Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
This office action is response to 02/19/2021. Claims 1-20 are presented for examination.

Allowable Subject Matter
Claims 1-20 are allowed in light of the Applicant’s argument and in light of the prior art made of record.

Reasons for Allowance
The following is an examiner’s statement of reasons for allowance:
As to independent claims the prior art of record McLinden et al (US Patent No. 10,742,674) in view of Hao et al (US Publication No. 2017/0155703), further in view of Rappard et al., (US Patent No. 10,594,734) alone or in combination fails to anticipate or render obvious the claim invention, 	

McLinden et al. (prior art on the record) teaches a segmented attack prevention system for IoT networks (SAPSIN) that may allow access to and configuration of IoT devices while protecting the devices from intrusion, monitoring the network for malicious activity, preventing potentially infected devices from becoming an additional attack surface, and increasing device availability. Further, the system includes the security database 118a that may be any-transitory machine-readable media configured to store data. The security database 118a may include service data records of access control rules and/or security rules for different devices and different types of requests. For example, the security database 118a may include a table defining the access control rules of service requests for a protected IoT device. Specifically, the table may include a set of rules for the service requests by translating administratively defined services into rules of network metrics including the standard flow metrics. The table may include the fields of device identifier and the standard flow metrics, such as ingress interface, source IP address, destination IP address, IP protocol, source port for UDP or TCP, 0 for other protocols, destination port for UDP or TCP, type and code for internet control message protocol (ICMP), 0 for other protocols, IP type of service, and any other network metrics. When the SAPSIN 108 receives a service request trying to access data or service from the protected IoT device, the SAPSIN 108 may query the data record from the security database 118a based on the device identifier, and retrieve the service data record of the access control rules for the device. If the request satisfies all the rules defined in the security database 118a, the SAPSIN 108 may authorize the request.

Hao et al. (prior art on the record) teaches IoT services may be fragmented in that the IoT services may operate as either data collecting tools connected to the clouds or may be deployed as individual tools connected through applications. Consequently, IoT device may be limited tools for data collections, such as video cameras and sensors or controlling tools through a mobile application for controlling remote door locks, lighting or garage door openers with minimal intelligence. IoT devices are evolving to become more fully connected to improve services. Further, cloud server 140 may further function as a control center to direct IoT device 110 to perform certain actions. For example, IoT device 110 may connect to other IoT devices 110 and operate based on configuration parameters stored in a local policy engine, and cloud server 140 may update the parameters and/or direct IoT device 110 to perform an action. For example, if cloud server 140 determines that more than a threshold number of other IoT devices 110 are connected in a WiFi-based local area cloud 101 associated with an IoT device 110, cloud server 140 may direct IoT device 110 to shutdown the WiFi access and/or change a configuration parameter. Further, loud server 140 may dynamically calculate a “friendship” score for the requesting IoT device 110-2. For example, cloud server 140 may identify an owner associated with requesting IoT device 110-2, and cloud server 140 may calculate the friendship score with respect to the identified owner based on various factors such as: (1) whether the owner of requesting IoT device 110-2 is known to or identified as a friend (or even a close friend) of an owner associated with leader IoT device 110-1; (2) whether the identified owner of requesting IoT device 110-2 is known or identified as a friend of another person identified as a friend of the owner of leader IoT device 110-1; (3) whether one or more other IoT devices 110 of the identified owner of requesting IoT device 110-2 has been admitted into local area cloud 101 associated with leader IoT device 110-1 or another local area cloud 101; (4) whether requesting IoT device 110-2 or an associated owner is approved by a third party, such as a government official, a third-party verification service, other IoT devices 110 in local area cloud 101, or other leader IoT devices 110 communicating the cloud server 140; etc. If the friendship score is higher than a threshold value, IoT device 110 may be admitted into local area cloud 101. 

Rappard et al. (prior art on the record) teaches a system for dynamic per subscriber policy enablement for security platforms within service provider network environments includes monitoring network traffic on a service provider network at a security platform to identify a subscriber with a new IP flow; associating the subscriber with the new IP flow at the security platform; and determining a security policy to apply at the security platform to the new IP flow based on the subscriber. Further, the system provide the notification of this detected attack to the orchestration and security layers for the service provider network, which can include the IP (or IPs) or the user equipment (e.g., mobile phones or Internet of Things (IoT)) that the detected attack is coming from on the signaling layer. The security platform layer (e.g., which can include a Network Gateway FireWall Manager (NGFWM) for managing NGFW devices of the security platform layer for the service provider network(s), in which the NGFWM can be implemented using commercially available management solutions available from Palo Alto Networks, Inc. for managing multiple network devices/firewalls, such as the Panorama™ network security management for centralized device management that enables users to centrally manage the process of configuring network devices, deploying security policies, performing forensic analysis, and generating reports across an entire network of NGFWs and is available as either a virtual appliance or a dedicated management platform) can receive this API call or other communication mechanism providing the notification of this detected attack and enforce/prevent this attack (e.g., using a “Dynamic Address List” as the security/firewall mechanism of dynamically real-time changing of the security policy).

None of the prior art of record teaches the non-obvious feature of the present invention, “detecting and blocking a cyber-attack launched from an outside network based on a set of configurable rules; issuing and communicating a control command to a network-enabled breakout device following a communication protocol to control and perform an operation of the network-incapable industrial device remotely in response to the detected cyber-attack; accepting the control command from the network security device at a network- enabled breakout device; converting the command to a first set of electrical signals to be used to control operations of the network-incapable industrial device; accepting the first set of electrical signals from the network-enabled breakout device and perform the operation of the network-incapable industrial device according to the first set of electrical signals; generating and transmitting a second set of electrical signals to the network- enabled breakout device; accepting the second set of electrical signals from the network-incapable industrial device at the network-enabled breakout device; translating the second set of electrical signals from the network-incapable industrial IoT device to a request and communicate the request to the network security device following the communication protocol; adjusting the one or more of the configurable rules in response to the request from the network-enabled breakout device”, in combined with other limitations as detailed in independent claims.
 
None of the prior art of record, either taken by itself or in any combination, would have anticipated or made obvious the invention of the present application at or before the time it was filed.
Therefore, claims 1-20 hereby allowed in view of applicant’s persuasive arguments and in the light of amendments to the claims.  
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”
Conclusion
4.	The prior art made of record and not relied upon is considered pertinent to applicant's disclosure (see form “PTO-892 Notice of Reference Cited”).
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MORSHED MEHEDI whose telephone number is (571) 270-7640. The examiner can normally be reached on M - F, 8:00 am to 4:00 pm EST.    If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Jeffrey L. Nickerson can be reach on (469) 295-9235. The fax number for the organization where this application or proceeding is assigned is (571) 273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from their Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (In USA or Canada) or 571-272-1000.


/MORSHED MEHEDI/Primary Examiner, Art Unit 2432