DETAILED ACTION
This Office action is in response to the amendment filed on September 6, 2022.
Claims 1-20 are pending.
Claims 2, 4, 5, 7, 9, 11, 12, 14-18, and 20 have been amended.
The objections to Claims 2, 4, 5, 7, 9, 11, 12, 14-18, and 20 are withdrawn in view of Applicant’s amendments to the claims.
The 35 U.S.C. § 101 rejections of Claims 1-20 are maintained in view of Applicant’s arguments and further explained hereinafter.
For clarity of the prosecution history record, Claims 15-20 are directed to a computer program product comprising a computer readable storage medium. It is noted that the Applicant’s specification states that “[a] computer readable storage medium, as used herein, is not to be construed as being transitory signals per se, such as radio waves or other freely propagating electromagnetic waves, electromagnetic waves propagating through a waveguide or other transmission media (e.g., light pulses passing through a fiber-optic cable), or electrical signals transmitted through a wire” (page 25, paragraph [0086]). Thus, such statement appears to provide a special definition that explicitly excludes a computer readable storage medium from being interpreted as transitory signals per se. Therefore, Claims 15-20 can rely on the special definition and are eligible subject matter under § 101.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendment
Claim Objections
Claim 20 is objected to because of the following informalities:
Claim 20 recites “[t]he computer program product stored in a computer readable medium.” It should read -- The computer program product --.
Appropriate correction is required.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more.

Claim 1 recites the limitations “decomposing software into functional blocks to provide a software genome,” “building a representation of the software genome in a knowledge graph linking granularities of the functional blocks,” and “identifying issues with a target software based on the knowledge graph.” The recited steps, under the broadest reasonable interpretation, cover performance of the steps in the human mind alone or with the aid of pen or paper. That is, nothing in the claim precludes the steps from practically being performed in the human mind alone or with the aid of pen or paper.
If a claim limitation, under its broadest reasonable interpretation, covers performance of the limitation in the human mind but for the recitation of generic computer components, then it falls within the “Mental Processes” grouping of abstract ideas. Accordingly, the claim recites an abstract idea.
The claim does not recite additional elements that integrate the judicial exception into a practical application of the judicial exception. The claim is directed to an abstract idea. Furthermore, the claim does not recite additional elements that are sufficient to amount to significantly more than the judicial exception. The claim is not patent eligible.

Claims 2-8 are rejected under 35 U.S.C. 101 as directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more for at least the reasons stated above. The claims are dependent on Claim 1, but do not add any feature or subject matter that would solve the judicial exception deficiencies of Claim 1. For instance, Claims 2-8 either recite further mental steps which fail to make the claims any less abstract or additional elements that do not integrate the judicial exception into a practical application of the judicial exception and thus are not significantly more than the abstract idea. Claims 2-8 do not add any steps or elements, when considered both individually and as a combination, that would convert Claim 1 into patent-eligible subject matter.
Claims 1-8 are therefore not drawn to patent-eligible subject matter as they are directed to an abstract idea without significantly more.

The other independent claims, Claims 9 and 15, are directed to a system and a computer program product, respectively. The mere recitation of generic computer elements in Claims 9 and 15 cannot transform a patent ineligible abstract idea into a patent-eligible invention. Likewise, limiting an abstract idea to a computer environment does not make an invention patent-eligible. Alice, 134 S. Ct. at 2359 (holding patent ineligible claims that “amount to nothing significantly more than an instruction to apply the abstract idea … using some unspecified, generic computer” and in which “each step does no more than require a generic computer to perform generic computer functions” (internal quotation marks, citation omitted)).

Claims 10-14 are rejected under 35 U.S.C. 101 as directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more for at least the reasons stated above. The claims are dependent on Claim 9, but do not add any feature or subject matter that would solve the judicial exception deficiencies of Claim 9. For instance, Claims 10-14 either recite further mental steps which fail to make the claims any less abstract or additional elements that do not integrate the judicial exception into a practical application of the judicial exception and thus are not significantly more than the abstract idea. Claims 10-14 do not add any steps or elements, when considered both individually and as a combination, that would convert Claim 9 into patent-eligible subject matter.
Claims 9-14 are therefore not drawn to patent-eligible subject matter as they are directed to an abstract idea without significantly more.

