Nike
DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Applicant's arguments filed on 05/06/2022 has been entered and carefully considered. Claims 1-20 have been examined and rejected.

Response to Amendment and Arguments
Applicant’s arguments filed on 05/06/2022 with respect to rejections of claims 1-20 under 35 U.S.C. § 103, have been considered and are found to be not persuasive.

The applicant argues that, Costante and Cianfrocca, either alone or in combination, fail to disclose the claim limitation, “comparing, by the device, the one or more control parameter values to a policy associated with the endpoint;”, because , “Unlike the present claims, however, Costante does not teach that the attribute-based policy ("policy") is compared with one or more control parameter values extracted from a control packet, but instead that the policy is compared with a selected one of the aforementioned models”, the examiner respectfully disagree.
The specification of the instant application teaches the term “policy”,  is defined as an application-layer policy associated to an endpoint device, based on its asset profile, where the “policy” specify “set of commands” represented by the values of the “control parameter values” (see para 0061, 0102). The “asset profiles” represents each of the endpoint devices in network 302, their associated Tags, and their metadata such as metadata about the communicating devices/endpoints, including its network identifiers, Asset Tag that identify device specific details, Device ID, What kind of device it is, what kind of OS is, Activity Tags represents the function of the device as what it is doing at the protocol level such Programming CPU, Heartbeat management, Emergency Break, Pushing Data, and other User-Defined Tags representing  additional context, Dynamically Generated Tags these could be added dynamically using ML representing current behavior of the device for dynamic conditions, Scalable Group Tags representing  packet flows between a defined group of devices/services in the network (spec see para 0068, 0093). The specification at paragraphs 0094 and  0095 teaches, based on the asset profile of controller 306, policy service 316 may determine that controller 306 is a PLC and associate a policy with controller 306 only allows HMI 310 and SCADA service 314 to communicate with controller 306 via network 302, policy service 316 may also associate application-layer policies to an endpoint device, based on its asset profile and defines control parameters as “set of commands” specified by the policy, such as a PLC that controls a motor where the policy may specify that controller 306 should keep the operating temperature of the industrial process performed by industrial equipment 304 within a specified temperature range, RPMs of a motor within a specified range, or, the policy may specify that controller should not power a circuit on or off, such as during particular times or on certain days.as shown in fig.6 step 260 , the device compare the one or more control parameter values to a policy associated with the endpoint, where the policy is based on one or more component tags and one or more activity tags assigned to the endpoint defined by the asset profile of the network devices as hosts communicating using the network as show in fig. 4A and 4B, where component tags can be used to identify a particular endpoint or other device in the network by its type, if the endpoint is a  PLC, SCADA station, its software is CodeSys, Windows, analysis of the traffic of the device can also lead to various activity tags being applied to that device, such activity tags may distinguish between control system behaviors., insert program, device init..  and IT behaviors  such as host config., ping, etc.). The policy define a range or set of one or more values that are acceptable for sending as a control message to the endpoint based on the asset profile (spec see para 0076 and 0104).
Costante teaches (see page 4 and 5),  “attribute” as, attribute is a feature representing a host, a link or the contextual environment, the attribute values derived from the extracted protocol field values describe protocol generic features of the one of the first host, the second host and the link;  “host and link model” as  “host model: a list of attributes used to describe the host wherein preferably at least one attribute is a semantic attribute” and “link model: a list of attributes used to describe the link wherein preferably at least one attribute is a semantic attribute”. Costante’s “host models” and “link models” are equivalent to the “asset profiles” of the current application, and attributes are equivalent to the Tags and updating the models is the process of mapping network message fields to the host- and the link-models applying classification techniques to update the current host- and link-models by considering previous values of the attributes and the new information carried by the current network message. Costante define “attribute based policy” as “a statement in the form if-condition-then-action[obligation]”, where the condition contains attributes referring to the host and/or link models, the action defines what has to be done in case of a positive match of the policy with the data traffic, deny/permit and obligation defines additional actions to be taken in case of a match, whitelist policy as an attribute-based policy that describes acceptable data traffic [action==permit], blacklist policy: an attribute-based policy that describes unacceptable data traffic [action==deny] and alert: semantic-enriched and context-aware information that expresses a possible situation of danger of the system, which is the same as the application layer policy described above in relation to the claimed invention, which uses the “asset profile” to define the policies.  Costante define “policy-check”, which is interpreted as “comparing the attribute-based policy with one or more control parameter values extracted from a control packet”, as the process of matching attribute-based policies against data traffic and take the action described by the policy in case of match. A Semantic attribute may be described as an attribute which value cannot be extracted from a direct map to a protocol field value, may require to take into account for example the context, previous history, other protocol field values and/or other attributes value, in order to be able to assign a value to the semantic attribute, semantic attributes include the role of a host, if it is a PLC, a master, a slave, the operation of a link, if it is a Read, a Write, a Notify, a Reprogram, operation, the type of protocol of a link, if it is an operational, a vendor specific or an open protocol, the message type of a message. Where Semantic attributes represents commands or operation to be performed by the host or on link, which is equivalent to the control parameters as thought by the specification of the current invention. (Costante see page 12 lines 1-20) As shown in fig.3 at step a) the data traffic or network protocol message representing a control message is parsed to extract the protocol field value  which is mapped to identify attribute values of the first host, second host and the link related to the network protocol message under investigation, a model of the first host, second host and the is selected from the set of models, where the models are equivalents to the asset profiles of each hosts or network entity of the current invention as described above, the model is selected to identify at least one semantic attribute related to the protocol messages, or command or operation, as control parameters related to network packet or network protocol message, where the semantic attribute  such as role of a host, the operation of a link, if it is a Read, a Write, a Notify, a Reprogram, operation, the type of protocol of a link, if it is an operational, a vendor specific or an open protocol, the message type of a message. At Step d the specific model or asset profile of the selected for the monitored packet is updated with derived semantic attribute values when the value was empty during the initial selection time. The control parameters derived from the sematic attribute values related to selected model or asset profile related to the hosts or link of the packet or network protocol message, is then compared with a set of attribute based policies for compliance to match security constraints defined by the attributes of the policy at step e). Here the selected model or updated selected model represents the equivalent of the Asset profile of the current invention, with the set of a attributes repressing asset tags or activity tags, including the semantic attributes repressing control parameters related to hosts and link of the network packet or network protocol message under investigation. (Costante see page 2 lines 16-33, and page 3 lines 1-6)  
Applicant fails to provide any persuasive arguments or amendments to overcome the rejection. Therefore, the rejection under 35 U.S.C. 103 is hereby maintained.

