Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
FINAL ACTION
This action is in response to amendment made on 6/21/2022. Claims 1, 15 and 16 are amended. Claims 1-16 are pending. 
Response to Arguments
Examiner’s Remarks - Specification (Title)
Applicant’s amended title submitted on 6/21/2022 is descriptive. The examiner withdraws the objection. 
Examiner’s Remarks - 35 USC § 103 – Independent Claims 1, 15 and 16
Applicant amended each independent claim to recite the new feature(s) of, “the control circuit stops relaying the third data in accordance with a traveling state of the vehicle in accordance with a traveling state of the vehicle satisfying a predetermined condition, and the traveling state of the vehicle, for satisfying the predetermined condition, includes the speed of the vehicle being below a predetermined speed”. The applicant alleges a deficiency on the part of the cited prior art in view of the newly amended feature(s). The examiner introduces the teachings of BEN NOON et al. (US Patent Publication No. 2015/0191151 and BEN-NOON(2) hereinafter) to the record. BEN-NOON(2) teaches blocking messages from communication based on vehicle speed. See rejection below. 
Examiner’s Remarks - 35 USC § 103 – Dependent Claims 2-8 and 10-13
Applicant's arguments do not comply with 37 CFR 1.111(c) because they do not clearly point out the patentable novelty which he or she thinks the claims present in view of the state of the art disclosed by the references cited or the objections made. Further, they do not show how the amendments avoid such references or objections.
Examiner’s Remarks - 35 USC § 103 – Dependent Claim 9
Applicant's arguments do not comply with 37 CFR 1.111(c) because they do not clearly point out the patentable novelty which he or she thinks the claims present in view of the state of the art disclosed by the references cited or the objections made. Further, they do not show how the amendments avoid such references or objections.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-8, 10-13, 15 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over BEN-NOON et al. EP 3148236) in view of BEN NOON et al. (US Patent Publication No. 2015/0191151 and BEN-NOON(2) hereinafter).

As to claims 1, 15 and 16, BEN-NOON teaches a in-vehicle relay device for a vehicle, the in-vehicle relay device comprising: 
a first communication circuit that transmits and receives first data to and from a first in-vehicle equipment in the vehicle (i.e. …see figure 1C); 
a second communication circuit that transmits and receives second data to and from a second in-vehicle equipment in the vehicle (i.e. …see figure 1C); 
and a control circuit that controls relay of third data among the first communication circuit and the second communication circuit (i.e. …see figure 1C).
wherein, in a case where reception data received by the control circuit from the first communication circuit or the second communication circuit is unauthorized (i.e., …teaches par. 0014 the following: “identify unauthorized access to the in-vehicle network, identify malicious activity on the in-vehicle network”.).

