Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

This action is in response to request for continued examination filed 12/8/21.
Claims 1-20 are pending.

Response to Arguments
Applicant's arguments filed 4/18/22 have been fully considered but they are not persuasive.
The Office acknowledges that Madrid does not explicitly disclose "constructing, based on the functional analysis, a fist line-of-code behavior and relation model," which has been further amended to include the elements noted above. Instead, the Office points to Aditham as disclosing this element. Aditham mentions "[a] control-flow graph 1802 is a directed graph representation of a program" and that "[v]ertices in a CFG 1802 give the level of detail, such as instruction-level or basic block level" and that "[b]ranch instructions, function calls, conditional and unconditional jumps account for forward edges." Aditham ,i [0153]. Aditham, however, does not disclose "a first line-of-code behavior and relation model ... comprising a plurality of symbols and symbol relationships describing influences between at least a portion of the symbols" where "at least one of the symbol relationships comprises an interdependency or dependency between symbols" and "the first line-of-code behavior and relation model comprises a strength of the interdependency or dependency," as recited by amended claim 1 (emphasis added). Venkatesan and Iyer are further silent regarding these aspects and thus fail to cure these deficiencies of Madrid and Aditham. Thus, amended claim 1 is distinct from the cited references.

The examiner disagrees in part. Specifically Aditham discloses a line-of-code behavior and relation model comprising “interdependency or dependency between symbols” (see e.g. par. [0153] “Edges in CFG 182 represent control jumps”). As indicated below, the previously cited references do not explicitly teach the line-of-code behavior and relation model comprising a strength of the interdependency of dependency. However, as indicated below a line-of-code behavior and relation model comprising strength of (inter)dependency was known in the art (see e.g. US 2019/0205106 to Sharma et al. as discussed below). 

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-9, 11-18 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over US 2018/0217828 to Madrid et al. (Madrid) in view of US 2019/0089720 to Aditham et al. (Aditham) in view of US 2004/0225996 to Venkatesan et al. (Venkatesan) in view of US 2019/0205106 to Sharma et al. (Sharma).

Claims 1 and 13: Madrid discloses a non-transitory computer readable medium including instructions that, when executed by at least one processor, cause the at least one processor to perform operations for analyzing software based on functional line-of-code behavior and relation models, the operations comprising: 
identifying a prompt to change a first version of code on a controller to a second version of code (par. [0033] “the response … indicates the software updates 102 are available”); 
performing a signature operation on the second version of code to produce a first signature value (par. [0037] “The update server 112 may generate the signature key 130 and corresponding signature verification key 138 … sign one or more portions of the software update file 102”); and 
sending the first signature value to the controller par. [0037] “download and send the signed software updates 102’ to the corresponding controllers 118”); 
wherein the controller is configured to:
compute a second signature value by the controller performing a signature operation on the second version of code (par. [0038] “The vehicle controller 118 may use the signature verification key 138 to generate a controller signature”);
compare the first signature value to the second signature value (par. [0038] “verify that the signature included with the download signed software updates 102’ matches”); and
determine, based on the comparison, whether to validate the second version of code (par. [0038] “verify that the signature included with the download signed software updates 102’ matches”).

Madrid does not explicitly disclose 
performing a functional analysis of the second version of code to determine at least two functions and at least one relationship between the at least two functions, wherein the functional analysis comprises:
at least one of a statistical or dynamic analysis process; and
constructing, based on the functional analysis, a fist line-of-code behavior and relation model representing execution of functions of the second version of code on the controller and comprising a plurality of symbols and symbol relationships describing influences between at least a portion of the symbols, at least one of the symbols representing at least one of:
a variable, a buffer, an object, a segment of code, a controller to which the symbol relates, or a system to which the symbol relates; 
performing the signature operation on the constructed first line-of-code behavior and relation model, the signature operation being based on at least a configuration of the symbol relationships; and 
computing a second signature value by performing a signature operation on a second line-of-code behavior and relation model based on the second version of code.

Aditham teaches:
performing a functional analysis of a version of code to determine at least two functions and at least one relationship between the at least two functions (par. [0153] “Vertices in a CFG 1802 give the level of detail, such as, instruction-level or basic block level … Edges in CFG 182 represent control jumps”, here the instructions/basic bocks describe the functionality of the code and the jumps represent relationships between them), wherein the functional analysis comprises:
at least one of a statistical or dynamic analysis process (e.g. par. [0151] “Tracing application to get their CFG” dynamic analysis); and
constructing, based on a functional analysis, a first line-of-code behavior and relation model representing execution of functions of a version of code on the controller (par. [0173] “creating a control flow graph of the process”) and comprising a plurality of symbols and symbol relationships describing influences between at least a portion of the symbols (par. [0153] “Vertices in a CFG 1802 give the level of detail, such as … basic block level … Branch instructions, function calls, conditional and unconditional jumps account for forward edges”), wherein: 
at least one of the symbols represents at least one of 
a variable, a buffer, an object, a segment of code (e.g. par. [0153] “basic block level”), a controller to which the symbol relates, or a system to which the symbol relates; 
at least one of the symbol relationships comprises an interdependency or dependency between at least two of the symbols (e.g. par. [0153] “edges … represent … function calls”); and
performing a signature operation on the constructed first line-of-code behavior and relation model, the signature operation being based on at least a configuration of the symbol relationships (par. [0173] “generating the process signature comprises … creating the hash according to the one or more minimum spanning trees”); and 
computing a second signature value by performing a signature operation on a second line-of-code behavior and relation model based on a second version of code (par. [0169] “a comparison of the process signature with at least one other process signature”).

