DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in an interview with Robert P. Auerbach (Reg. No: 46,525) on 08/12/2022. 

CLAIMS
The application has been amended as follows: 

1. 	(currently amended) A vulnerability management system for blockchain smart contracts comprising:
a processor and a memory configured to operate:
a sandbox engine configured to scan the smart contracts for vulnerabilities;
a knowledge base engine including artificial intelligence, the knowledge base engine configured to acquire information related to new vulnerabilities and threat intelligence;
a risk scoring engine including machine learning, the risk scoring engine configured to analyze sandbox engine outcomes and assign a risk score to each vulnerable smart contract; and
a security control system configured to take an action on an identified vulnerable smart contract based on the risk score assigned to the identified vulnerable smart contract, 
the sandbox engine configured to receive, without manual intervention, smart contract code executed across a distributed, decentralized blockchain network; and
the sandbox engine including:
a static analysis unit configured to perform static code scanning of the smart contract code;
a dynamic analysis unit configured to generate compiled smart contract code and execute the compiled smart contract code in a virtual machine;
a statistical analysis unit comprising a database of global statistics for the smart contracts and configured to:
receive the risk score of each vulnerable smart contract from the risk scoring engine;
identify similar smart contracts from the database of global statistics; and
generate statistical vulnerability data representing each smart contract's standing within a population of the similar smart contracts with respect to each smart contract's vulnerabilities; and
an audit report generation unit configured to generate a heatmap based on the statistical vulnerability data of the statistical analysis unit,
wherein the heatmap comprises a graph displaying the risk score as a function of a number of lines of smart contract code.

2–3. 	(canceled) 

4. 	(previously presented) The vulnerability management system of claim 1, wherein the risk scoring engine includes:
a regression model including a machine learning algorithm;
access to at least one database of smart contracts, the at least one database of smart contracts including:
known vulnerabilities of the smart contracts;
known vulnerable smart contracts; and
known legitimate smart contracts;
an offline training engine configured to estimate parameters of the machine learning algorithm and provided training data; and
an online prediction engine comprising the risk scoring engine.

5. 	(previously presented) The vulnerability management system of claim 4, wherein the provided training data includes feature vectors from the known legitimate smart contracts and feature vectors from the known vulnerable smart contracts.

6. 	(previously presented) The vulnerability management system of claim 1, wherein the security control system includes:
logic to identify the smart contracts;
logic to scan the smart contracts for the vulnerabilities and identify those smart contracts as vulnerable smart contracts;
logic to protect the smart contracts including the ability to suspend trading of the vulnerable smart contracts on a smart contract trading exchange; and
logic to respond to a trade on the smart contract trading exchange, the trade including the vulnerable smart contracts and legitimate smart contracts, wherein the vulnerable smart contracts are suspended and the legitimate smart contracts are allowed to proceed.

7. 	(previously presented) The vulnerability management system of claim 1, wherein the knowledge base engine updates the information upon receiving the threat intelligence to include a reentrancy vulnerability pattern.

8. 	(previously presented) The vulnerability management system of claim 7, wherein the reentrancy vulnerability pattern is detected by a dynamic analysis unit of the sandbox engine.

9. 	(original) The vulnerability management system of claim 7, wherein the reentrancy vulnerability pattern is described as key-value pairs.

10. 	(currently amended) A method of protecting smart contracts, the method comprising:
using a processor and a memory configured for:
scanning the smart contracts for vulnerabilities using a sandbox engine;
acquiring information related to new vulnerabilities and threat intelligence using a knowledge base engine including artificial intelligence;
analyzing sandbox engine outcomes and assigning a risk score to each vulnerable smart contract using a risk scoring engine including machine learning; and
taking an action on an identified vulnerable smart contract based on the risk score assigned to the identified vulnerable smart contract using a security control system, 
receiving, without manual intervention, smart contract code executed across a distributed, decentralized blockchain network; and
the sandbox engine including:
a static analysis unit configured to perform static code scanning of the smart contract code;
a dynamic analysis unit configured to generate compiled smart contract code and execute the compiled smart contract code in a virtual machine;
a statistical analysis unit comprising a database of global statistics for the smart contracts and configured to:
receive the risk score of each vulnerable smart contracts from the risk scoring engine;
identify similar smart contracts from the database of global statistics; and
generate statistical vulnerability data representing each smart contract's standing within a population of similar smart contracts with respect to each smart contract's vulnerabilities; and
an audit report generation unit configured to generate a heatmap based on the statistical vulnerability data of the statistical analysis unit,
wherein the heatmap comprises a graph displaying the risk score as a function of a number of lines of smart contract code.

