Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
1. This action is responsive to the application filed on March 18, 2020.

2. Claims 16-41 have been examined. 

Claim Objection
3. Claim 40 is objected to and considered to read:
The method of claim 39, wherein [[the]] a threshold period is equal to the detection interval.

Allowable Subject Matter
4. After sufficient search and analysis, Examiner concluded that the claimed invention has been recited in such a manner that dependent claim 25 is not taught by any prior reference found through search.
The primary reason for allowance of the claims in this case, is the inclusion of the limitations “The method of claim 24, wherein the memory operation includes a page table update, and wherein the resultant process is a hypercall to execute the page table update,” which are not found in the prior art of record.
Incorporating intervening claim 24 and claim 25 into claim 16 would put the case in condition for allowance.

5. After sufficient search and analysis, Examiner concluded that the claimed invention has been recited in such a manner that dependent claim 26 is not taught by any prior reference found through search.
The primary reason for allowance of the claims in this case, is the inclusion of the limitations “The method of claim 24, wherein the memory operation includes a memory allocation operation, and wherein the resultant process is configured to: analyze the boundaries of the memory allocation operation to determine whether memory allocated would overlap existing memory allocations; and alert the calling process that the memory allocation operation would violate memory protection constraints, or cause the memory allocation operation to allocate non-overlapping memory segments,” which are not found in the prior art of record.
Incorporating intervening claim 24 and claim 26 into claim  would put the case in condition for allowance.

6. After sufficient search and analysis, Examiner concluded that the claimed invention has been recited in such a manner that dependent claim 36 is not taught by any prior reference found through search.
The primary reason for allowance of the claims in this case, is the inclusion of the limitations “The method of claim 35, wherein monitoring the message buffer comprises: analyzing the message to determine a timestamp of when the message was created or written to the message buffer; obtaining a current time; and determining whether a threshold period has elapsed based on the difference between the timestamp and the current time,” which are not found in the prior art of record.
Incorporating intervening claims 34 and 35, and claim 36 into claim 16 would put the case in condition for allowance.

7. After sufficient search and analysis, Examiner concluded that the claimed invention has been recited in such a manner that dependent claim 38 is not taught by any prior reference found through search.
The primary reason for allowance of the claims in this case, is the inclusion of the limitations “The method of claim 37, wherein monitoring the message buffer comprises: analyzing the message to determine a timestamp of when the message was created or written to the message buffer; obtaining a current time; and determining whether a threshold period has elapsed based on the difference between the timestamp and the current time,” which are not found in the prior art of record.
Incorporating intervening claim 37 and claim 38 into claim 16 would put the case in condition for allowance.

8. After sufficient search and analysis, Examiner concluded that the claimed invention has been recited in such a manner that dependent claim 41 is not taught by any prior reference found through search.
The primary reason for allowance of the claims in this case, is the inclusion of the limitations “The method of claim 16, wherein initiating the resultant process comprises: querying the calling process to identify a sent message; querying a receiving process to identify received messages; and determining whether the sent message was ever received by analyzing the received messages for the sent message,” which are not found in the prior art of record.
Incorporating claim 41 into claim 16 would put the case in condition for allowance.


Claim Rejections – 35 USC §102
9. In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.
(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

10. Claims 16, 24, and 27-29 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by US 2020/0013281 to Eriksson et al. (hereafter “Eriksson”).

Claim 16. 
Eriksson discloses a method of implementing safety mechanisms in a safety-critical system, the method comprising:
receiving, at a safety mechanism configured to provide a first level of safety (0022, 0081, 0083), 
a message or command from a calling process operating at second level of safety (FIG.10, block 520 and related text, command/call to invoke a higher confidence/ASIL level), 
the first level of safety having more restrictive requirements than the second level of safety (0022, 0034, 0117); and
initiating by the safety mechanism, a resultant process based on the message or command, the resultant process configured to operate at the first level of safety (FIG.10, block 512-516, block 522, and related text).

Claim 24. 
Eriksson discloses the method of claim 16, wherein the command is a memory operation, and wherein initiating the resultant process comprises initiating a corresponding memory operation on behalf of the calling process operating at the second level of safety (FIG.2 and related text).

Claim 27. 
Eriksson discloses the method of claim 16, wherein the command is a request for shared resources, and wherein the resultant process is to manage timing, execution, or availability of the shared resources (FIG.2, data/applications/hardware are shared resources between processes).

Claim 28. 
Eriksson discloses the method of claim 27, wherein the calling process is associated with a priority level or an application type, and wherein the timing, execution, or availability of the shared resources is based on the priority level or application type (FIG11-13, the calling process is associated with an application type: safety/integrity application).

