. This does not have to include a full simulated network rebuild, but can be a restoration of a previously existing baseline. Multiple sets of preconfigured baselines can be kept to provide differing levels of complexity for the students/users [0684] Reconstitution User Interface--The Reconstitution module user interface can provide the user with the ability to see an overall status and health of the virtual machines that make up the devices in the virtual network. The user interface can also enable the user to capture the state of a virtual device by taking a snapshot.  A snapshot of a virtual device can be reloaded at a later time to continue execution from the exact moment the snapshot was taken [0835] While the rest of the network hardware in various embodiments of the network simulator can be deployed otherwise, the traffic and attack operations originate at the Node 102.  Most of the servers existing on the simulated network can be emulated by either the Node 102 or an actual virtual machine sitting on another server in the simulator, but all users and attackers can be configured to originate from the Node 102.).

Claim 15 is rejected under 35 U.S.C. 103 as being unpatentable over Smith (US 2011/0314465 A1) in view of Ratcliffe (US 2009/0319247 A1) in further view of Chen (US 2016/0110213 A1) in further view of McCondochie (US 2018/0113979 A1).

As per claim 15, Smith and Ratcliffe and Chen do not teach implementing parallelization to maximize data transfer into a repository.
However, McCondochle teaches implementing parallelization to maximize data transfer into a repository. (McCondochle [0017] In response to recognizing the foregoing disadvantages, the inventors have conceived and reduced to practice a software and/or hardware facility for safe parallelized ingestion of data update messages).

It would have been obvious to a person in the ordinary skill in the art before the filing date of the claimed invention to combine McCondochie with the system of Smith and Ratcliffe and Chen to enable parallelized data transfer. One having ordinary skill in the art would have been motivated to use McCondochie into the system of Smith and Ratcliffe and Chen for the purpose of providing safe parallelized ingestion of data update messages (McCondochie paragraph 17). 

Claim 17 is rejected under 35 U.S.C. 103 as being unpatentable over Smith (US 2011/0314465 A1) in view of Ratcliffe (US 2009/0319247 A1) in further view of Chen (US 2016/0110213 A1) in further view of Ouarraoui (US 2018/0088932 A1).

As per claim 17, Smith and Ratcliffe and Chen do not teach using zero-overhead data copy techniques to create practically instant copies of virtual machines or other data resources, by creating logical copies that operate as independent copies.
However, Ouarroui teaches using zero-overhead data copy techniques to create practically instant copies of virtual machines or other data resources, by creating logical copies that operate as independent copies. (Ouarroui [0054] The management layers 110A-C can track metadata objects which can help create logical copies of VMs to create clones or backups).

It would have been obvious to a person in the ordinary skill in the art before the filing date of the claimed invention to combine Ouarroui with the system of Smith and Ratcliffe and Chen to make logical copies. One having ordinary skill in the art would have been motivated to use Ouarroui into the system of Smith and Ratcliffe and Chen for the purpose of providing interoperability of resources in the data center (Ouarroui paragraph 02). 
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
US 20190066530 A1 – discloses methods and systems allow a user or operator to easily create cyber-training environments for use in a cyber-training system.  In one embodiment, the environments are configured as missions.  The missions may have a plurality of features, such as training objectives, a mission storyline, a mission order and mission objectives, relative to a mission environment.  The mission environment comprises a virtual environment, such as defined by a virtual network having virtual machines or devices.
US 20170148347 A1 – discloses a cyber-learning environment that utilizes one or more virtual computing environments in order to provide users of a course the ability to simulate computing scenarios without requiring the use of a dedicated machine is provided.  The cyber-learning environment can include a core that accepts user inputs, as well as loads pre-defined courses based on the user's identity.  The pre-defined courses can be generated by combining one or more assets contained with an asset library.  The pre-defined course can also include grading criteria that can be sent to a grading module.  The grading module can compare the grading criteria with a user's interaction with the virtual learning environment to assess performance.  A score can be generated based on the assessed performance and can be transmitted back to a user of the course thus providing feedback on the user's performance within the course.
US 20140046645 A1 - discloses Systems and methods for monitoring and analyzing components and operation of a simulated network environment including a module configured for storing a predetermined baseline for the simulated network environment, monitoring the simulated network environment during one or more operations, analyzing the monitored operations and the impact of the operations on one or more components of the simulated network environment, and comparing at least one of the monitored operations and impacts of the operations against the predetermined baseline.
US 20170046519 A1 – discloses processes of monitoring or modifying a network of electronically connected assets that dynamically builds relationships and dependencies among detected vulnerabilities in one or more of the assets and sensor measurements so that risk assessment can be achieved more accurately and in real-time.  A process includes: identifying a plurality of vulnerabilities on a network of electronically interconnected devices representing one or more critical assets; determining dependencies between each vulnerability in the plurality of vulnerabilities; creating a hidden Markov model representing an attack state of each vulnerability of the plurality of vulnerabilities; determining the exploit likelihood of each of the attack states at a first time; determining the most probable sequences or paths of the attack states; and identifying dynamically the risk of one or more of the critical assets based on the sequences or paths of attack states.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to MEHRAN KAMRAN whose telephone number is (571)272-3401.  The examiner can normally be reached on 9-5.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Emerson Puente can be reached on (571)272-3652.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/MEHRAN KAMRAN/           Primary Examiner, Art Unit 2196