DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-5, 9, 13, 15, 16 have been cancelled, and claims 6, 8, 10, 11, 12, 14, 17-19 have been amended. Claims 20- 26 have been newly added. 


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claim(s) 6- 8, 10- 12, 14, 20-24, 26 is/are rejected under 35 U.S.C. 103 as being unpatentable over Hong et al.(US 20200120117) in view of Haga et al.(US 20190068407).


Regarding claim 6, Hong teaches a computer-implemented abnormality monitoring method performed by a computer in a gateway apparatus connected to a bus ([0146] “the subject performing the method according to another embodiment of the disclosure may be a security gateway connected to a CAN bus”), the method comprising:
 receiving a data frame ([0137] “, first , the CAN controller 30 receives messages ( operation S210 )”) by using a reception bus (Fig. 1 “CAN BUS 50”);
 determining whether the received data frame includes an identifier that is designated for monitoring based on monitoring target information ([0138] “Next , the CAN controller 30 extracts message IDs from the reception messages and determines whether there is matching reception ID filters in the ID filter table 358 by searching for the ID filter table 358”),
 the monitoring target information including a plurality of frame identifiers designated for monitoring ([0138] “The message ID is data stored in the CAN header of a reception message and is information regarding the identifier of the reception message . In other words , the message IDs are extracted from the CAN header 210 of the reception messages 200. Next , reception ID filters matching the extracted message IDs are searched for “);
 the plurality of frame identifiers ([0138] “The message ID is data stored in the CAN header of a reception message and is information regarding the identifier of the reception message . In other words , the message IDs are extracted from the CAN header 210 of the reception messages 200. Next , reception ID filters matching the extracted message IDs are searched for “),
 in response to determining that the identifier of the data frame is designated for monitoring ([0142] “Finally , when reception ID filters matching the message IDs of the reception messages exist in the ID filter table 358”);
in response to determining that the identifier of the data frame is designated for monitoring ([0142] “Finally , when reception ID filters matching the message IDs of the reception messages exist in the ID filter table 358”);
  performing abnormality detection on the data frame to authenticate the data frame (Fig. 6A “353”, [0117] “Next , the abnormal message detector 353 extracts the message IDs of received data and determines whether the extracted message IDs exist in the reception time table 359. The abnormal message detector 353 blocks the reception messages when the extracted message IDs do not exist in the reception time table 359”).
Hong does not teach plurality of buses, bus that is one of the plurality of buses, and a monitoring target transmission source bus designated for each frame identifier, determining a particular monitoring target transmission source bus designated for the identifier within the monitoring target information, determining whether the reception bus matches the particular monitoring target transmission source bus designated for the identifier within the monitoring target information, in response to determining that the reception bus matches the particular monitoring target transmission source bus, and performing a predetermined abnormality handling process based on determining that the data frame is abnormal in response to determining that the reception bus does not match the particular monitoring target transmission source bus.
Haga teaches plurality of buses (Fig. 8 “Source”, “First CAN BUS”, “Second CAN BUS”), bus that is one of the plurality of buses ([0056] “The gateway 100 includes a port ( i . e . , a terminal to which an Ethernet ( registered trademark ) cable is connected ) for connecting to the second network and a plurality of ports ( connection terminals ) for connecting to the bus 30a ( also referred to as a “ first CAN bus ” ) and the bus 30b ( also referred to as a “ second CAN bus ” ) of the first network”),
 and a monitoring target transmission source bus designated for each frame identifier ([0070] “ the bus with sources in the transfer rule information”),
 determining a particular monitoring target transmission source bus designated for the identifier within the monitoring target information ([0070] “The determination section 141 determines whether a bus that has received a CAN frame is the first CAN bus ( bus 30a ) or the second CAN bus ( bus 30b )”),
 determining whether the reception bus matches the particular monitoring target transmission source bus designated for the identifier within the monitoring target information . ([0070] “The determination section 141 then compares the bus with sources in the transfer rule information and a CAN - ID of the CAN frame with CAN - IDs to be transferred in the transfer rule information”).,
 in response to determining that the reception bus matches the particular monitoring target transmission source bus ([0070] “If an applicable combination of a source and a CAN - ID to be transferred is found as a result of the comparison , the determination section 141 identifies a destination network type and destination identification information corresponding to the combination to select a desti nation of a frame based on the received CAN frame”),
 and performing a predetermined abnormality handling process based on determining that the data frame is abnormal in response to determining that the reception bus does not match the particular monitoring target transmission source bus ([0070] “If no applicable combination of a source and a CAN - ID to be transferred is found as a result of the comparison , the determination section 141 determines that the received CAN frame is not to be transmitted to the first or second network”, (Examiner’s Note: not transmitting the frame is a form of predetermined abnormality handling).
	It would have been obvious for one or ordinary skill in the art before the effective filing date of the claimed invention to have modified Hong to incorporate the teachings of Haga in order to increase the security of the system. One or ordinary skill in the art would have been motivated to make this modification in order to increase security by adding an additional tier of security by matching the source buses will allow for a more secure system.