Claim 29. 
Eriksson discloses the method of claim 27, wherein the shared resources include processing resources or memory resources (shared processing software/memory resources in FIG.2).


Claim Rejections – 35 USC §103
11. In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


12. Claims 17 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Eriksson in view of US 2017/0036677 to Blumentritt et al. (hereafter “Blumentritt”).

Claim 17. 
Eriksson does not disclose the method of claim 16, wherein the first level of safety is ASIL-B.
However, Blumentritt further discloses the first level of safety is ASIL-B (0039, 0044).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to combine Blumentritt’s teaching into Eriksson‘s teaching.  One would have been motivated to do so to distinguish different levels of safety/integrity as suggested by Blumentritt (0019, 0039).

Claim 18. 
Eriksson does not disclose the method of claim 16, wherein the second level of safety is ASIL QM.
However, Blumentritt further discloses the second level of safety is ASIL QM (0046, 0050).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to combine Blumentritt’s teaching into Eriksson‘s teaching.  One would have been motivated to do so to distinguish different levels of safety/integrity as suggested by Blumentritt (0019, 0039).


13. Claim 19 is rejected under 35 U.S.C. 103 as being unpatentable over Eriksson in view of US 2018/0208060 to Kim et al. (hereafter “Kim”).

Claim 19. 
Eriksson does not disclose the method of claim 16, wherein the calling process operating at the second level of safety is an operating system process.
However, Kim further discloses the calling process operating at the second level of safety is an operating system process (0068).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to combine Kim’s teaching into Eriksson‘s teaching.  One would have been motivated to do so to distinguish different levels of reliability as suggested by Kim (0068).




14. Claim 20 is rejected under 35 U.S.C. 103 as being unpatentable over Eriksson in view of US 2018/0308202 to Appu et al. (hereafter “Appu”).

Claim 20. 
Eriksson does not disclose the method of claim 16, wherein the calling process operating at the second level of safety is an open source operating system process.
However, Appu further discloses the calling process operating at the second level of safety is an open source operating system process (0174, 0334).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to combine Appu’s teaching into Eriksson‘s teaching. One would have been motivated to do so to use variants of Linux UNIX operating system as suggested by Appu (0334).


15. Claim 21 is rejected under 35 U.S.C. 103 as being unpatentable over Eriksson in view of US 2019/0018408 to Gulati et al. (hereafter “Gulati”).

Claim 21. 
Eriksson does not disclose the method of claim 16, wherein the safety mechanism is configured to execute in user space.
However, Gulati further discloses the safety mechanism is configured to execute in user space (0104).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to combine Gulai’s teaching into Eriksson‘s teaching. One would have been motivated to do so to verify integrity of a sensing system as suggested by Gulati (0036, 0104).


16. Claim 22 is rejected under 35 U.S.C. 103 as being unpatentable over Eriksson in view of US 2015/0185732 to Debouk et al. (hereafter “Debouk”).

Claim 22. 
Eriksson does not disclose the method of claim 16, wherein the safety mechanism is configured to execute in kernel space.
However, Debouk further discloses the safety mechanism is configured to execute in kernel space (0073, 0086).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to combine Debouk’s teaching into Eriksson‘s teaching. One would have been motivated to do so to use safety software in vehicles as suggested by Debouk (0001, 0009).


17. Claim 23 is rejected under 35 U.S.C. 103 as being unpatentable over Eriksson in view of US 2020/0250301 to Klein et al. (hereafter “Klein”).

Claim 23. 
Eriksson does not disclose the method of claim 16, wherein the safety mechanism 1s configured to execute in a hypervisor.
However, Klein further discloses the safety mechanism 1s configured to execute in a hypervisor (0016, 0037).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to combine Klein’s teaching into Eriksson‘s teaching. One would have been motivated to do so to protect an operating system of a vehicle as suggested by Klein (0016).


18. Claims 30 and 31 are rejected under 35 U.S.C. 103 as being unpatentable over Eriksson in view of US 2015/0261704 to Vaccaro et al. (hereafter “Vaccaro”).

Claim 30. 
Eriksson does not disclose the method of claim 27, wherein the calling process is associated with a control group that has a priority level used to manage timing, execution, or availability of the shared resources.
However, Vaccaro further discloses the calling process is associated with a control group that has a priority level used to manage timing, execution, or availability of the shared resources (0022).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to combine Vaccaro’s teaching into Eriksson‘s teaching. One would have been motivated to do so to manage arbitrate data requests as suggested by Vaccaro (0030).