11–12. 	(canceled) 

13. 	(previously presented) The method of claim 10, where in the risk scoring engine includes:
a regression model including a machine learning algorithm;
access to at least one database of smart contracts, the at least one database of smart contracts including:
known vulnerabilities of the smart contracts;
known vulnerable smart contracts; and
known legitimate smart contracts;
an offline training engine configured to estimate parameters of the machine learning algorithm and provided training data; and
an online prediction engine comprising the risk scoring engine.

14. 	(previously presented) The method of claim 13, wherein the provided training data includes feature vectors from the known legitimate smart contracts and feature vectors from the known vulnerable smart contracts.

15. 	(previously presented) The method of claim 10, wherein the security control system includes:
logic to identify smart contracts;
logic to scan smart contracts for the vulnerabilities and identify those smart contracts as vulnerable smart contracts;
logic to protect smart contracts including the ability to suspend trading of the vulnerable smart contracts on a smart contract trading exchange; and
logic to respond to a trade on the smart contracts trading exchange, the trade including the vulnerable smart contracts and legitimate smart contracts, wherein the vulnerable smart contracts are suspended and the legitimate smart contracts are allowed to proceed.

16. 	(currently amended) A non-transitory computer-readable storage medium, the computer-readable storage medium including instructions that when executed by a computer including a processor and a memory, cause the computer to:
scan smart contracts for vulnerabilities using a sandbox engine;
acquire information related to new vulnerabilities and threat intelligence using a knowledge base engine including artificial intelligence;
analyze sandbox engine outcomes and assign a risk score to each vulnerable smart contract using a risk scoring engine including machine learning; and
take an action on an identified vulnerable smart contract based on the risk score assigned to the identified vulnerable smart contract using a security control system, 
the sandbox engine configured to receive, without manual intervention, smart contract code executed across a distributed, decentralized blockchain network; and
the sandbox engine including:
a static analysis unit configured to perform static code scanning of the smart contract code;
a dynamic analysis unit configured to generate compiled smart contract code and execute the compiled smart contract code in a virtual machine;
a statistical analysis unit comprising a database of global statistics for the smart contracts and configured to:
receive the risk score of each vulnerable smart contract from the risk scoring engine;
identify similar smart contracts from the database of global statistics; and
generate statistical vulnerability data representing each smart contract's standing within a population of similar smart contracts with respect to each smart contract's vulnerabilities; and
an audit report generation unit configured to generate a heatmap based on the statistical vulnerability data of the statistical analysis unit,
wherein the heatmap comprises a graph displaying the risk score as a function of a number of lines of smart contract code.

17. 	(canceled) 

18. 	(previously presented) The non-transitory computer-readable storage medium of claim 16, wherein the security control system includes:
logic to identify smart contracts;
logic to scan the smart contracts for the vulnerabilities and identify those smart contracts as vulnerable smart contracts;
logic to protect smart contracts including the ability to suspend trading of the vulnerable smart contracts on a smart contract trading exchange; and
logic to respond to a trade on the smart contract trading exchange, the trade including the vulnerable smart contracts and legitimate smart contracts, wherein the vulnerable smart contracts are suspended and the legitimate smart contracts are allowed to proceed.

19. 	(previously presented) The non-transitory computer-readable storage medium of claim 16, wherein the knowledge base engine updates the information upon receiving the threat intelligence to include a reentrancy vulnerability pattern.

20. 	(previously presented) The non-transitory computer-readable storage medium of claim 19, wherein the reentrancy vulnerability pattern is detected by a dynamic analysis unit of the sandbox engine.