BEN-NOON does not expressly teach: 
the control circuit stops relaying the third data in accordance with a traveling state of the vehicle in accordance with a traveling state of the vehicle satisfying a predetermined condition, 
and the traveling state of the vehicle, for satisfying the predetermined condition, includes the speed of the vehicle being below a predetermined speed.
In this instance the examiner notes the teachings of prior art reference BEN-NOON(2).
With regards to applicant’s claim limitation element of, “the control circuit stops relaying the third data in accordance with a traveling state of the vehicle in accordance with a traveling state of the vehicle satisfying a predetermined condition”, BEN-NOON(2) teaches in par. 0042 the following: “For example, data acquired by Watchman 40 when operating in the SPM, protective, mode during which the Watchman regularly vets CAN messages to determine if they should be allowed to propagate over in-vehicle network 60 may be used to white list or black list CAN messages. CAN messages that Watchman 40 encounters during operation in the SPM mode or the recording mode that have not been classified, and/or may not readily classified as white list or black list, possibly because for example, they have not been encountered before or are infrequently encountered, may be gray listed. Watchman 40 may allow gray listed CAN messages only limited access to in-vehicle communication system 60. For example, Watchman 40 may limit a frequency of transmission over the in-vehicle network. Can messages may be gray listed by Watchman 40 during any of its operating modes.”. Further teaches in par. 0064 the following: “If the processor determines in block 113 that the message is properly cryptographically signed, in a block 115 the processor accesses vehicle context data that may be relevant to and may constrain execution of the firmware update instruction comprised in the message. By way of example, execution of the updating instruction in the message may be constrained by a requirement that vehicle 30 be moving at a speed less than ten kilometers per hour (kmp) and processor 30 may access context data comprising the speed of vehicle 30. In an embodiment, the context data is accessed from memory 46 or extracted in real time from a CAN message at a time substantially the same as a time at which the message being vetted was received by Watchman 40A via port 52. If the context data indicates that vehicle 30 is moving at a speed greater than 10 kmp, processor 41 proceeds to a block 117 and blocks the message from propagating to high-speed bus 61 and engine control system 62. The processor optionally proceeds thereafter to a block 119 and block 101 to receive a next message. If on the other hand the vehicle context data indicates that the speed of vehicle 30 is less than 10 kmp, processor 41 optionally proceeds to block 118, allows the message received at port 52 to propagate to high-speed bus 61 and to engine control system 62 and execute the firmware updating instruction.
With regards to applicant’s claim limitation element of, “and the traveling state of the vehicle, for satisfying the predetermined condition, includes the speed of the vehicle being below a predetermined speed”, BEN-NOON(2) teaches in par. 0064 the following: “execution of the updating instruction in the message may be constrained by a requirement that vehicle 30 be moving at a speed less than ten kilometers per hour (kmp) and processor 30 may access context data comprising the speed of vehicle 30. In an embodiment, the context data is accessed from memory 46 or extracted in real time from a CAN message at a time substantially the same as a time at which the message being vetted was received by Watchman 40A via port 52. If the context data indicates that vehicle 30 is moving at a speed greater than 10 kmp, processor 41 proceeds to a block 117 and blocks the message from propagating to high-speed bus 61 and engine control system 62.”.
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the of the claimed invention was made to implement the teaching of BEN-NOON with the teachings of BEN-NOON(2) by having their system comprise vehicle message transmission constraints. One would have been motivated to do so to provide a simple and effective means to further prevent system failure in the event of an attack, wherein the vehicle message transmission constraints will help control in vehicle message attacks and will make it easier to ensure system reliability.

As to claim 2, the system of BEN-NOON and BEN-NOON(2) teaches as applied to claim 1 above teaches unauthorized data detection, specifically BEN-NOON teaches a in-vehicle relay device according to Claim 1, wherein at least one of the first communication circuit and the second communication circuit transmits and receives to and from the plurality of in-vehicle equipment in the vehicle, via a network (i.e., …teaches in par. 0047 the following: “all of the ECUs connected to in-vehicle network 215 may include an SEU, for example, an SEU may be embedded, integrated or otherwise included in each and every ECU in a vehicle and an SEU embedded, included or integrated in an ECU may enforce security for the ECU in which it is embedded, included or integrated.”).

As to claim 3, the system of BEN-NOON and BEN-NOON(2) teaches as applied to claim 1 above teaches unauthorized data detection, specifically BEN-NOON teaches a in-vehicle relay device according to Claim 1, further comprising: 
a first port for connection of the first communication circuit and the first in- vehicle equipment (i.e., ...teaches in par. 0048 the following: “an SEU (e.g., SEU 220 and/or SEU 230) may include a number of communication ports. Communication ports included in an SEU may be used for, or may be adapted to, transmitting messages to, and receiving messages from, in-vehicle network 215 and/or interface port 240. For example, SEU 230 may include a first port connected to in-vehicle network 215 and a second port connected to interface port 240”.); 
and a second port for connection of the second communication circuit and the second in-vehicle equipment (i.e., ...teaches in par. 0048 the following: “an SEU (e.g., SEU 220 and/or SEU 230) may include a number of communication ports. Communication ports included in an SEU may be used for, or may be adapted to, transmitting messages to, and receiving messages from, in-vehicle network 215 and/or interface port 240. For example, SEU 230 may include a first port connected to in-vehicle network 215 and a second port connected to interface port 240”.);
wherein the control circuit stops the relaying by blocking a connection between the first port and the second port (i.e., …teaches in par. 0048 the following: “SEU 220 (that may be included in in-vehicle network 215) may destroy or block messages arriving from interface port 240. For example, SEU 220 may include gateway functionalities and may be placed in in-vehicle network 215 such that it may examine messages coming from interface port 240 before these messages are sent over, or can be received by units attached to, in-vehicle network 215.”).