Claims 16-20 are rejected under 35 U.S.C. 101 as directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more for at least the reasons stated above. The claims are dependent on Claim 15, but do not add any feature or subject matter that would solve the judicial exception deficiencies of Claim 15. For instance, Claims 16-20 either recite further mental steps which fail to make the claims any less abstract or additional elements that do not integrate the judicial exception into a practical application of the judicial exception and thus are not significantly more than the abstract idea. Claims 16-20 do not add any steps or elements, when considered both individually and as a combination, that would convert Claim 15 into patent-eligible subject matter.
Claims 15-20 are therefore not drawn to patent-eligible subject matter as they are directed to an abstract idea without significantly more.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 1, 2, 4-10, 12-16, and 18-20 are rejected under 35 U.S.C. 103 as being unpatentable over US 2008/0154965 (hereinafter “Pedersen”) in view of US 2018/0159876 (hereinafter “Park”).

As per Claim 1, Pedersen discloses:
A method for providing software intelligence, the method comprising:
decomposing software into functional blocks to provide a software genome (Figure 5; paragraph [0054], “… the presence of individual materials is verified by decomposing the software product in a hierarchical fashion. For example, referring now to FIG. 5, when presented with a top-level software product 500, the top-level software product 500 is decomposed into its components (e.g., the three second-level component materials 5041, 5042, and 5043). Having decomposed the top-level software product 500 into its component materials 5041, 5042, and 5043, attempts are then made to decompose each second level component material 5041, 5042, and 5043 into its own constituent component materials. For example, second-level component material 5041 is decomposed into two third-level components materials 5081 and 5082, and second-level component material 5042 is decomposed into n third-level component materials 5121 to 512n. Attempts are made to decompose each level of component materials as described until the resulting component materials cannot be further decomposed [decomposing software into functional blocks to provide a software genome] (emphasis added).”);
building a representation of the software genome in a graph linking granularities of the functional blocks (Figure 5; paragraph [0054], “… the presence of individual materials is verified by decomposing the software product in a hierarchical fashion. For example, referring now to FIG. 5, when presented with a top-level software product 500, the top-level software product 500 is decomposed into its components (e.g., the three second-level component materials 5041, 5042, and 5043). Having decomposed the top-level software product 500 into its component materials 5041, 5042, and 5043, attempts are then made to decompose each second level component material 5041, 5042, and 5043 into its own constituent component materials. For example, second-level component material 5041 is decomposed into two third-level components materials 5081 and 5082, and second-level component material 5042 is decomposed into n third-level component materials 5121 to 512n [building a representation of the software genome in a graph linking granularities of the functional blocks]. Attempts are made to decompose each level of component materials as described until the resulting component materials cannot be further decomposed.”); [Examiner’s Remarks: Note that Figure 5 of Pedersen depicts a graph linking granularities of the components of the software product.] and
identifying issues with a target software based on the graph (paragraph [0049], “Embodiments of the present invention would, in a hypothetical software product under development, identify the materials specified in the inventory and the materials actually used, analyze their associated metadata, for example license and contractual conditions, and identify any incompatibilities or breaches associated with the identified metadata.”; paragraph [0050], “The enforcement of these policies can be implemented by comparing metadata associated with the materials or the software product against metadata derived from the specified policy and identifying compliance with the specified policy or deviation from the specified policy [identifying issues with a target software based on the graph].”; paragraph [0051], “Once the verification process is completed, an indication concerning the results of the analysis is typically provided (Step 224).”).
Pedersen discloses “a graph,” but Pedersen does not explicitly disclose:
a knowledge graph.
However, Park discloses:
a knowledge graph (paragraph [0007], “General knowledge graphs, such as Google Knowledge Graph, Yago, and Cyc, are also known in the prior art, and they are used to facilitate information retrieval and semantic web applications (emphasis added).”; paragraph [0009], “Presently, there remains a need to provide automated systems to build a large scale cybersecurity knowledge graph that can consolidate knowledge derived from both structured and unstructured information sources, and that can be used to facilitate search, filtering, and prioritization of hypotheses for security offenses.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of Park into the teaching of Pedersen to include “a knowledge graph.” The modification would be obvious because one of ordinary skill in the art would be motivated to facilitate searching, filtering, and prioritization of hypotheses for security offenses (Park, paragraph [0009]).

