Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
This office action is response to 06/08/2021. Claims 1-13 are presented for examination.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 06/08/2021 has been considered. The submission is in compliance with the provisions of 37 CFR 1.97. Form PTO-1449 is signed and attached hereto.

Allowable Subject Matter
Claims 1-13 are allowed in light of the Applicant’s argument and in light of the prior art made of record.

Reasons for Allowance
The following is an examiner’s statement of reasons for allowance:
As to independent claim 1, the prior art of record Gschwind (US Pub. No. 2015/0378744) in view of Murotake et al. (US Patent No. 7840763), further in view of Brun et al (US Publication No. 2017/0214541), further in view Domke (US Publication No. 2018/0375662) further in view of Perrig et al., (US patent No. 9,177,153) alone or in combination fails to anticipate or render obvious the claim invention, 	
Gschwind (prior art on the record) teaches a system that allows a computer to boot from a user trusted device (UTD), the computer comprises a data storage device storing operating system (OS) services, and a version of an OS loader. The UTD is connectable to the computer and stores a boot loader, detectable by a firmware executing at the computer, and an OS loader, and wherein the UTD prevents an unauthenticated user to modify the boot loader and the OS loader stored thereon. The computer then, upon connection, lets the boot loader be detected by the firmware for execution of the boot loader at least partly at the computer, to cause to transfer the OS loader from the UTD to the computer, and executes the transferred OS loader at least partly from the computer, to execute at least one crypto driver for the OS, to start the OS services and complete booting of the computer.

Murotake et al (prior art on the record) teaches a high assurance computing system that contains a high assurance, partitioning microkernel (PMK) or other such operating system capable of enforcing memory isolation and partitioning. The PMK may employ multiple independent levels of security (MILS) and be referred to as a (MILS) PMK. The PMK can also use a memory management unit (MMU) to enforce memory partitioning. According to one embodiment the system also contains an Object Request Broker. Further, the PMK isolates or contains at least one lower assurance operating system such as a Windows XP, Linux, or OSX, or at least one process such as a web browser or email client. (The Applicant makes no claims to the trademarks associated with the referenced operating systems and processes that it may isolate or contain, registered or otherwise.) The PMK may be instantiated by a boot kernel. A high assurance computing system of the invention may further comprise incoming and outgoing data to and from a contained operating system, which flows through a set of security processes in an inline manner. There may be a set of security processes that are contained in their own memory partition.

Brun et al. (prior art on the record) teaches a system that includes a common automation system controller, comprising: a memory; an input/output interface; and a processor coupled to the memory executing an application with an application type with functions for a building automation system, wherein the application type is represented by the compiled application by an executable instance comprising an application interface specific to the functions employed and the input/output of the instance is coupled to mechanical equipment, wherein the executable instance does automatically align in the building automation system, based on an application type configuration, wherein the configuration is based on dependency rules. Further, dynamic binding 620 may be used to create an application by selecting an application type 604 from a library 608 of application types 610. The application type with dynamic binding will typically be pre-loaded 622 in the application memory of a common automation system controller, such as application memory 212 of the common automation system controller 128. When the common automation system controller 128 is initialized or booted, the preloaded applications 624 are selected and parameterized with binding of the functions also occurring 626. The resulting parameterized or configured application 628 is then executed by the common automation system controller 128.
Domke (prior art on the record) teaches a system directed to secure key storage. Further, during boot, a first boot loader is loaded and booted after validating a signature of the first boot loader, where the first boot loader was signed with a global private key, and the signature is validated with the corresponding global public key. Secure ROM may store the global public key for use in validating the signature of the first boot loader. Although the first boot loader is signed with the global private key, for a number of reasons, including exposure risk, it is not necessarily desirable for all software to be signed with the global private key. Accordingly, a number of different keys may be used instead. Further, after it has completed this configuration, the code in MCU ROM 461 is responsible for loading and transferring control to secure MCU boot loader 462, which is the first-level boot loader of secure MCU 460. In some examples, the first boot loader is stored in flash. In some examples, the first boot loader is encrypted and signed with a global private key that is part of a public/private key pair. In some examples, the code in MCU ROM 461 reads the first boot loader. In some examples, the ROM code in MCU ROM 461 calculates a hash of the first boot loader and verifies the first boot loader with a global public key. In some examples, in response to verification, the code in MCU ROM 461 causes the first boot loader to be loaded into the private SRAM of secure MCU ROM 460 and booted.

Perrig et al. (prior art on the record) teaches a system for verifying integrity and execution state of an untrusted computer. In one embodiment, the method includes placing a verification function in memory on the untrusted computer; invoking the verification function from a trusted computer; determining a checksum value over memory containing both the verification function and the execution state of a processor and hardware on the untrusted computer; sending the checksum value to the trusted computer; determining at the trusted computer whether the checksum value is correct; and determining at the trusted computer whether the checksum value is received within an expected time period. Further, in trusted network boot, the BIOS on a host fetches the boot image from a trusted server and executes the boot image. In order to provide the guarantee of verifiable code execution, trusted network boot has to assume that: 1) the host has indeed rebooted; 2) the correct boot image has indeed reached the host; and 3) the BIOS will correctly load and transfer control to the boot image. To guarantee that the BIOS cannot be modified by the adversary, the BIOS will have to stored on an immutable storage medium like Read-Only Memory (ROM). This makes it impossible to update the BIOS without physically replacing the ROM, should any vulnerability be discovered in the BIOS code.
None of the prior art of record teaches the non-obvious feature of the present invention, “an active attestation apparatus for verifying the integrity of untrusted machine code, includes …, wherein the reprogrammable logic device is configured by a processor preloader that is downloaded to the reprogrammable logic device via a trusted bitstream; and …, wherein the processor downloads the processor preloader from the reprogrammable logic device, is booted by the processor preloader to a trusted state, downloads the untrusted machine code from memory locations of a memory device, and executes the untrusted machine code, wherein, as the processor executes the untrusted machine code, the reprogrammable logic device executes an attestation algorithm over the memory locations of the memory device from which the processor downloaded the untrusted machine code”, in combined with other limitations as detailed in independent claim 1. 

None of the prior art of record, either taken by itself or in any combination, would have anticipated or made obvious the invention of the present application at or before the time it was filed.
Therefore, claims 1-13 hereby allowed in view of applicant’s persuasive arguments and in the light of amendments to the claims.  
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”
Conclusion
4.	The prior art made of record and not relied upon is considered pertinent to applicant's disclosure (see form “PTO-892 Notice of Reference Cited”).
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MORSHED MEHEDI whose telephone number is (571) 270-7640. The examiner can normally be reached on M - F, 8:00 am to 4:00 pm EST.    If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Jeffrey L. Nickerson can be reach on (469) 295-9235. The fax number for the organization where this application or proceeding is assigned is (571) 273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from their Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (In USA or Canada) or 571-272-1000.

/MORSHED MEHEDI/Primary Examiner, Art Unit 2432