Claim 31. 
Eriksson does not disclose the method of claim 27, wherein the calling process is associated with a namespace that has a priority level used to manage timing, execution, or availability of the shared resources (FIG.3 and related text).
However, Vaccaro further discloses the method of claim 27, wherein the calling process is associated with a namespace that has a priority level used to manage timing, execution, or availability of the shared resources (0030).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to combine Vaccaro’s teaching into Eriksson‘s teaching. One would have been motivated to do so to manage arbitrate data requests as suggested by Vaccaro (0030).


19. Claims 32 and 33 are rejected under 35 U.S.C. 103 as being unpatentable over Eriksson in view of US 2017/0063853 to Lim (hereafter “Lim”).

Claim 32. 
Eriksson does not disclose the method of claim 16, wherein the message is an inter-process message, and wherein initiating the resultant process comprises adding data padding to the message.
However, Lim further discloses the message is an inter-process message, and wherein initiating the resultant process comprises adding data padding to the message (0086).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to combine Lim’s teaching into Eriksson‘s teaching. One would have been motivated to do so to verify the integrity of data as suggested by Lim (0086).

Claim 33. 
Eriksson does not disclose the method of claim 32, wherein the data padding is used to identify data integrity issues with the message after it is received.
However, Lim further discloses the data padding is used to identify data integrity issues with the message after it is received (0086).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to combine Lim’s teaching into Eriksson‘s teaching. One would have been motivated to do so to verify the integrity of data as suggested by Lim (0086).


20. Claims 34 and 35 are rejected under 35 U.S.C. 103 as being unpatentable over Eriksson in view of US 2017/0085437 to Condeixa et al. (hereafter “Condeixa”).

Claim 34.
Erikssoon does not disclose the method of claim 16, wherein the message is an inter-process message, and wherein initiating the resultant process comprises enqueuing the message to a message buffer.
However, Condeixa further discloses the message is an inter-process message, and wherein initiating the resultant process comprises enqueuing the message to a message buffer (0244).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to combine Condeixa’s teaching into Eriksson‘s teaching. One would have been motivated to do so to monitor messages as suggested by Condeiza (0152, 0155).

Claim 35. 
Erikssoon does not disclose the method of claim 34, comprising monitoring the message buffer to determine whether the message is ever delivered.
However, Condeixa further discloses monitoring the message buffer to determine whether the message is ever delivered (0157).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to combine Condeixa’s teaching into Eriksson‘s teaching. One would have been motivated to do so to monitor messages as suggested by Condeiza (0152, 0155).


21. Claim 37 is rejected under 35 U.S.C. 103 as being unpatentable over Eriksson in view of US 2011/0238861 to Hutchinson (hereafter “Hutchinson”).

Claim 37. 
Eriksson does not disclose the method of claim 16, wherein initiating the resultant process comprises monitoring a message buffer to determine whether the message is ever received.
However, Hutchinson further discloses the resultant process comprises monitoring a message buffer to determine whether the message is ever received (0057, 0071).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to combine Hutchinson’s teaching into Eriksson‘s teaching. One would have been motivated to do so to monitor outbound messages as suggested by Condeiza (0057).


22. Claims 39 and 40 are rejected under 35 U.S.C. 103 as being unpatentable over Eriksson in view of US 2012/0166626 to Rai et al. (hereafter “Rai”).

Claim 39. 
Eriksson does not disclose the method of claim 37, wherein the monitoring is performed at a detection interval.
However, Rai further discloses the monitoring is performed at a detection interval (0040).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to combine Rai’s teaching into Eriksson‘s teaching. One would have been motivated to do so to dictate/adjust message trafic frequencies as suggested by Rai (0040).

Claim 40. 
 Eriksson does not disclose the method of claim 39, wherein a threshold period is equal to the detection interval.
However, Rai further discloses a threshold period is equal to the detection interval (0043, 0044).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to combine Rai’s teaching into Eriksson‘s teaching. One would have been motivated to do so to dictate/adjust message trafic frequencies as suggested by Rai (0040).


Conclusion
23. Any inquiry concerning this communication should be directed to examiner Thuy (Twee) Dao, whose telephone/fax numbers are (571) 272 8570 and (571) 273 8570, respectively. Examiner can normally be reached from Monday to Friday, 6:00am - 2:30pm.
If attempts to reach Examiner by telephone are unsuccessful, Examiner’s supervisor, Hyung S. Sough, can be reached at  (571) 272 6799.
The fax phone number for the organization where this application or proceeding is assigned is  (571)  273  8300.
Any inquiry of a general nature of relating to the status of this application or proceeding should be directed to the TC 2100 Group receptionist whose telephone number is  (571)  272  2100.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).

/Thuy Dao/Primary Examiner, Art Unit 2192