DETAILED ACTION
 	Claims 1-3, 5, 7-8, 10-14, 16, 18-19 and 21-26 are allowed. Claims 4, 6, 9, 15, 17 and 20 are canceled. This is in response to Applicant’s arguments and amendments filed on June 22, 2022.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

EXAMINER’S AMENDMENT
Authorization for this examiner’s amendment was given in an interview with Mark Friedman Reg# 33,883 on July 18, 2022.

Claim Amendment
1. (Currently Amended) A computer system for determining permission profiles for computer executable functions, comprising: 
a non-transitory storage medium for storing computer components; and,
a computerized processor for executing the computer components, the computer components comprising at least one module for:
performing a static analysis of a computer executable function to identify first permissions required for operation of the computer executable function, wherein the computer executable function has associated therewith a plurality of input parameters and wherein the static analysis is performed without executing the computer executable function and irrespectively of values of the input parameters;
performing a dynamic analysis of the computer executable function by executing the computer executable function a plurality of times, each time with a distinct combination of execution values of the input parameters, to identify second permissions required for operation of the computer executable function that are not identified by performing the static analysis;
determining a permission profile for the computer executable function, the permission profile including the first permissions and the second permissions; and
associating detected behaviors of the computer executable function with risk scores that includes at least a first risk score and a second risk score, wherein the first risk score is associated with detected behaviors detected by the dynamic analysis and not detected by the static analysis, and wherein the second risk score is associated with detected behaviors detected by the static analysis, and wherein the first risk score is higher than the second risk score.

2. (Previously presented) The computer system of claim 1, wherein the at least one module is further configured to set the permissions of the computer executable function in accordance with the permission profile, by assigning the computer executable function with the first permissions and with the second permissions and removing any other permissions assigned to the computer executable function other than the first permissions and the second permissions, if any.

3. (Currently Amended) The computer system of claim 1, wherein the computer executable function comprises a plurality of lines of code and a plurality of execution paths selectable in accordance with the values of one or more of the input parameters, each execution path includes execution of a distinct subset of the lines of code, and wherein the distinct combination of execution values of the parameters is selected such that the static analysis of the execution paths cannot 

4. (Cancelled) 

5. (Original) The computer system of claim 1, wherein the dynamic analysis is performed by executing the computer executable function in at least one of: a) a test environment; or, b) an operational environment.

6. (Cancelled)

7. (Currently Amended) The computer system of claim 1, 

8. (Previously presented) The computer system of claim 1, wherein the computer executable function comprises a plurality of lines of code and a plurality of execution paths selectable in accordance with the values of one or more of the input parameters, each execution path includes execution of a distinct subset of the lines of code, and wherein a subset of the execution paths are new execution paths that did not exist on a previous version of the computer executable function or that changed with respect to the previous version of the computer executable function, and wherein the subset of execution paths is executed.

9. (Cancelled) 

10. (Original) The computer system of claim 1, wherein the computer executable function is at least one of: a) a serverless function executable on a Function as a Service (FaaS) platform; or, b) a container executable on a managed containers environment.

11. (Original) The computer system of claim 1, wherein the permission profile does not include permissions other than the first permissions and the second permissions.

12. (Currently Amended) A method for determining permission profiles for computer executable functions, the method comprising:
performing, by a processing resource, a static analysis of a computer executable function to identify first permissions required for operation of the computer executable function, wherein the computer executable function has associated therewith a plurality of input parameters and wherein the static analysis is performed without executing the computer executable function and irrespectively of values of the input parameters;
performing, by the processing resource, a dynamic analysis of the computer executable function by executing the computer executable function a plurality of times, each time with a distinct combination of execution values of the input parameters, to identify second permissions required for operation of the computer executable function that are not identified by performing the static analysis;
determining, by the processing resource, a permission profile for the computer executable function, the permission profile including the first permissions and the second permissions; and
associating detected behaviors of the computer executable function with risk scores that includes at least a first risk score and a second risk score, wherein the first risk score is associated with detected behaviors detected by the dynamic analysis and not detected by the static analysis, and wherein the second risk score is associated with detected behaviors detected by the static analysis, and wherein the first risk score is higher than the second risk score.

13. (Original) The method of claim 12, further comprising setting, by the processing resource, the permissions of the computer executable function in accordance with the permission profile, by assigning the computer executable function with the first permissions and with the second permissions and removing any other permissions assigned to the computer executable function other than the first permissions and the second permissions, if any.