As per Claim 2, the rejection of Claim 1 is incorporated; and Pedersen further discloses:
decomposing the target software into functional blocks to provide a software genome of the target software (Figure 5; paragraph [0054], “… the presence of individual materials is verified by decomposing the software product in a hierarchical fashion. For example, referring now to FIG. 5, when presented with a top-level software product 500, the top-level software product 500 is decomposed into its components (e.g., the three second-level component materials 5041, 5042, and 5043). Having decomposed the top-level software product 500 into its component materials 5041, 5042, and 5043, attempts are then made to decompose each second level component material 5041, 5042, and 5043 into its own constituent component materials. For example, second-level component material 5041 is decomposed into two third-level components materials 5081 and 5082, and second-level component material 5042 is decomposed into n third-level component materials 5121 to 512n. Attempts are made to decompose each level of component materials as described until the resulting component materials cannot be further decomposed.”);
comparing the software genome of the target software with the graph to identify issues with the target software (paragraph [0049], “Embodiments of the present invention would, in a hypothetical software product under development, identify the materials specified in the inventory and the materials actually used, analyze their associated metadata, for example license and contractual conditions, and identify any incompatibilities or breaches associated with the identified metadata.”; paragraph [0050], “The enforcement of these policies can be implemented by comparing metadata associated with the materials or the software product against metadata derived from the specified policy and identifying compliance with the specified policy or deviation from the specified policy.”); and
outputting results of the identifying of the issues with the target software in an as-a service (paragraph [0046], “FIG. 3 presents an example of a specification of materials for a software product in development ("Project Phantom") utilizing a combination of closed source and open source software components and services.”; paragraph [0049], “Embodiments of the present invention would, in a hypothetical software product under development, identify the materials specified in the inventory and the materials actually used, analyze their associated metadata, for example license and contractual conditions, and identify any incompatibilities or breaches associated with the identified metadata.”; paragraph [0050], “The enforcement of these policies can be implemented by comparing metadata associated with the materials or the software product against metadata derived from the specified policy and identifying compliance with the specified policy or deviation from the specified policy.”; paragraph [0051], “Once the verification process is completed, an indication concerning the results of the analysis is typically provided (Step 224).”).
Pedersen discloses “a graph,” but Pedersen does not explicitly disclose:
a knowledge graph.
However, Park discloses:
a knowledge graph (paragraph [0007], “General knowledge graphs, such as Google Knowledge Graph, Yago, and Cyc, are also known in the prior art, and they are used to facilitate information retrieval and semantic web applications.”; paragraph [0009], “Presently, there remains a need to provide automated systems to build a large scale cybersecurity knowledge graph that can consolidate knowledge derived from both structured and unstructured information sources, and that can be used to facilitate search, filtering, and prioritization of hypotheses for security offenses.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of Park into the teaching of Pedersen to include “a knowledge graph.” The modification would be obvious because one of ordinary skill in the art would be motivated to facilitate searching, filtering, and prioritization of hypotheses for security offenses (Park, paragraph [0009]).

As per Claim 4, the rejection of Claim 1 is incorporated; and Pedersen further discloses:
wherein the identifying of the issues with the target software based on the knowledge graph includes identifying security issues or intellectual property issues of the software (paragraph [0017], “… the method further includes receiving a notification concerning at least one of the materials specified in the inventory and providing an indication concerning the received notification. Typical notifications include one or more of the availability of a newer version of at least one of the materials specified in the inventory, a security vulnerability in at least one of the materials specified in the inventory …”; paragraph [0032], “In broad overview, in accordance with this aspect of the invention, a specification of materials, including software components, services. and other materials to be included in a software product is received, thereby generating an inventory of materials included in the software product.”).
Pedersen does not explicitly disclose:
wherein the identifying of the issues with the target software based on the knowledge graph includes identifying security issues or intellectual property issues of the software to an organization.
However, Park discloses:
an organization (paragraph [0002], “Today's networks are larger and more complex than ever before, and protecting them against malicious activity is a never-ending task. Organizations seeking to safeguard their intellectual property, protect their customer identities, avoid business disruptions, and the like, need to do more than just monitor logs and network flow data; indeed, many organizations create millions, or even billions, of events per day, and distilling that data down to a short list of priority offenses can be daunting.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of Park into the teaching of Pedersen to include “wherein the identifying of the issues with the target software based on the knowledge graph includes identifying security issues or intellectual property issues of the software to an organization.” The modification would be obvious because one of ordinary skill in the art would be motivated to allow organizations to safeguard their intellectual property, protect their customer identities, avoid business disruptions, and the like (Park, paragraph [0002]).