Claim Rejections - 35 USC § 103
5.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


6.	Claims 1-5, 7-13 and 15-20 are rejected under AIA  35 U.S.C. 103 as being unpatentable over Costante (WIPO Pub WO 2019/172762) in view of CIANFROCCA (U.S. PGPub 2019/0028434)
As per claims 1, 9 and 17
Costante teaches a method (Costante, see para page 10, lines 18-27, page 27 lines 1-15, Costante teaches a method for an Industrial Control Systems application, attribute extraction from network, attribute-based policies are used to express domain-specific security constraints in industrial control system, where only Engineering Workstations can change the logic of Programmable Logic Controller (PLC), while SCADA or DCS only issue commands to read or write PLC memory, where the domain knowledge can be translated into attribute-based policies and an intrusion detection system can raise an alert in case a policy is violated) comprising:  
2identifying, by a device in a network, a packet sent via the network towards an 3endpoint as being a control packet for the endpoint (Costante, see page 5 line 17, 31 and 32,  page 12, lines 26-31, as shown in fig. 4 step B, and fig. 6 parser extracts protocol fields and their corresponding values from the data stream that include MODBUS/Transmission Control Protocol (MODBUS/TCP), MODBUS/Remote Terminal Unit (MODBUS/RTU), Building Automation and Control Network (BACnet), link attributes values are derived from data protocol fields at any layer of the protocol with attributes: protocol, source port, destination port, function code, message type, with extraction of function code, message type the method identify whether the link represents a request for data, a command, a reprogramming action as being part of a control packet and the specific function of the control packet, as show in fig. 5 Message type, network link L1 from host H1 to host H2 is observed, network traffic is parsed and the following protocol fields are extracted from the network message: protocol name=Modbus, source IP=10.1.1.1, destination IP=10.1.1.2, source port=502, destination port=502, function code=16 );  
4extracting, by the device, one or more control parameter values from the control 5packet (Costante, see page 13, lines 18-21, 32-33,  page 14 lines 9-1, attribute values are extracted from the protocol field such as H1={IP=10.1.1.1, role=master} relying on heuristics such as, ‘if there is a Modbus link with function code equal to 16 from host Hx to host Hy, and the vendor for role Hy is equal to Siemens, then Hx has role equals to master while host Hy has role slave’, attributes for H2 for which IP=10.1.1.2, role=slave, using  heuristics such as, ‘if there is a Modbus link with function code equal to 16 from host Hx to host Hy, and the vendor for role Hy is equal to Siemens, then Hx has role equals to master while host Hy has role slave’ attributes for link L1 where source IP=10.1.1.1, destination IP=10.1.1.2, protocol=Modbus, source port=502, destination port=502, operation=change setpoint, number of occurrences=1); 
6comparing, by the device, the one or more control parameter values to a policy 7associated with the endpoint (Costante, see page 21, lines 18-27, page 22 lines 1-15, as shown in fig. 4 step c-e the detecting, on the basis of the attributes derived from the monitored data traffic, if the monitored data traffic complies to the consistency rule, by attribute-based policy detection and compression to enforcement of policies based on explicit and in implicit hosts and link attributes, Attribute-based policy P for a given a set of host-(A.sub.H), link-(A.sub.L) and context-related (A.sub.C) attributes A=A.sub.H∪A.sub.L∪A.sub.C=<a.sub.1=v.sub.a1, a.sub.2=v.sub.a2, . . . , a.sub.n=v.sub.an> where a.sub.i∈A has value va.sub.i∈V.sub.i with i∈[1,n], P=<if <ATTRIBUTE OP VALUE [{LOGICOP ATTRIBUTE OP VALUE}]> then ACTION [{, OBLIGATION}]> where: ATTRIBUTE can be any host-, link- or context-based attribute a.sub.i∈A; OP can be any comparison operation, so the extracted host and link attributes are compare in the policy to determine action to be taken);
Costante fails to exclusively teach and 8initiating, by the device, a corrective measure, based on a determination that the 9one or more control parameter values violate the policy associated with the endpoint.
