DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on  7/1/2022 has been entered.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-2, 7-8. 11-12, 17-18, 21-22 are rejected under 35 U.S.C. 103 as being unpatentable over U.S. Publication No. 2017/0279619 A1 (Yang) and U.S. Publication No. 2015/0007262 A1 (Aissi), Smith et al. (hereinafter Smith) US 2018/0004953A1 and Kaimal et al.(Kaimal) US 2006/0136705 A1
Referring to claim 1, Yang discloses an embedded processing system of a controller, ([0067][0068] machine-to-machine devices, gas meters, or automobiles, etc.) the embedded processing system comprising: processing circuitry configured to execute a plurality of computer executable instructions (page 4, paragraph 50).  Yang discloses a device which includes an embedded card with an operating system, hardware including the circuitry to execute the instructions.  The operating system and hardware provides processing circuitry to carry out computer executable instructions.  Yang discloses a memory system configured to store a plurality of configuration items (Figure 1A, page 6, paragraph 66, [0011]-[0014][0056]-[0059] define extension information portion and data portions etc.  with configuration items).  Yang discloses logic and storing of certificate function, certification information in the device 110, Yang disclose wherein at least one of the configuration items comprises a sequence of computer executable instructions (Figure 1A, page 6, paragraph 66, [0131], claim 12, store programs, utilities, processes or instructions to be executed.)
Yang discloses and an authentication control configured to: authenticate an immutable anchor associated with the embedded processing system (page 1, paragraph 2, page 1, paragraph 8, paragraph 11, page 2, paragraph 18) and the immutable anchor is encoded in read-only storage; ([0118][0131][0136] non-volatile memory is used by the certificate function to store certificates for eUICC, ROM store programs, etc. to be executed in a non-volatile manner).  The immutable anchor is the eUICC and the authentication process determines the validity of the certificate arriving for the eUICC.  Yang discloses authenticate integrity of the reconfigurable entity map (page 1, paragraph 11, 13, 129).  The reconfigurable entity map is the CRL which is maintained by the device and is therefore associated with the memory system.  Checking the CRL for identity of certificate is authenticating the integrity and validity of the certificate with the CRL. The CRL list can be updated with servers. 
Yang discloses locating one or more of the configuration items in the memory system based on accessing a list of address ranges in the reconfigurable entity map after performing integrity authentication of the reconfigurable entity map; (para 11-14, 17-19) after validating the CRL arriving at the device, pull certificates from CAs to updating the pinning policy which refers hash values stored in the trusted list or pinning table and implied the list or table is identified.
Yang discloses authenticate one or more of the configuration items based on locating the configuration items in the memory system using the list of
address ranges in the reconfigurable entity map (page 2, paragraph 11, 13, 17, 18, 59-61) Certificate the pinning policy by referring the hash values in the trusted list or pinning list in the CRL, Yang discloses certificates which are authenticated based on the pinning table or trusted lists which are the CRL or reconfigurable entity maps which store the validated certificates.  Yang discloses performing an accommodation measure based on an authentication failure of at least one of the configuration items (page 7, paragraph 76).  The new certificate can be requested in response to an authentication failure of the certificate for the server.  
But Yang fail to explicitly disclose “wherein authentication of the immutable anchor is performed upon receiving a reset signal at the embedded processing system of the controller of the gas turbine engine; wherein integrity authentication of the reconfigurable entity map is performed upon successful authentication of the immutable anchor.”
	Aissi disclose wherein authentication of the immutable anchor is performed upon receiving a reset signal at the embedded processing system of the controller of the gas turbine engine; (Fig. 7A, [0004][0005] [0043] [0056][0109]-[0112] due to the application module reset, or watchdog timer expired, etc. the update of the root of trust is updated in response to the event from the remote server, for example, and is verified from the system controller) wherein integrity authentication of the reconfigurable entity map is performed upon successful authentication of the immutable anchor. (Fig. 7A, [0074] [0111]-[0115] if the verification of the root of trust is successful, the trust chain is re-established, here it discloses the condition to execute the software) 
It would have been obvious to one having ordinary skill in the art before the effective filing data of the claimed invention was made to incorporate Aissi’s secure execution and update of application module into Yang’s invention as they are related to the same field endeavor of verification of the eUICC and servers which includes a sequence of executable instructions. The motivation to combine these arts, as proposed above, at least because Aissi’s capability to provide a trigger condition to execute the code would provide more software control to Yang’s system. Therefore it would have been obvious to one having ordinary skill in the art before the effective filing data of the claimed invention was made that provide a trigger condition to execute the code would protect the system to make it more secure.  
But Yang, Aissi fail to explicitly disclose “the controller of a gas turbine engine, the plurality of configuration items comprising a reconfigurable entity map that defines address ranges of one or more of the configuration items, the computer executable instructions including an application configured to control operation of the gas turbine engine;”
Smith disclose the controller of a gas turbine engine, ([0002] [0020]-[0025] controller of gas turbine, for example) the computer executable instructions including an application configured to control operation of the gas turbine engine; ([0002][0020]-[0025] [0034][0040]-[0042][0057], etc.  execute application to control operation of the industrial system) 
the plurality of configuration items comprising a reconfigurable entity map that defines address ranges of one or more of the configuration items, ([0025]-[0032] [0052]-[0057][0060]-[0064] [0069] –[0071][0076] software or firmware stacks which represent address blocks in the memory with security setting and authentication policies, Note: please further define the authentication requirements of the configuration items to help move forward the prosecution )
It would have been obvious to one having ordinary skill in the art before the effective filing data of the claimed invention was made to incorporate Smith’s industrial control system into Aissi and Yang’s invention as they are related to the same field endeavor establishing secure module in a control system. The motivation to combine these arts, as proposed above, at least because Smith’s controller of a gas turbine engine and an application configured to control operation of the gas turbine engine would provide control software and hardware to Aissi and Yang’s system. Therefore it would have been obvious to one having ordinary skill in the art before the effective filing data of the claimed invention was made providing a controller of a gas turbine engine and an application to control operation of the gas turbine engine would expand the applications to more fields based on security control method used. 