As to claim 4, the system of BEN-NOON and BEN-NOON(2) teaches as applied to claim 1 above teaches unauthorized data detection, specifically BEN-NOON teaches a in-vehicle relay device according to Claim 1, wherein the third data, of which the control circuit stops the relaying, includes a MAC address of which a destination or a transmission source is the first in-vehicle equipment or the second in-vehicle equipment that is a source of the reception data that is unauthorized (i.e., …teaches in par. 121 the following: “example, the switch may be configured to use static MAC addresses on fixed (non OBD) ports. The switch may also be configured to only allow known MAC addresses into the fixed ports. The switch may also be configured to disable broadcasts. This may mean the switch will not learn new MAC addresses and routes and, among other things, prevent MAC spoofing and also prevent an attacker's ability to turn the switch into a hub which may then lead to an attacker's ability to interfere with legitimate TCP connections or ability to inject UDP packets.”).

As to claim 5, the system of BEN-NOON and BEN-NOON(2) teaches as applied to claim 1 above teaches unauthorized data detection, specifically BEN-NOON teaches a in-vehicle relay device according to Claim 1, wherein the third data, of which the control circuit stops the relaying, includes an IP address of which a destination or a transmission source is the first in-vehicle equipment or the second in-vehicle equipment that is a source of the reception data that is unauthorized (i.e., …teaches in par. 0091 the following: “IP messages coming from an external source (e.g., external to in-vehicle network 215) may be classified”. ..further teaches in par. 0092 the following: “filtering may include discarding or blocking any message that is not a DoIP message and/or is not an IP message and verifying other messages, e.g., verifying the messages are from a known source, destined to a known destination, include a specific payload and the like. Examination of IP messages may be done with respect to any network layer as known in the art”.).

As to claim 6, the system of BEN-NOON and BEN-NOON(2) teaches as applied to claim 1 above teaches unauthorized data detection, specifically BEN-NOON teaches a in-vehicle relay device according to Claim 1, wherein the control circuit receives, from the first communication circuit or the second communication circuit, unauthorized activity detection data notifying that the reception data is unauthorized (i.e., …teaches in par. 0091 the following: “IP messages coming from an external source (e.g., external to in-vehicle network 215) may be classified”. ..further teaches in par. 0092 the following: “filtering may include discarding or blocking any message that is not a DoIP message and/or is not an IP message and verifying other messages, e.g., verifying the messages are from a known source, destined to a known destination, include a specific payload and the like. Examination of IP messages may be done with respect to any network layer as known in the art”.), 
 	and stops the relaying after a predetermined amount of time has elapsed following a reception of the unauthorized activity detection data (i.e., …teaches in par. 0073 the following: “starting the engine may be an event that may cause an engine control unit to send an "engine ignited" message and such message received by an SEU may cause the SEU to identify the event. Any event related to a condition, state or context of vehicle 210 may be represented or indicated as shown by block 325, accordingly, an embodiment may disable or otherwise control a communication over an interface port based on an event.”.).

As to claim 7, the system of BEN-NOON and BEN-NOON(2) teaches as applied to claim 1 above teaches unauthorized data detection, specifically BEN-NOON teaches a in-vehicle relay device according to Claim 6, wherein the unauthorized activity detection data includes information of data regarding an unauthorized activity that has been detected (i.e., …teaches in par. 0082 the following: “description or attributes of the previous message sent…help an offline analysis of the attack”), 
and information of a transmission source of the data regarding the unauthorized activity that has been detected (i.e., …teaches in par. 0082 the following: “description or attributes of the previous message sent…help an offline analysis of the attack”).

As to claim 8, the system of BEN-NOON and BEN-NOON(2) teaches as applied to claim 1 above teaches unauthorized data detection, specifically BEN-NOON teaches a in-vehicle relay device according to Claim 7, further comprising: 
a memory that stores, in a correlated manner, the information of the data regarding the unauthorized activity that has been detected (i.e., …teaches in par. 0082 the following: “description or attributes of the previous message sent…help an offline analysis of the attack”), 
and the information of the transmission source of the data regarding the unauthorized activity that has been detected (i.e., …teaches in par. 0021 the following: “to detect or identify security threats, detect or identify events or states that may jeopardize the security or proper function of a system and/or a network.”), 
wherein the control circuit identifies the transmission source of the data regarding the unauthorized activity that has been detected (i.e., …teaches in par. 50 the following: “an SEU (e.g., SEU 220 and/or SEU 230) may determine, detect or identify a context based on at least one of: a state or other attribute of a vehicle, an in-vehicle network, and a node connected to the network. For example, by examining messages communicated over interface port 240 and/or over in-vehicle network 215 (and, as described, an SEU may receive any of, or even all, messages sent over interface port 240 and/or in-vehicle network 215) an SEU may know, or determine or identify, the state of the vehicle itself, nodes on the in-vehicle network as well as the state or context of any one of the nodes connected to an in-vehicle network.”), 
based on the information of the data regarding the unauthorized activity that has been detected and the information of the transmission source of the data regarding the unauthorized activity that has been detected which are stored in the memory (i.e., …teaches in par. 0052 the following: “An action performed by an SEU (e.g., by a controller 105 included in SEU 220 or in SEU 230) may be or may include, logging or recording an event (e.g., for further or future investigation or analysis), blocking a message received from, or sent to, an external device or system, modifying a message and/or changing a configuration of an in-vehicle network or of at least one of the ECUs connected to the in-vehicle network.”).