14. (Previously presented) The method of claim 12, wherein the computer executable function comprises a plurality of lines of code and a plurality of execution paths selectable in accordance with the values of one or more of the input parameters, each execution path includes execution of a distinct subset of the lines of code, and wherein the distinct combination of execution values of the parameters is selected such that the static analysis of the execution paths cannot

15. (Cancelled) 

16. (Original) The method of claim 12, wherein the dynamic analysis is performed by executing the computer executable function in at least one of: a) a test environment; or, b) an operational environment.

17. (Canceled)

18. (Currently Amended) The method of claim 12, 

19. (Previously presented) The method of claim 12, wherein the computer executable function comprises a plurality of lines of code and a plurality of execution paths selectable in accordance with the values of one or more of the input parameters, each execution path includes execution of a distinct subset of the lines of code, and wherein a subset of the execution paths are new execution paths that did not exist on a previous version of the computer executable function or that changed with respect to the previous version of the computer executable function, and wherein the subset of execution paths is executed.

20. (Cancelled)

21. (Original) The method of claim 12, wherein the computer executable function is at least one of: a) a serverless function executable on a Function as a Service (FaaS) platform; or, b) a container executable on a managed containers environment.

22. (Original) The method of claim 12, wherein the permission profile does not include permissions other than the first permissions and the second permissions.

23. (Currently Amended) A non-transitory computer readable storage medium having computer readable program code embodied therewith, the computer readable program code, executable by at least one processor of a computer to perform the steps of:
performing a static analysis of a computer executable function to identify first permissions required for operation of the computer executable function, wherein the computer executable function has associated therewith a plurality of input parameters and wherein the static analysis is performed without executing the computer executable function and irrespectively of values of the input parameters;
performing a dynamic analysis of the computer executable function by executing the computer executable function a plurality of times, each time with a distinct combination of execution values of the input parameters, to identify second permissions required for operation of the computer executable function that are not identified by performing the static analysis;
determining a permission profile for the computer executable function, the permission profile includes the first permissions and the second permissions; and
associating detected behaviors of the computer executable function with risk scores that includes at least a first risk score and a second risk score, wherein the first risk score is associated with detected behaviors detected by the dynamic analysis and not detected by the static analysis, and wherein the second risk score is associated with detected behaviors detected by the static analysis, and wherein the first risk score is higher than the second risk score.

24. (Original) The non-transitory computer readable storage medium of claim 23, wherein the permission profile does not include permissions other than the first permissions and the second permissions.

25. (Previously presented) The computer system of claim 1, wherein the computer executable function comprises a plurality of lines of code and a plurality of execution paths selectable in accordance with the values of one or more of the input parameters, each execution path includes execution of a distinct segment of the lines of code, and each distinct segment having a distinct set of permissions.

26. (Previously presented) The method of claim 12, wherein the computer executable function comprises a plurality of lines of code and a plurality of execution paths selectable in accordance with the values of one or more of the input parameters, each execution path includes execution of a distinct segment of the lines of code, and each distinct segment having a distinct set of permissions.


REASONS FOR ALLOWANCE
The following is an examiner’s statement of reasons for allowance: 
Applicant’s arguments were persuasive regarding claim 1 rejection. However, for compact prosecution, Applicant agrees to an Examiner amendment by incorporating claim 6 into all main claims since there is no art teaches performing a dynamic analysis of the computer executable function by executing the computer executable function a plurality of times, each time with a distinct combination of execution values of the input parameters, to identify second permissions required for operation of the computer executable function that are not identified by performing the static analysis… and associating detected behaviors of the computer executable function with risk scores that includes at least a first risk score and a second risk score, wherein the first risk score is associated with detected behaviors detected by the dynamic analysis and not detected by the static analysis, and wherein the second risk score is associated with detected behaviors detected by the static analysis, and wherein the first risk score is higher than the second risk score. Therefore, claims 1, 12 and 23 are allowed.
	There is art that discusses static and dynamic analysis such as US Patent 10,623,435 (hereinafter Jevans) as shown in Fig. 3 and related text. But Jevans does not generate risk score for each analysis to compare against each other.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Inquiry communication
Any inquiry concerning this communication or earlier communications from the examiner should be directed to TRI M TRAN whose telephone number is (571)270-1994. The examiner can normally be reached Mon-Fri: 9am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Nickerson can be reached on (469)295-9235. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/TRI M TRAN/Primary Examiner, Art Unit 2432