But Yang, Aissi, Smith fail to explicitly disclose “and, upon power up of the embedded processing system, skip authentication of at least one of the 
address ranges identified to be skipped in the reconfigurable entity map where the at     least one of the address ranges was previously authenticated during reprogramming of the embedded processing system;”
	Kaimal disclose and, upon power up of the embedded 
processing system, skip authentication of at least one of the address ranges identified 
to be skipped in the reconfigurable entity map where the at least one of the address 
ranges was previously authenticated during reprogramming of the embedded                processing system; ([0024] [0035]-[0041] skip the previous authenticated component upon power on based on the table checked)
It would have been obvious to one having ordinary skill in the art before the effective filing data of the claimed invention was made to incorporate Kaimal’s multiple stage software verification into Smith, Aissi and Yang’s invention as they are related to the same field endeavor establishing secure module in a control system. The motivation to combine these arts, as proposed above, at least because Kaimal’s only authenticate the not authenticated component would provide more control to Smith, Aissi and Yang’s system. Therefore it would have been obvious to one having ordinary skill in the art before the effective filing data of the claimed invention was made only authenticate the not authenticated component would make the authentication process more efficient. 
	Referring to claim 2, Yang, Aissi, Smith, Kaimal disclose the immutable anchor is hardware or software that establishes a root and chain of trust in authentication (page 4, paragraphs 51, 52).  The root and chain of certification information is sent and established with the eUICC.
Referring to claim 7, Yang, Aissi, Smith, Kaimal disclose that the accommodation measure comprises one or more of resetting the embedded processing system, switching the embedded processing system to a fail-safe mode of operation, and transmitting an authentication failure message on a communication interface (Yang, page 8, paragraph 88).
	Referring to claim 8, Yang, Aissi, Smith, Kaimal disclose that the authentication comprises one or more asymmetric cryptographic methods using unique key pairs that result in an authentication failure based on an incorrect key, a missing key, or software that is tampered with resulting in the authentication failure (Yang, page 6, paragraph 73).  Yang discloses public key encryption process with a public and private key which is used to determine authentication failure based on software that is tampered with resulting in authentication failure.
Referring to claim 11, claim 11 is a method claim corresponding to the system claim 1 above and, therefore, are rejected for the same reasons set forth in the rejections of claim 1.
Referring to claim 12, Yang and Aissi, Smith, Kaimal disclose the immutable anchor is hardware or software that establishes a root and chain of trust in authentication (page 4, paragraphs 51, 52).  The root and chain of certification information is sent and established with the eUICC.
Referring to claim 17, Yang and Aissi, Smith, Kaimal disclose that the accommodation measure comprises one or more of resetting the embedded processing system, switching the embedded processing system to a fail-safe mode of operation, and transmitting an authentication failure message on a communication interface (Yang, page 8, paragraph 88).
	Referring to claim 18, Yang and Aissi, Smith, Kaimal disclose that the authentication comprises one or more asymmetric cryptographic methods using unique key pairs that result in an authentication failure based on an incorrect key, a missing key, or software that is tampered with resulting in the authentication failure (Yang, page 6, paragraph 73).  Yang discloses public key encryption process with a public and private key which is used to determine authentication failure based on software that is tampered with resulting in authentication failure.
In regard to claim 21, Yang, Aissi, Smith, Kaimal disclose  The embedded processing system of claim 1, the rejection is incorporated herein.
But Yang, Aissi fail to explicitly disclose “wherein the reconfigurable entity map defines authentication requirements of one or more of the configuration items, and authentication of one or more of the configuration items is based on the authentication requirements defined in the reconfigurable entity map.”
Smith disclose wherein the reconfigurable entity map defines authentication requirements of one or more of the configuration items, and authentication of one or more of the configuration items is based on the authentication requirements defined in the reconfigurable entity map. ([0024]-[0033][0052]-[0057][0060]-[0064] [0069]-[0071] a stack of memory address which including measurement and seal encryption keys, etc. for device authentication based on security policies, Note: please further define the authentication requirement to help move forward the prosecution.)
It would have been obvious to one having ordinary skill in the art before the effective filing data of the claimed invention was made to incorporate Smith’s industrial control system into Kaimal, Aissi and Yang’s invention as they are related to the same field endeavor establishing secure module in a control system. The motivation to combine these arts, as proposed above, at least because Smith’s controller of a gas turbine engine and an application configured to control operation of the gas turbine engine would provide control software and hardware to Kaimal, Aissi and Yang’s system. Therefore it would have been obvious to one having ordinary skill in the art before the effective filing data of the claimed invention was made providing a controller of a gas turbine engine and an application to control operation of the gas turbine engine would expand the applications to more fields based on security control method. 
Referring to claim 22, claim 22 is a method claim corresponding to the system claim 21 above and, therefore, are rejected for the same reasons set forth in the rejections of claim 21.
Claims 4-5, 14-15 are rejected under 35 U.S.C. 103 as being unpatentable over U.S. Publication No. 2017/0279619 A1 (Yang), Aissi, Smith, Kaimal et al.(Kaimal) US 2006/0136705 A1 as applied to claim 1, further in view of  U.S. Publication No. 2014/0359239 A1 (Hiremane).
	Referring to claims 4, 14, Yang, Hiremane, Aissi, Smith, Kaimal disclose that the list of address ranges comprises a plurality of memory addresses which would indicate at least two or more address ranges for one of the configuration items (Hiremane, page 2, paragraph 21).  It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to learn from Hiremane that the list of memory addresses would include at least two or more address ranges for one of the configuration items.  These list of addresses are associated with the configuration item system software 108.
	Referring to claims 5, 15, Yang and Hiremane, Aissi, Smith, Kaimal disclose two or more different accommodation measures are defined for the list of address ranges (Hiremane, page 4, paragraph 47).  Hiremane describes sending an interrupt signal to a reporting agent and manageability engine causing the display of failure to the user.  All three of these represent accommodation measures which are associated with an authentication failure.