Regarding claim 7, Hong teaches A non-transitory computer readable storage medium storing a computer program executable by a computer to perform the computer-implemented abnormality monitoring method ([0206] “instructions that can be executed by various computer components and recorded in a computer - readable recording medium )) according to claim 6 (See mappings in claim 6).

Regarding claim 8, Hong teaches a gateway apparatus connected to a bus to monitor and relay data frames ([0146] “the subject performing the method according to another embodiment of the disclosure may be a security gateway connected to a CAN bus”), comprising:
 a receiver (Fig. 1 “CAN Transceiver 20”) configured to receive a data frame ([0137] “, first , the CAN controller 30 receives messages ( operation S210 )”) using a reception bus (Fig. 1 “CAN BUS 50”);
 a storage  configured to store monitoring target information that includes a plurality of frame identifiers designated for monitoring of the plurality of frame identifiers ([0111] “First , the ID filter table 358 receives a reception message and filters the reception message by comparing reception ID filters allowed to be received stored in the ID filter table 358 with the message ID of the reception message . At this time , reception ID filters allowed to be received of the ID filter table 358 may be obtained from the protected memory 38 “, [0138] “The message ID is data stored in the CAN header of a reception message and is information regarding the identifier of the reception message . In other words , the message IDs are extracted from the CAN header 210 of the reception messages 200. Next , reception ID filters matching the extracted message IDs are searched for “);
 and one or more controllers communicably connected with the receiver and the storage (Fig. 16 “Microcontroller 40”, Can Transceiver 20”, “Protected Memory 38” “Reception Buffer”, [0203] “the bypass attack detector 100 is located outside the CAN controller 30 , and the bypass attack detector 100 may obtain reception CAN message from the CAN transceiver 20 , determine whether the CAN message is an abnormal message , and provides a result of the determination to the reception buffer 36. Here , the bypass attack detector 100 may include a processor in which instructions for controlling a target ECU according to the method of the disclosure are stored),
 the one or more controllers (Fig. 16 “Microcontroller 40”) being configured to determine whether the data frame received by the receiver includes an identifier that is designated for monitoring based on the monitoring target information ([0138] “Next , the CAN controller 30 extracts message IDs from the reception messages and determines whether there is matching reception ID filters in the ID filter table 358 by searching for the ID filter table 358”) stored in the storage (Fig. 16 “Protected Memory 38”),
 in response to determining that the identifier of the data frame is designated for monitoring ([0142] “Finally , when reception ID filters matching the message IDs of the reception messages exist in the ID filter table 358”),
 to perform no abnormality detection on the data frame in response to determining that the identifier of the data frame is not designated for monitoring ([0139] “Next , when there is no matching reception ID filter in the ID filter table 358 , the corresponding reception message is blocked ( operation S260 ) . In other words , since the ID filter table 358 is a white list of message IDs that are allowed to be received , when a message ID does not exist in the white list , the corresponding reception message is not an allowed message . Therefore , the corresponding reception message is blocked, (Examiner’s Note: Since the message fails the check, the message is blocked right away instead of being passed to the abnormal message detector”);
 in response to determining that the identifier of the data frame is designated for monitoring ([0142] “Finally , when reception ID filters matching the message IDs of the reception messages exist in the ID filter table 358”),