Examiner’s Statement of Reasons for Allowance
Claims 1, 4-10, 13-16 and 18-20 (renumbered as 1-15) are allowed. 
The present invention is directed to: a continuous vulnerability management system for identifying, analyzing, protecting, and reporting on digital assets is disclosed. The continuous vulnerability management system comprises a sandbox engine configured to scan digital assets for vulnerabilities, including a static analysis unit for static code scanning, a dynamic analysis unit for analyzing compiled code, and a statistical analysis unit for processing a risk score and generating an audit report. A knowledge base is also disclosed, including a knowledge base engine configured to acquire information related to new vulnerabilities to digital assets. A risk scoring engine is configured to analyze sandbox engine outcomes and assign a risk score to each vulnerable asset. A security control system is configured to act on an identified vulnerable asset based on the risk score assigned to the identified vulnerable asset.
The closest prior art, as previously recited, are Digiambattista et al (“Digiambattista,” US 20190229915), Titonis et al (“Titonis,” US 20180025157), Roytman et al (“Roytman,” US 20150237065) in view of Tedeschi et al (“Tedeschi,” US 20180322292) and further in view of Bennett et al (“Bennett,” “US 20140218389). 
Digiambattista is directed to: a method and system where event metadata may be received at an audit function of an orchestration system for an infrastructure change event associated with an infrastructure change to an enterprise infrastructure of an enterprise. A blockchain instance of a particular decentralized secure ledger is requested from a decentralized secure ledger service via the audit function. A user identifier of a user that is responsible for the infrastructure change event is provided to the decentralized secure ledger service by the audit function. In response to the decentralized secure ledger service authenticating the user identifier, the event metadata for the infrastructure change event is sent to the blockchain instance for storage with the decentralized secure ledger service by the audit function.
Titonis is directed to: the present system includes a computer-networked system that allows mobile subscribers, and others, to submit mobile applications to be analyzed for anomalous and malicious behavior using data acquired during the execution of the application within a highly instrumented and controlled environment for which the analysis relies on per-execution as well as comparative aggregate data across many such executions from one or more subscribers.
Roytman is directed to: techniques for ranking a set of vulnerabilities of a computing asset and set of remediations for a computing asset, and determining a risk score for one or more computing assets are provided. In one technique, vulnerabilities of computing assets in a customer network are received at a vulnerability intelligence platform. Breach data indicating set of breaches that occurred outside customer network is also received. A subset of the set of vulnerabilities that are most vulnerable to a breach is identified based on the breach data. In another technique, multiple vulnerabilities of a computing asset are determined. A risk score is generated for the computing asset based on the vulnerabilities. In another technique, multiple remediations associated with a risk score and multiple vulnerabilities are identified. The remediations are ordered based on the remediations that would reduce the risk score the most if those remediations were applied to remove the corresponding vulnerabilities.
Tedeschi et al is directed to: systems and methods of the present invention provide for executing a first database query selecting a project objective data record storing a forecast maturity score and a forecast date earlier in time than a current date. The forecast maturity score defines a level of compliance with a cybersecurity framework and the forecast date identifies a date by which an organization will achieve the level of compliance. The system executes a remote procedure call to determine whether a system process is performing a project objective defined within the project objective data record, and responsive to a determination that the system process is not performing the project objective, execute a second database query updating the forecast date within the project objective data record.
Bennett et al is directed to: various baseline security measurements of assets are collected and calculated by the system. A user creates a what-if scenario by changing one or more baseline security measurements. The system generates interactive, animated graphs that compare the baseline security measurements against the what-if scenario.
For example, none of the prior art teaches or suggests the steps of independent claims 1, 10 and 16: the sandbox engine configured to receive, without manual intervention, smart contract code executed across a distributed, decentralized blockchain network; and the sandbox engine including: a static analysis unit configured to perform static code scanning of the smart contract code; a dynamic analysis unit configured to generate compiled smart contract code and execute the compiled smart contract code in a virtual machine; a statistical analysis unit comprising a database of global statistics for the smart contracts and configured to: receive the risk score of each vulnerable smart contract from the risk scoring engine; identify similar smart contracts from the database of global statistics; and generate statistical vulnerability data representing each smart contract's standing within a population of the similar smart contracts with respect to each smart contract's vulnerabilities; and an audit report generation unit configured to generate a heatmap based on the statistical vulnerability data of the statistical analysis unit, wherein the heatmap comprises a graph displaying the risk score as a function of a number of lines of smart contract code.
Therefore, the claims are allowable over the cited prior art. 
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”



Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JAMES J WILCOX whose telephone number is (571)270-3774. The examiner can normally be reached M-F: 8 A.M. to 5 P.M..
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu T. Pham can be reached at (571)270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/JAMES J WILCOX/Examiner, Art Unit 2439        



/LUU T PHAM/Supervisory Patent Examiner, Art Unit 2439