It would have been obvious to perform a functional analysis to construct a line-of-code behavior and relation model (Aditham par. [0173] “creating a control flow graph of the process”) on the second versions of the code (Madrid par. [0033] “the response … indicates the software updates 102”) and to compare the results of first and second signature operations (Madrid par. [0038] “a controller signature and … the signature included with the download signed software updates 102’). Those of ordinary skill in the art would have been motivated to do so as a known means of identifying corrupted / malicious code (see e.g. Aditham par. [0173] “attack detection”).

Madrid and Aditham do not teach:
determining at least one functional change to a first portion of code attributable to a difference between the first and second versions of code, the at least one functional change being based on a relationship between the fist portion of code and a second portion of code;

Venkatesan teaches analyzing software delta changes comprising:
determining at least one functional change to a first portion of code attributable to a difference between the first and second versions of code (par. [0105] “delta-generator matched blocks based on their content and neighborhood”), the at least one functional change being based on a relationship between the fist portion of code and a second portion of code (e.g. par. [0110] “these blocks … remain unchanged in T, but an extra call is added toffrom [sic] the block b4”, par. [0086] “delta 330 specifies “ADDEDGE(313, 337), … and ADDEDGE(337,315)”).

It would have been obvious at the time of filing to determine at least one functional change based on a relationship between a first portion of code and a second (par. [0110] “an extra call is added toffrom [sic] the block b4”). Those of ordinary skill in the art would have been motivated to do so to minimize the size of the delta (see e.g. Venkatesan abstract “generating a minimum delta”).

Madrid, Aditham and Venkatesan do not explicitly teach:
the first line-of-code behavior and relation model comprises a strength of the interdependency or dependency;

Sharma teaches at least one symbol relationship comprising an interdependency or dependency between at least two of the symbols (par. [0045] “dependency and control flow metrics”); and
a first line-of-code behavior and relation model comprises a strength of the interdependency or dependency (par. [0045] “affinity values 122 … resource affinity graph 124”).

It would have been obvious at the time of filing to construct a line-of-code behavior and relation model comprising a strength of interdependency or dependency between the at least two symbols (Sharma par. [0045] “affinity graph 124”, Aditham par. [0173] “creating a control flow graph of the process”). Those of ordinary skill in the art would have been motivated to do so as a means of determining the relatedness of respective functions/symbols. 

Claim 2: Madrid, Aditham, Venkatesan and Sharma teach claim 1, wherein the prompt comprises a delta file (e.g. Venkatesan par. [0136] “receives the content 710 of unmatched blocks”);
the operations further comprise assigning the first signature value to the delta file associated with the second version of code (Madrid par. [0037] “sign one or more portions of the software update file 102”, Venkatesan par. [0085] “delta 330”); and
the controller is further configured to:
receive the delta file to which the first signature value is assigned and that is associated with the second version of code (Madrid par. [0038] “v the download signed software updates 102’”, Venkatesan par. [0085] “delta 330”); and
determine, based on the comparison, whether to execute the delta file (par. [0038] “verify that the signature included with the download signed software updates 102’ matches”, Venkatesan par. [0085] “delta 330”).

Claim 3: Madrid, Aditham, Venkatesan and Sharma teach claim 1, wherein the first signature value is associated with the first line-of-code behavior and relation model within a table and the table includes a third signature value associated with a third line-of-code behavior and relation model representing execution of functions of the first version of code on the controller (Aditham par. [0151] “Tracing application to get their CFG”, par. [0079] “a lookup table 804”).

Claim 4: Madrid, Aditham, Venkatesan and Sharma teach claim 1, wherein the controller is further configured to, based on the determination of whether to validate the second version of code, prevent execution of the second version of code on the controller (Madrid par. [0038] “If the … signatures do not match, … send an error notification”).

Claim 5: Madrid, Aditham, Venkatesan and Sharma teach claim 4, wherein the controller is further configured to, based on the determination of whether to validate the second version of code, notify a remote source associated with the second version of code (Madrid par. [0038] “If the … signatures do not match, … send an error notification”, it would at least have been obvious to send this notification to the “update server 112” so that the issue can be corrected).