 to perform abnormality detection on the data frame to authenticate the data frame (Fig. 6A “353”, [0117] “Next , the abnormal message detector 353 extracts the message IDs of received data and determines whether the extracted message IDs exist in the reception time table 359. The abnormal message detector 353 blocks the reception messages when the extracted message IDs do not exist in the reception time table 359”).
Hong does not teach a plurality of buses, that is one of the plurality of buses, and a monitoring target transmission source bus designated for each frame identifier, to determine a particular monitoring target transmission source bus designated for the identifier, to determine whether the reception bus matches the particular monitoring target transmission source bus designated for the identifier within the monitoring target information, in response to determining that the reception bus matches the particular monitoring target transmission source bus, and to perform a predetermined abnormality handling process based on determining that the data frame is abnormal in response to determining that the reception bus does not match the particular monitoring target transmission source bus.
Haga teaches plurality of buses (Fig. 8 “Source”, “First CAN BUS”, “Second CAN BUS”), that is one of the plurality of buses ([0056] “The gateway 100 includes a port ( i . e . , a terminal to which an Ethernet ( registered trademark ) cable is connected ) for connecting to the second network and a plurality of ports ( connection terminals ) for connecting to the bus 30a ( also referred to as a “ first CAN bus ” ) and the bus 30b ( also referred to as a “ second CAN bus ” ) of the first network”),
 and a monitoring target transmission source bus designated for each frame identifier ([0070] “ the bus with sources in the transfer rule information”),
 to determine a particular monitoring target transmission source bus designated for the identifier ([0070] “The determination section 141 determines whether a bus that has received a CAN frame is the first CAN bus ( bus 30a ) or the second CAN bus ( bus 30b )”),
 to determine whether the reception bus matches the particular monitoring target transmission source bus designated for the identifier within the monitoring target information ([0070] “The determination section 141 then compares the bus with sources in the transfer rule information and a CAN - ID of the CAN frame with CAN - IDs to be transferred in the transfer rule information”),
 in response to determining that the reception bus matches the particular monitoring target transmission source bus ([0070] “If an applicable combination of a source and a CAN - ID to be transferred is found as a result of the comparison , the determination section 141 identifies a destination network type and destination identification information corresponding to the combination to select a desti nation of a frame based on the received CAN frame”),
 and to perform a predetermined abnormality handling process based on determining that the data frame is abnormal in response to determining that the reception bus does not match the particular monitoring target transmission source bus([0070] “If no applicable combination of a source and a CAN - ID to be transferred is found as a result of the comparison , the determination section 141 determines that the received CAN frame is not to be transmitted to the first or second network”, (Examiner’s Note: not transmitting the frame is a form of predetermined abnormality handling).
	It would have been obvious for one or ordinary skill in the art before the effective filing date of the claimed invention to have modified Hong to incorporate the teachings of Haga in order to increase the security of the system. One or ordinary skill in the art would have been motivated to make this modification in order to increase security by adding an additional tier of security by matching the source buses will allow for a more secure system.