In a similar field of endeavor CIANFROCCA teaches and 8initiating, by the device, a corrective measure, based on a determination that the 9one or more control parameter values violate the policy associated with the endpoint (CIANFROCCA, see para 0078, 0140, 0148 a SCADA firewall does behavior filtration by allowing a policy-writer to selectively permit behaviors on the basis of session metadata, “writes” may never be performed against the robot, “Reads” may be performed only by authorized users, or from specific network segments, or at certain times of day, implementer of the policy language define action taken when a violation occurs at 203 as the desired behavior or operation constrain is not satisfied, a DENY is issued to prevent a transaction from taking place by blocking a network communication or by directly controlling a machine or a MODIFY is issued to change one or more of the parameters or data elements in the transaction before passing it on in the network or to the control system of a machine and SET is issued add a data item to the retained state of the policy enforcement device, which can be referenced in the future processing of the, the policy-execution engine admit of different possibilities to effectuate policy violation, in the “in-line” case, the policy-execution engine can selectively block or modify transactions in real time, effectuating a policy of denying or modifying particular operations that may violate local safety or security rules compiled policy object).
It would have been obvious to one of ordinary skill in the art to before the effective filling date of the claimed invention to combine the teaching of Costante with the teaching of CIANFROCCA, as doing so would provide an efficient method for modifying a detected transaction in a network traffic to an industrial machine based on the determination using a stored machine profile defining an association between the language of the stored policy object and at least one control signal or instruction for the at least one industrial machine does not satisfy  desired behavior or  operational constraint related to the industrial machine (CIANFROCCA see para 0016).
1 	
As per claims 2, 10 and 18
Costante in view of CIANFROCCA teaches the method as in claim 1, wherein initiating the corrective measure comprises: 2blocking, by the device, the packet from being delivered to the endpoint (CIANFROCCA, see para 0078, 0140, 0148 a SCADA firewall as implementer of the policy language define action taken when a violation occurs at 203 as the desired behavior or operation constrain is not satisfied, a DENY is issued to prevent a transaction from taking place by blocking a network communication or by directly controlling a machine, in the “in-line” case, the policy-execution engine can selectively block or modify transactions in real time, effectuating a policy of denying particular operations that may violate local safety or security rules compiled policy object).
It would have been obvious to one of ordinary skill in the art to before the effective filling date of the claimed invention to combine the teaching of Costante with the teaching of CIANFROCCA, and the motivation to combine the teachings will be the same a stated above for the motivation with relation to claims 1, 9 and 17;
1 
As per claims 3, 9 and 19
Costante in view of CIANFROCCA teaches the method as in claim 1, wherein the endpoint controls an actuator, and wherein the 2one or more control parameter values affect how the actuator operates (CIANFROCCA see para 0037, dispositions would be to permit or deny a requested control signal dispatched to a machine through a network to move an actuator arm, a property arising from the nature of the controls, which may refer to any dynamically observable property).
It would have been obvious to one of ordinary skill in the art to before the effective filling date of the claimed invention to combine the teaching of Costante with the teaching of CIANFROCCA, and the motivation to combine the teachings will be the same a stated above for the motivation with relation to claims 1, 9 and 17;