Claim 6: Madrid, Aditham, Venkatesan and Sharma teach claim 1, wherein the second line-of-code behavior and relation model is constructed by the controller (Madrid par. [0038] “The vehicle controller 118 may … generate a controller signature”). 

Claims 7 and 16: Madrid, Aditham, Venkatesan and Sharma teach the non-transitory computer readable medium of claims 1 and 13, wherein: 
the computing of the second signature value comprises constructing, based on the identified prompt, the second line-of-code behavior and relation model, the second line-of-code and behavior and relation model representing execution of functions of the controller based on the second version of code (Madrid par. [0038] “The vehicle controller 118 may use the signature verification key 138 to generate a controller signature”, Aditham par. [0173] “creating a control flow graph of the process”, par. [0153] “function calls”).

Claims 8 and 17: Madrid, Aditham, Venkatesan and Sharma teach claims 7 and 16, wherein the second signature value is computed by using the signature operation (Aditham par. [0173] “generating the process signature comprises … creating the hash according to the one or more minimum spanning trees”).

Claims 9 and 18: Madrid, Aditham, Venkatesan and Sharma teach claims 7 and 16, wherein at least one of the first or second line-of-code behavior and relation models was constructed dynamically based on data associated with real-time operations of the controller (Aditham par. [0151] “Tracing application to get their CFG”).

Claim 11: Madrid, Aditham, Venkatesan and Sharma teach claim 1, wherein at least one of the symbols includes a functional profile developed through machine-observed behavior (Aditham par. [0151] “Tracing application to get their CFG”) .

Claims 12 and 20: Madrid, Aditham, Venkatesan and Sharma the non-transitory computer readable medium of claim 1, 13, wherein the signature operation is based on a type, function, version of software, sensitivity value, age, or processing capacity of the controller (Madrid par. [0028] “indexed according to the vehicle controller 118”).

Claim 14: Madrid, Aditham, Venkatesan and Sharma teach the computer-implemented method of claim 13, wherein the functional analysis comprises at least one of: 
parsing the second version of code for known segments (Aditham par. [0146] “a one-time parse through the program code”); or 
receiving a user input classifying a functional effect associated with the second version of code.

Claim 15: Madrid, Aditham, Venkatesan and Sharma teach the computer-implemented method of claim 13, wherein performing the functional analysis comprises splitting the second version of code according to functional effects of segments of the second version of code or functional relationships between the segments (Aditham par. [0173] “extracting one or more minimum spanning trees”).

Claim 19: Madrid, Aditham , Venkatesan and Sharma teach the computer-implemented method of claim 16, wherein the functional analysis comprises determining an operational envelope associated with the second version of code, the operational envelope being based on at least one of: a CPU cycle, a memory requirement, a speed of execution, , a response time, a sequence of function execution (e.g. Venkatesan par. [0108] “i-neighborhood”, Aditham par. [0173] “creating a control flow graph of the process”), or a memory leakage.

Claims 10 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over US 2018/0217828 to Madrid et al. (Madrid) in view of US 2019/0089720 to Aditham et al. (Aditham) in view of in view of US 2004/0225996 to Venkatesan et al. (Venkatesan) in view of US 2019/0205106 to Sharma et al. (Sharma) in view of US 2020/0125475 to Iyer et al. (Iyer).

Claims 10 and 19: Madrid, Aditham, Venkatesan and Sharma teach claims 7 and 16, wherein the first and second line-of-code behavior and relation models were constructed dynamically based on data associated with real-time operations of the controller (Aditham par. [0151] “Tracing application to get their CFG”).

Madrid, Aditham and Venkatesan do not teach wherein the first and second line-of-code behavior and relation models were constructed dynamically based on data associated with real-time operations of the controller, the data being limited based on a group of parameters set remotely from the controller.

Iyer teaches dynamically constructing a line-of-code behavior and relation model based on data associated with real-time operations of the controller (par. [0008] “dynamically generate … sections of a control flow graph”), the data being limited based on a group of parameters (par. [0007] “the data characteristics may also include relationships associated with the data argument such as functions to which the data argument is passed”).

It would have been obvious to construct the first or second line-of-code behavior and relation models (Aditham par. [0173] “creating a control flow graph of the process”) dynamically based on data associated with rea-time operations (Iyer par. [0008] “dynamically generate … sections of a control flow graph”). Those of ordinary skill in the art would have been motivated to do so as a known alternate method which would have provided details regarding the execution of the program (see e.g. Iyer par. [0007]). 

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
US 2014/0123293 to Tripp, US 2010/0251210 to Amaral et al., US 6,175,957 to Ju et al. and US 2014/0123293 to Tripp each disclose a line-of-code behavior and relation model comprising a strength of interdependency or dependency.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JASON D MITCHELL whose telephone number is (571)272-3728. The examiner can normally be reached Monday through Thursday 7:00am - 4:30pm and alternate Fridays 7:00am 3:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lewis Bullock can be reached on (571)272-3759. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/JASON D MITCHELL/Primary Examiner, Art Unit 2199