	Regarding claim 10, Hong teaches the gateway apparatus ([0146] “the subject performing the method according to another embodiment of the disclosure may be a security gateway connected to a CAN bus”) according to claim 8, wherein:
 the storage (Fig. 10 “Protected Memory 38”) is configured to further store relay target information that includes a plurality of frame identifiers designated for relay ([0075] “Next , the transmission filter 32 filters the message ID 211 in the transmission data to transmit only transmission data having the message ID included in a filtering value . In other words , the transmission filter 32 holds a white list for message IDs that are allowed to transmit and transmits only transmission data having message IDs in the white list”)
 the one or more controllers ([0148] “. The processor 13 may include a filtering value setting unit 133 , a transmission filter 132 , and a reception filter 135”) are configured to determine whether the identifier of the data frame received by the receiver is designated for relay based on the relay target information stored in the storage ([0075] “Next , the transmission filter 32 filters the message ID 211 in the transmission data to transmit only transmission data having the message ID included in a filtering value . In other words , the transmission filter 32 holds a white list for message IDs that are allowed to transmit and transmits only transmission data having message IDs in the white list”)
in response to determining that the identifier of the data frame is designated for relay ([0075] “Next , the transmission filter 32 filters the message ID 211 in the transmission data to transmit only transmission data having the message ID included in a filtering value . In other words , the transmission filter 32 holds a white list for message IDs that are allowed to transmit and transmits only transmission data having message IDs in the white list”);
in response to determining that the identifier of the data frame is designated for relay ([0075] “Next , the transmission filter 32 filters the message ID 211 in the transmission data to transmit only transmission data having the message ID included in a filtering value . In other words , the transmission filter 32 holds a white list for message IDs that are allowed to transmit and transmits only transmission data having message IDs in the white list”).
Hong does not teach and a relay target transmission source bus designated for each frame identifier designated for relay; and determine a particular relay target transmission source bus designated for the identifier within the relay target information, and the one or more controllers are configured to determine whether the reception bus matches the particular relay target transmission source bus designated for the identifier within the relay target information.
Haga teaches and a relay target transmission source bus designated for each frame identifier designated for relay ([0070] “ the bus with sources in the transfer rule information”);
 and determine a particular relay target transmission source bus designated for the identifier within the relay target information ([0070] “The determination section 141 determines whether a bus that has received a CAN frame is the first CAN bus ( bus 30a ) or the second CAN bus ( bus 30b )”),
 and the one or more controllers are configured to determine whether the reception bus matches the particular relay target transmission source bus designated for the identifier within the relay target information ([0070] “The determination section 141 then compares the bus with sources in the transfer rule information and a CAN - ID of the CAN frame with CAN - IDs to be transferred in the transfer rule information”).
	It would have been obvious for one or ordinary skill in the art before the effective filing date of the claimed invention to have modified Hong to incorporate the teachings of Haga in order to increase the security of the system. One or ordinary skill in the art would have been motivated to make this modification in order to increase security by adding an additional tier of security by matching the source buses will allow for a more secure system.