 11	As per claims 4, 10 and 20
Costante in view of CIANFROCCA teaches the method as in claim 3, wherein the endpoint comprises a programmable logic 2controller (PLC) or variable-frequency drive (VFD) connected to the actuator (Costante, see para page 10, lines 18-27, page 27 lines 1-15, Costante teaches a method for an Industrial Control Systems application, attribute extraction from network, attribute-based policies are used to express domain-specific security constraints in industrial control system, where only Engineering Workstations can change the logic of Programmable Logic Controller (PLC), while SCADA or DCS only issue commands to read or write PLC memory).  
111 	
As per claims 5, 13 and 20
Costante in view of CIANFROCCA teaches the method as in claim 1, wherein identifying the packet sent via the network towards 2 the endpoint as being a control packet for the endpoint comprises: 0141440.U   CPOL 1026288-US.023identifying the packet as using an automation protocol(Costante, see page 5 line 17, 31 and 32,  page 12, lines 26-31, as shown in fig. 4 step B, and fig. 6 parser extracts protocol fields and their corresponding values from the data stream that include MODBUS/Transmission Control Protocol, MODBUS/Remote Terminal Unit, Building Automation and Control Network).

As per claims 17 and 15
Costante in view of CIANFROCCA teaches the method as in claim 1, wherein the device comprises a network firewall (CIANFROCCA, see para 0078, 0140, 0148 a SCADA firewall does behavior filtration by allowing a policy-writer to selectively permit behaviors on the basis of session metadata, “writes” may never be performed against the robot, “Reads” may be performed only by authorized users, or from specific network segments, or at certain times of day, implementer of the policy language define action taken when a violation occurs).
It would have been obvious to one of ordinary skill in the art to before the effective filling date of the claimed invention to combine the teaching of Costante with the teaching of CIANFROCCA, and the motivation to combine the teachings will be the same a stated above for the motivation with relation to claims 1 and 9;
1 As per claims 18 and 16
Costante in view of CIANFROCCA teaches the method as in claim 1, wherein the one or more control parameter values affect 2powering of a circuit (CIANFOCCA, see para 0037, 0096 dispositions would be to permit or deny a requested control signal dispatched to a machine through a network to supply more or less power to an electrical grid, controls may be defined to any degree of abstraction such total reactive power delivered by an electrical grid).
It would have been obvious to one of ordinary skill in the art to before the effective filling date of the claimed invention to combine the teaching of Costante with the teaching of CIANFROCCA, and the motivation to combine the teachings will be the same a stated above for the motivation with relation to claims 1 and 9;

7.	Claims 6 and 14 are rejected under AIA  35 U.S.C. 103 as being unpatentable over COSTANTE (WIPO Pub WO 2019/172762) in view of CIANFROCCA (U.S. PGPub 2019/0028434) in view of Yang ET. al. (U.S. PGPub 2017/0295071).
As per claims 16 and 14
Costante in view of CIANFROCCA teaches the method as in claim 1, yet fails to further comprising:  2assigning one or more component tags and one or more activity tags to the 3endpoint, wherein the policy associated with the endpoint is based on the one or more 4component tags and on the one or more activity tags.
In a similar field of endeavor Yang teaches further comprising:  2assigning one or more component tags and one or more activity tags to the 3endpoint, wherein the policy associated with the endpoint is based on the one or more 4component tags and on the one or more activity tags (Yang, see para 0044-0048,    complete set of Tag Configurations where a Tag represents an I/O value produced/consumed by industrial machines and device capability mappings which can be exported as part of the Tag Configuration, two controllers must be on separate VLANs if there is no overlap between I/O modules owned by each controller and Tags consumed by each controller,  a controller consumes a Base Tag produced by an I/O device as the one and only owner, they must be on the same VLAN, if a controller consumes a Base Tag produced by an I/O device as one of the owners, and the I/O value is not buffered, they must on the same VLAN, if a controller consumes a Base Tag produced by an I/O device as one of the owners, but the I/O value is buffered, they can be on the same or different VLAN,  Firewall must be created for each controller with a policy that only allows the data flow between the controller and associated I/O devices ).
It would have been obvious to one of ordinary skill in the art to before the effective filling date of the claimed invention to combine the teaching of COSTANTE in view of CIANFROCCA with the teaching of Yang, as doing so would provide an efficient method for use tag configuration to auto-determine the network topology, hierarchy, and segmentation of an industrial automation network(Yang see para 0016).


Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SANJOY K ROY whose telephone number is (571)270-0675.  The examiner can normally be reached on Mon-Fri 8:30am-5:00pm, EST. If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Nicholas R. Taylor can be reached on 571-272-3889.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov.  Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272- 1000.

/SANJOY ROY/
Examiner, Art Unit 2443

/NICHOLAS R TAYLOR/Supervisory Patent Examiner, Art Unit 2443