As per Claim 5, the rejection of Claim 1 is incorporated; and the combination of Pedersen and Park discloses “identifying of issues with a target software based on a knowledge graph” and Pedersen further discloses:
identifying a threat, problem or code plagiarism of the target software (paragraph [0017], “… the method further includes receiving a notification concerning at least one of the materials specified in the inventory and providing an indication concerning the received notification. Typical notifications include one or more of the availability of a newer version of at least one of the materials specified in the inventory, a security vulnerability in at least one of the materials specified in the inventory …”; paragraph [0032], “In broad overview, in accordance with this aspect of the invention, a specification of materials, including software components, services. and other materials to be included in a software product is received, thereby generating an inventory of materials included in the software product.”).
Pedersen does not explicitly disclose:
wherein the knowledge graph is supplemented by threat intelligence sources.
However, Park discloses:
wherein a knowledge graph is supplemented by threat intelligence sources (paragraph [0073], “At step 706, an initial knowledge graph (KG) 708 is constructed from the initial data model and the security and threat intelligence information retrieved the structured data sources 700.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of Park into the teaching of Pedersen to include “wherein the knowledge graph is supplemented by threat intelligence sources.” The modification would be obvious because one of ordinary skill in the art would be motivated to facilitate cognitive security analysis (Park, paragraph [0079]).

As per Claim 6, the rejection of Claim 1 is incorporated; and Pedersen discloses “a result of a comparison of a target software and a knowledge graph,” but Pedersen does not explicitly disclose:
leveraging external and internal threat intelligence to deduce risks from a result of a comparison of the target software and the knowledge graph.
However, Park discloses:
leveraging external and internal threat intelligence to deduce risks (Figure 6; paragraph [0058], “FIG. 6 depicts the offense context graph 600 augmented by the knowledge graph 602. In general, the offense context graph 600 depicts local kinetics, e.g., events and intelligence related to an offense, e.g., SIEM offense data, log events and flows, and such information preferably is augmented from the information derived from the knowledge graph 602. In this example embodiment, the knowledge graph is global in nature and scope, as it preferably depicts external cyber security and threat intelligence, cyber security concepts, and the like.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of Park into the teaching of Pedersen to include “leveraging external and internal threat intelligence to deduce risks from a result of a comparison of the target software and the knowledge graph.” The modification would be obvious because one of ordinary skill in the art would be motivated to facilitate searching, filtering, and prioritization of hypotheses for security offenses (Park, paragraph [0009]).

As per Claim 7, the rejection of Claim 1 is incorporated; and Pedersen further discloses:
decomposing the target software into functional blocks to provide a software genome of the target software (Figure 5; paragraph [0054], “… the presence of individual materials is verified by decomposing the software product in a hierarchical fashion. For example, referring now to FIG. 5, when presented with a top-level software product 500, the top-level software product 500 is decomposed into its components (e.g., the three second-level component materials 5041, 5042, and 5043). Having decomposed the top-level software product 500 into its component materials 5041, 5042, and 5043, attempts are then made to decompose each second level component material 5041, 5042, and 5043 into its own constituent component materials. For example, second-level component material 5041 is decomposed into two third-level components materials 5081 and 5082, and second-level component material 5042 is decomposed into n third-level component materials 5121 to 512n. Attempts are made to decompose each level of component materials as described until the resulting component materials cannot be further decomposed.”); and
comparing the software genome of the target software with the knowledge graph to identify issues with the target software (paragraph [0049], “Embodiments of the present invention would, in a hypothetical software product under development, identify the materials specified in the inventory and the materials actually used, analyze their associated metadata, for example license and contractual conditions, and identify any incompatibilities or breaches associated with the identified metadata.”; paragraph [0050], “The enforcement of these policies can be implemented by comparing metadata associated with the materials or the software product against metadata derived from the specified policy and identifying compliance with the specified policy or deviation from the specified policy.”).
Pedersen does not explicitly disclose:
wherein the identifying of the issues uses a set of external resources and internal resources threat intelligence to determine risks.
However, Park discloses:
wherein identifying of issues uses a set of external resources and internal resources threat intelligence to determine risks (Figure 6; paragraph [0058], “FIG. 6 depicts the offense context graph 600 augmented by the knowledge graph 602. In general, the offense context graph 600 depicts local kinetics, e.g., events and intelligence related to an offense, e.g., SIEM offense data, log events and flows, and such information preferably is augmented from the information derived from the knowledge graph 602. In this example embodiment, the knowledge graph is global in nature and scope, as it preferably depicts external cyber security and threat intelligence, cyber security concepts, and the like.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of Park into the teaching of Pedersen to include “wherein the identifying of the issues uses a set of external resources and internal resources threat intelligence to determine risks.” The modification would be obvious because one of ordinary skill in the art would be motivated to facilitate searching, filtering, and prioritization of hypotheses for security offenses (Park, paragraph [0009]).