As to claim 10, the system of BEN-NOON and BEN-NOON(2) teaches as applied to claim 1 above teaches unauthorized data detection, specifically BEN-NOON teaches a in-vehicle relay device according to Claim 1, further comprising: a third communication circuit that transmits and receives fourth data to and from a third in-vehicle equipment in the vehicle (i.e. …see figure 1C), wherein the control circuit, in a second case where the reception data is received from the first communication circuit and is unauthorized (i.e., ….teaches in par. 0132 the following: “detect malicious activity.”), 
stops the relaying of the third data between the first communication circuit and the second communication circuit (i.e., …teaches in par. 0052 the following: “An action performed by an SEU (e.g., by a controller 105 included in SEU 220 or in SEU 230) may be or may include, logging or recording an event (e.g., for further or future investigation or analysis), blocking a message received from, or sent to, an external device or system, modifying a message and/or changing a configuration of an in-vehicle network or of at least one of the ECUs connected to the in-vehicle network.”), 
and continues relaying of fifth data between the first communication circuit and the third communication circuit (i.e., …teaches in par. 0073 the following: “starting the engine may be an event that may cause an engine control unit to send an "engine ignited" message and such message received by an SEU may cause the SEU to identify the event. Any event related to a condition, state or context of vehicle 210 may be represented or indicated as shown by block 325, accordingly, an embodiment may disable or otherwise control a communication over an interface port based on an event.”.).

As to claim 11, the system of BEN-NOON and BEN-NOON(2) teaches as applied to claim 1 above teaches unauthorized data detection, specifically BEN-NOON teaches a in-vehicle relay device according to Claim 10, wherein diagnostics equipment that diagnosis a state of the first in-vehicle equipment is connected to the third in-vehicle equipment (i.e., …teaches in par. the following: “specific diagnostics services”).

As to claim 12, the system of BEN-NOON and BEN-NOON(2) teaches as applied to claim 1 above teaches unauthorized data detection, specifically BEN-NOON teaches a in-vehicle relay device according to Claim 10, wherein the third in-vehicle equipment is a communication circuit that is configured for external communication from the vehicle (i.e. …teaches as part of his Abstract the following: “A system or method may include an in-vehicle network including an interface port for connecting an external device to the in-vehicle network”).

As to claim 13, the system of BEN-NOON and BEN-NOON(2) teaches as applied to claim 1 above teaches unauthorized data detection, specifically BEN-NOON teaches a in-vehicle relay device according to Claim 1, wherein the control circuit, in the case where the reception data received from the first communication circuit or the second communication circuit is unauthorized, resumes the relaying upon receiving, from the first communication circuit or the second communication circuit, data requesting cancellation of stopping the relaying (i.e., …teaches in par. 0085 the following: “SEU 230 may disable a session from being established by blocking a message designed to establish a session, or SEU may terminate a session by sending a message designed to terminate the session to an ECU on in-vehicle network 215 and/or to external device 250. At any point, an SEU may send or record information related to a session, for example, upon blocking or terminating a session, an SEU may send an error or other message, e.g., to an initiator of the session.”).