	Regarding claim 11, 24, Hong teaches a gateway apparatus connected to a bus to monitor and relay data frames, comprising:
 a receiver (Fig. 1 “CAN Transceiver 20”) configured to receive a data frame using a reception bus ([0137] “, first , the CAN controller 30 receives messages ( operation S210 )”);
 a storage (Fig. 10 “Protected Memory 38”) configured to store relay target information that includes a plurality of frame identifiers designated for relay ([0075] “Next , the transmission filter 32 filters the message ID 211 in the transmission data to transmit only transmission data having the message ID included in a filtering value . In other words , the transmission filter 32 holds a white list for message IDs that are allowed to transmit and transmits only transmission data having message IDs in the white list”);
 and one or more controllers communicably connected with the receiver and the storage (Fig. 16 “Microcontroller 40”, Can Transceiver 20”, “Protected Memory 38”, [0203] “the bypass attack detector 100 is located outside the CAN controller 30 , and the bypass attack detector 100 may obtain reception CAN message from the CAN transceiver 20 , determine whether the CAN message is an abnormal message , and provides a result of the determination to the reception buffer 36. Here , the bypass attack detector 100 may include a processor in which instructions for controlling a target ECU according to the method of the disclosure are stored),
 the one or more controllers ([0148] “. The processor 13 may include a filtering value setting unit 133 , a transmission filter 132 , and a reception filter 135”)  being configured to determine whether an identifier of the data frame received by the receiver is designated for relay based on the relay target information stored in the storage ([0075] “Next , the transmission filter 32 filters the message ID 211 in the transmission data to transmit only transmission data having the message ID included in a filtering value . In other words , the transmission filter 32 holds a white list for message IDs that are allowed to transmit and transmits only transmission data having message IDs in the white list”),
in response to determining that the identifier of the data frame is designated for relay ([0075] “Next , the transmission filter 32 filters the message ID 211 in the transmission data to transmit only transmission data having the message ID included in a filtering value . In other words , the transmission filter 32 holds a white list for message IDs that are allowed to transmit and transmits only transmission data having message IDs in the white list”),
 in response to determining that the identifier of the data frame is designated for relay ([0075] “Next , the transmission filter 32 filters the message ID 211 in the transmission data to transmit only transmission data having the message ID included in a filtering value . In other words , the transmission filter 32 holds a white list for message IDs that are allowed to transmit and transmits only transmission data having message IDs in the white list”),
 wherein: the storage is further configured to store monitoring target information that includes a plurality of frame identifiers designated for monitoring ([0111] “First , the ID filter table 358 receives a reception message and filters the reception message by comparing reception ID filters allowed to be received stored in the ID filter table 358 with the message ID of the reception message . At this time , reception ID filters allowed to be received of the ID filter table 358 may be obtained from the protected memory 38 “, [0138] “The message ID is data stored in the CAN header of a reception message and is information regarding the identifier of the reception message . In other words , the message IDs are extracted from the CAN header 210 of the reception messages 200. Next , reception ID filters matching the extracted message IDs are searched for “);
 and the one or more controllers are further configured to determine whether the data frame received by the receiver includes an identifier that is designated for monitoring ([0138] “Next , the CAN controller 30 extracts message IDs from the reception messages and determines whether there is matching reception ID filters in the ID filter table 358 by searching for the ID filter table 358”),
in response to determining that the identifier of the data frame is designated for monitoring ([0142] “Finally , when reception ID filters matching the message IDs of the reception messages exist in the ID filter table 358”),
 in response to the monitoring target determination unit determining that the identifier of the data frame is designated for monitoring ([0142] “Finally , when reception ID filters matching the message IDs of the reception messages exist in the ID filter table 358”),
 and to perform abnormality detection on the data frame to authenticate the data frame (Fig. 6A “353”, [0117] “Next , the abnormal message detector 353 extracts the message IDs of received data and determines whether the extracted message IDs exist in the reception time table 359. The abnormal message detector 353 blocks the reception messages when the extracted message IDs do not exist in the reception time table 359”).
Hong does not teach plurality of buses, that is one of the plurality of buses and a relay target transmission source bus designated for each frame identifier designated for relay, to determine a particular relay target transmission source bus designated for the identifier within the relay target information, to determine a particular relay target transmission source bus designated for the identifier within the relay target information, and to determine whether the reception bus matches the particular relay target transmission source bus designated for the identifier within the relay target information, and a monitoring target transmission source bus designated for each frame identifier based on the monitoring target information stored in the storage in response to determining that the reception bus matches the particular relay target transmission source bus, or in response to determining that the identifier of the data frame is not designated for relay,
 to determine a particular monitoring target transmission source bus designated for the identifier,
to determine whether the reception bus matches the particular monitoring target transmission source bus designated for the identifier within the monitoring target information,
in response to determining that the reception bus matches the particular monitoring target transmission source bus.