Allowable Subject Matter
Claims 9 and 19 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
The prior arts of record including the newly cited prior arts when taken individually or in combination do not expressly teach or render obvious the limitations recited in claims 9 and 19 if rewritten in independent form including all of the limitations of the base claim and any intervening claims when taken in the context of the claims as a whole.
In addition, neither a reference uncovered that would have provided a basis of evidence for asserting a motivation, nor one of ordinary skilled in the art at the time the invention was made, knowing the teaching of the prior arts of record would have combined them to arrive at the present invention as recited in the context of claims 9 and 19 if rewritten in independent form including all of the limitations of the base claim and any intervening claims as a whole.
Note: please correct indefinite language, lack of antecedent basis issues, for example, “one or more of the plurality of configuration items”… or “the one or more of the plurality of configuration items”, etc. in the whole claim set,  to put the case in condition for allowance.
Response to Arguments
Applicant’s arguments with respect to claims 1-2, 4-9, 11-12, 14-19, 21-22 filed on 7/12022 have been considered but are moot because the arguments do not apply to the current rejection.
Conclusion
The prior art made of record and not relied upon is considered pertinent to Applicant's disclosure. 
PATENT PUB. #	PUB. DATE	INVENTOR(S)	TITLE

US 20140189340A1 		2014-07-03		Hadley
SECURE BOOT INFORMATION WITH VALIDATION CONTROL DATA SPECIFYING A VALIDATION TECHNIQUE
Hadley disclose examples disclosed herein relate to secure boot information with validation control data specifying a validation technique. Examples include determining, with the specified validation technique, whether validation data is consistent with the secure boot information…. See abstract. 

US 20170236123 A1 	2017-08-17 		ALI et al.
DECENTRALIZED PROCESSING OF GLOBAL NAMING SYSTEMS
ALI et al. disclose methods, networks, systems, and media for providing global naming services with blockchains without a centralized server… see abstract. 

US 20170185782 A1 	2017-06-29 	Furuya
ELECTRONIC APPARATUS, METHOD AND STORAGE MEDIUM
Furuya disclose an electronic apparatus includes a hardware processor. The hardware processor executes first authentication processing and second authentication processing when the electronic apparatus is powered on or rebooted. The hardware processor executes the first authentication processing using first data stored in the nonvolatile storage region after executing the second authentication processing in a case of executing the second authentication processing when the electronic apparatus is powered on or rebooted. The hardware processor deletes the first data from the nonvolatile storage region when setting of not executing the second authentication processing upon the electronic apparatus is powered on or rebooted is made… see abstract. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to XUYANG XIA whose telephone number is (571)270-3045. The examiner can normally be reached Monday-Friday 8am-4pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jennifer Welch can be reached on 571-272-7212. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

XUYANG XIA
Primary Examiner
Art Unit 2143



/XUYANG XIA/           Primary Examiner, Art Unit 2143