Claim 9 is rejected under 35 U.S.C. 103 as being unpatentable over BEN-NOON in view of BEN-NOON(2) as applied to claim 1 above and further in view of DICKMAN et al. (WO2014/061021), 

As to claim 9, the system of BEN-NOON and BEN-NOON(2) teaches as applied to claim 1 above teaches unauthorized data detection, specifically BEN-NOON teaches a in-vehicle relay device according to Claim 1, and the control circuit: receives, from the first communication circuit or the second communication circuit, unauthorized activity detection data notifying that the reception data is unauthorized (i.e., …teaches in par. 0074 the following: “permit or allow external device 250 to communicate only with the indicated nodes and disable, prevent or block external device from communicating with other nodes. An indication of nodes may be or may include a node type, e.g., a type value in block 330 may cause an SEU to enable external device 250 to communicate with non-critical nodes only. A value in block 330 may be a "whitelist" as known in the art, e.g., include all nodes with which communication is allowed or the value in block 330 may be a "blacklist" as known in the art, e.g., include all nodes with which communication is to be blocked. “’); 
and stops the relaying upon receiving data notifying, as the traveling state of the vehicle, that the self-driving function is in an off state, following a reception of the unauthorized activity detection data (i.e., …teaches in par. 0073 the following: “starting the engine may be an event that may cause an engine control unit to send an "engine ignited" message and such message received by an SEU may cause the SEU to identify the event. Any event related to a condition, state or context of vehicle 210 may be represented or indicated as shown by block 325, accordingly, an embodiment may disable or otherwise control a communication over an interface port based on an event.”.).

The system of BEN-NOON and BEN-NOON(2) do not expressly teach:
	wherein the vehicle includes a self-driving function.
In this instance the examiner notes the teachings of prior art reference DICKMAN.
	RUVIO teaches on page. 22 par. 2 autonomous (i.e., self-driving) vehicles. 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of BEN-NOON and BEN-NOON(2) with the teachings of DICKMAN by including the feature(s) of autonomous vehicles. Utilizing the feature of autonomous driving vehicles as taught by DICKMAN above allows a system to provide comprehensive vehicle support and therefore provides the motivation in this instance to combine the references. The examiner contends that by combining the references, the system of BEN-NOON and BEN-NOON(2) will obtain the capability to provide enhanced vehicle maintainability. 

Claim 14 is rejected under 35 U.S.C. 103 as being unpatentable over BEN-NOON in view of BEN-NOON(2) as applied to claim 1 above and further in view of Yasue et al. (US Patent Publication No. 2009/0271063 and Yasue hereinafter). 

As to claim 14, the system of BEN-NOON and BEN-NOON(2) teaches as applied to claim 1 above teaches unauthorized data detection, specifically BEN-NOON teaches in-vehicle relay device according to Claim 1, further comprising: 
wherein, at a time of turning on power of the in-vehicle relay device (i.e., …teaches in par. 0073 the following: “starting the engine may be an event that may cause an engine control unit to send an "engine ignited" message and such message received by an SEU may cause the SEU to identify the event. Any event related to a condition, state or context of vehicle 210 may be represented or indicated as shown by block 325, accordingly, an embodiment may disable or otherwise control a communication over an interface port based on an event.”.), 
the control circuit maintains or stops relay of the third data among the first in-vehicle equipment and the second in-vehicle equipment, based on the relay state stored in the memory (i.e., …teaches in par. 0073 the following: “starting the engine may be an event that may cause an engine control unit to send an "engine ignited" message and such message received by an SEU may cause the SEU to identify the event. Any event related to a condition, state or context of vehicle 210 may be represented or indicated as shown by block 325, accordingly, an embodiment may disable or otherwise control a communication over an interface port based on an event.”.).

The system of BEN-NOON and BEN-NOON(2) does not expressly teach: 
a memory that stores a relay state of relaying the third data among the first in-vehicle equipment and the second in-vehicle equipment. 
In this instance the examiner notes the teachings of prior art reference Yasue. 
Yasue teaches in par. 0042 the following: “a memory configured to store data regardless of an on-off state of a power source of the first ECU, state information control means for writing state information in the memory, the state information …”.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of BEN-NOON and BEN-NOON(2) with the teachings of Yasue by including the feature(s) of configurable memory. Utilizing the feature of configurable memory as taught by Yasue above allows a system to provide comprehensive data storage and therefore provides the motivation in this instance to combine the references. The examiner contends that by combining the references, the system of BEN-NOON and BEN-NOON(2) will obtain the capability to provide enhanced data maintainability. 
Art Made of Record
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure: Takatsuka (US Patent Publication No. 2020/0015075).
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRYAN F WRIGHT whose telephone number is (571)270-3826.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni Shiferaw can be reached on (571)272-3867.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/BRYAN F WRIGHT/Examiner, Art Unit 2497