Haga teaches plurality of buses (Fig. 8 “Source”, “First CAN BUS”, “Second CAN BUS”), that is one of the plurality of buses ([0056] “The gateway 100 includes a port ( i . e . , a terminal to which an Ethernet ( registered trademark ) cable is connected ) for connecting to the second network and a plurality of ports ( connection terminals ) for connecting to the bus 30a ( also referred to as a “ first CAN bus ” ) and the bus 30b ( also referred to as a “ second CAN bus ” ) of the first network”),
 and a relay target transmission source bus designated for each frame identifier designated for relay ([0070] “ the bus with sources in the transfer rule information”),
 to determine a particular relay target transmission source bus designated for the identifier within the relay target information ([0070] “ the bus with sources in the transfer rule information”),
 and to determine whether the reception bus matches the particular relay target transmission source bus designated for the identifier within the relay target information ([0070] “The determination section 141 then compares the bus with sources in the transfer rule information and a CAN - ID of the CAN frame with CAN - IDs to be transferred in the transfer rule information”),
 and a monitoring target transmission source bus designated for each frame identifier ([0070] “ the bus with sources in the transfer rule information”),
 based on the monitoring target information stored in the storage in response to determining that the reception bus matches the particular relay target transmission source bus ([0070] “If an applicable combination of a source and a CAN - ID to be transferred is found as a result of the comparison , the determination section 141 identifies a destination network type and destination identification information corresponding to the combination to select a dest nation of a frame based on the received CAN frame”) or in response to determining that the identifier of the data frame is not designated for relay,
to determine a particular monitoring target transmission source bus designated for the identifier ([0070] “ the bus with sources in the transfer rule information”),
to determine whether the reception bus matches the particular monitoring target transmission source bus designated for the identifier within the monitoring target information ([0070] “The determination section 141 then compares the bus with sources in the transfer rule information and a CAN - ID of the CAN frame with CAN - IDs to be transferred in the transfer rule information”),
in response to determining that the reception bus matches the particular monitoring target transmission source bus ([0070] “The determination section 141 then compares the bus with sources in the transfer rule information and a CAN - ID of the CAN frame with CAN - IDs to be transferred in the transfer rule information”).
It would have been obvious for one or ordinary skill in the art before the effective filing date of the claimed invention to have modified Hong to incorporate the teachings of Haga in order to increase the security of the system. One or ordinary skill in the art would have been motivated to make this modification in order to increase security by adding an additional tier of security by matching the source buses will allow for a more secure system.

Regarding claim 12, Hong does not teach wherein: in response to determining that the reception bus does not match the particular monitoring target transmission source bus, the data frame is determined to be abnormal.
Haga teaches wherein: in response to determining that the reception bus does not match the particular monitoring target transmission source bus, the data frame is determined to be abnormal ([0070] “If no applicable combination of a source and a CAN - ID to be transferred is found as a result of the comparison , the determination section 141 determines that the received CAN frame is not to be transmitted to the first or second network”, (Examiner’s Note: not transmitting the frame is a form of predetermined abnormality handling).
It would have been obvious for one or ordinary skill in the art before the effective filing date of the claimed invention to have modified Hong to incorporate the teachings of Haga in order to increase the security of the system. One or ordinary skill in the art would have been motivated to make this modification in order to increase security by adding an additional tier of security by matching the source buses will allow for a more secure system.
Regarding claim 14, Hong does not teach wherein: in response to determining that the reception bus does not match the particular relay target transmission source bus, the data frame is determined to be abnormal.
Haga teaches wherein: in response to determining that the reception bus does not match the particular relay target transmission source bus, the data frame is determined to be abnormal ([0070] “If no applicable combination of a source and a CAN - ID to be transferred is found as a result of the comparison , the determination section 141 determines that the received CAN frame is not to be transmitted to the first or second network”, (Examiner’s Note: not transmitting the frame is a form of predetermined abnormality handling).
It would have been obvious for one or ordinary skill in the art before the effective filing date of the claimed invention to have modified Hong to incorporate the teachings of Haga in order to increase the security of the system. One or ordinary skill in the art would have been motivated to make this modification in order to increase security by adding an additional tier of security by matching the source buses will allow for a more secure system.

Regarding claim 20, Hong teaches wherein: the one or more controllers are configured to perform no abnormality detection on the data frame in response to determining that the identifier of the data frame is not designated for monitoring ([0138] “Next , the CAN controller 30 extracts message IDs from the reception messages and determines whether there is matching reception ID filters in the ID filter table 358 by searching for the ID filter table 358”, [0139] “Next , when there is no matching reception ID filter in the ID filter table 358 , the corresponding reception message is blocked ( operation S260 )).  

Regarding claim 21, Hong does not teach wherein: in response to determining that the reception bus does not match the particular relay target transmission source bus, the data frame is determined to be abnormal.
However, Haga teaches wherein: in response to determining that the reception bus does not match the particular relay target transmission source bus, the data frame is determined to be abnormal ([0070] “If no applicable combination of a source and a CAN - ID to be transferred is found as a result of the comparison , the determination section 141 determines that the received CAN frame is not to be transmitted to the first or second network”, (Examiner’s Note: not transmitting the frame is a form of predetermined abnormality handling).
It would have been obvious for one or ordinary skill in the art before the effective filing date of the claimed invention to have modified Hong to incorporate the teachings of Haga in order to increase the security of the system. One or ordinary skill in the art would have been motivated to make this modification in order to increase security by adding an additional tier of security by matching the source buses will allow for a more secure system.

Regarding claim 22, Hong teaches wherein: the one or more controllers are configured to determine whether the data frame received by the receiver includes the identifier that is designated for monitoring ([0138] “Next , the CAN controller 30 extracts message IDs from the reception messages and determines whether there is matching reception ID filters in the ID filter table 358 by searching for the ID filter table 358”).
Hong does not teach in response to determining that the reception bus matches the particular relay target transmission source bus, or in response to determining that the identifier of the data frame is not designated for relay.
Haga teaches in response to determining that the reception bus matches the particular relay target transmission source bus ([0070] “The determination section 141 then compares the bus with sources in the transfer rule information and a CAN - ID of the CAN frame with CAN - IDs to be transferred in the transfer rule information”), or in response to determining that the identifier of the data frame is not designated for relay.
It would have been obvious for one or ordinary skill in the art before the effective filing date of the claimed invention to have modified Hong to incorporate the teachings of Haga in order to increase the security of the system. One or ordinary skill in the art would have been motivated to make this modification in order to increase security by adding an additional tier of security by matching the source buses will allow for a more secure system.


Regarding claim 23, Hong teaches wherein: the one or more controllers are configured to perform no abnormality detection on the data frame in response to determining that the identifier of the data frame is not designated for monitoring ([0138] “Next , the CAN controller 30 extracts message IDs from the reception messages and determines whether there is matching reception ID filters in the ID filter table 358 by searching for the ID filter table 358”, [0139] “Next , when there is no matching reception ID filter in the ID filter table 358 , the corresponding reception message is blocked ( operation S260 )).

Regarding claim 26, Hong teaches a non-transitory computer readable storage medium storing a computer program executable by a computer to perform the computer-implemented abnormality monitoring ([0206] “instructions that can be executed by various computer components and recorded in a computer - readable recording medium )) method according to claim 24 (See mappings in claim 6).

Claim 17-19, 25 is/are rejected under 35 U.S.C. 103 as being unpatentable over Hong in view of Haga as applied to claim above 6- 8, 10- 12, 14, 20-24, 26, and further in view of Imamoto et al.(US 20180234248 herein after Imamoto).

Regarding claim 17,18,19, 25 Hong teaches wherein the one or more controllers Fig. 16 “Microcontroller 40”, Can Transceiver 20”, “Protected Memory 38” “Reception Buffer”, [0203] “the bypass attack detector 100 is located outside the CAN controller 30 , and the bypass attack detector 100 may obtain reception CAN message from the CAN transceiver 20 , determine whether the CAN message is an abnormal message , and provides a result of the determination to the reception buffer 36. Here , the bypass attack detector 100 may include a processor in which instructions for controlling a target ECU according to the method of the disclosure are stored) are configured to perform the abnormality detection on the data frame to authenticate the data frame (Fig. 6A “353”, [0117] “Next , the abnormal message detector 353 extracts the message IDs of received data and determines whether the extracted message IDs exist in the reception time table 359. The abnormal message detector 353 blocks the reception messages when the extracted message IDs do not exist in the reception time table 359”),
 Hong  and Haga does not teach including 8MPD/slsApplication No.: 16/928,034Docket No.: 4041J-003850-USreceiving a message authentication code for the data frame, obtaining a hash value by applying a shared key to data of the data frame, comparing the obtained hash value with the received message authentication code, and authenticating the data frame in response to the obtained hash value matching the received message authentication code.
Imamoto teaches including 8MPD/slsApplication No.: 16/928,034Docket No.: 4041J-003850-USreceiving a message authentication code for the data frame ([0089] “determination unit 38 obtains an authenticator (herein, authenticator A) included in the frame to be inspected (S52)”),
 obtaining a hash value by applying a shared key to data of the data frame ([0089] “Determination unit 38 obtains a result of the Hash operation based on authenticator A (herein, verification value A′) (S54)”),
 comparing the obtained hash value with the received message authentication code ([0089] “Determination unit 38 compares the commitment value defined by the correspondence rule with verification value A′ to verify validity of verification value A′ (S56)”),
 and authenticating the data frame in response to the obtained hash value matching the received message authentication code ([0089] “Determination unit 38 compares the commitment value defined by the correspondence rule with verification value A′ to verify validity of verification value A′ (S56). When verification value A′ is valid, namely, verification value A′ matches the commitment value (Y in S58), determination unit 38 determines that the frame to be inspected is normal”).
It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Hong and Haga to incorporate the teachings of Imamoto. One of ordinary skill in the art would have been motivated to make this modification in order to increase the accuracy of security in the vehicle network.
Response to Arguments
Applicant's arguments filed 04/26/2022 have been fully considered but they are not persuasive.

Applicant’s Argument 1
Applicant notes US 10,525,911 Haga notes that checking whether two buses are the same type of bus, i.e., MAC-enabled buses, is different and distinguishable from determining whether a reception bus matches a particular monitoring target transmission source bus designated for the identifier within the monitoring target information, as recited by claim 6.

Examiner’s Response 1
US 10,525,911 Haga is no longer relied upon in the updated rejection.

Applicant’s Argument 2
Applicant remarks that Haga2 is silent, however, with respect to performing a predetermined abnormality handling process based on determining that the data frame is abnormal in response to determining that the reception bus does not match the particular monitoring target transmission source bus. Applicant notes that determining that a frame is not to be transmitted is different and distinguishable from determining that the data frame is abnormal, as recited by claim 6.

Examiner’s Response 2
	Examiner respectfully disagrees. Haga2 teaches to performing a predetermined abnormality handling process based on determining that the data frame is abnormal in response to determining that the reception bus does not match the particular monitoring target transmission source bus ([0070] “If no applicable combination of a source and a CAN - ID to be transferred is found as a result of the comparison , the determination section 141 determines that the received CAN frame is not to be transmitted to the first or second network”, (Examiner’s Note: not transmitting the frame is a form of predetermined abnormality handling). 

Conclusion

Any inquiry concerning this communication or earlier communications from the examiner should be directed to KEITH TRAN-DANH FOLLANSBEE whose telephone number is (571)272-3071. The examiner can normally be reached 10am -6 pm M-Th.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Derrick Ferris can be reached on 571-272-3123. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/DERRICK W FERRIS/                Supervisory Patent Examiner, Art Unit 2411