As per Claim 8, the rejection of Claim 1 is incorporated; and Pedersen does not explicitly disclose:
being executed by a cloud computing node.
However, Park discloses:
being executed by a cloud computing node (paragraph [0097], “The scheme described herein may be implemented in or in conjunction with various server-side architectures including simple n-tier architectures, web portals, federated systems, and the like. The techniques herein may be practiced in a loosely-coupled server (including a “cloud”-based) environment.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of Park into the teaching of Pedersen to include “being executed by a cloud computing node.” The modification would be obvious because one of ordinary skill in the art would be motivated to utilize on-demand availability of computer system resources without direct active management by a user.

Claims 9, 10, 12, and 14 are system claims corresponding to the method claims hereinabove (Claims 1, 2, 5, and 7, respectively). Therefore, Claims 9, 10, 12, and 14 are rejected for the same reasons set forth in the rejections of Claims 1, 2, 5, and 7, respectively.

Claims 15, 16, 18, and 20 are computer program product claims corresponding to the method claims hereinabove (Claims 1, 2, 5, and 7, respectively). Therefore, Claims 15, 16, 18, and 20 are rejected for the same reasons set forth in the rejections of Claims 1, 2, 5, and 7, respectively.

As per Claim 13, the rejection of Claim 9 is incorporated; and Pedersen discloses “a result of a comparison of a target software and a knowledge graph,” but Pedersen does not explicitly disclose:
leveraging external and internal threat intelligence to deduce risks from a result of a comparison of the target software and the knowledge graph, and
wherein the system is cloud implemented including a cloud computing node.
However, Park discloses:
leveraging external and internal threat intelligence to deduce risks (Figure 6; paragraph [0058], “FIG. 6 depicts the offense context graph 600 augmented by the knowledge graph 602. In general, the offense context graph 600 depicts local kinetics, e.g., events and intelligence related to an offense, e.g., SIEM offense data, log events and flows, and such information preferably is augmented from the information derived from the knowledge graph 602. In this example embodiment, the knowledge graph is global in nature and scope, as it preferably depicts external cyber security and threat intelligence, cyber security concepts, and the like.”), and
wherein a system is cloud implemented including a cloud computing node (paragraph [0097], “The scheme described herein may be implemented in or in conjunction with various server-side architectures including simple n-tier architectures, web portals, federated systems, and the like. The techniques herein may be practiced in a loosely-coupled server (including a “cloud”-based) environment.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of Park into the teaching of Pedersen to include “leveraging external and internal threat intelligence to deduce risks from a result of a comparison of the target software and the knowledge graph, and wherein the system is cloud implemented including a cloud computing node.” The modification would be obvious because one of ordinary skill in the art would be motivated to facilitate searching, filtering, and prioritization of hypotheses for security offenses (Park, paragraph [0009]) and utilize on-demand availability of computer system resources without direct active management by a user.

Claim 19 is a computer program product claim corresponding to the system claim hereinabove (Claim 13). Therefore, Claim 19 is rejected for the same reason set forth in the rejection of Claim 13.

Claims 3, 11, and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Pedersen in view of Park as applied to Claims 1, 9, and 15 above, and further in view of US 2013/0254751 (hereinafter “Howard”).

As per Claim 3, the rejection of Claim 1 is incorporated; and Pedersen further discloses:
wherein the building of the representation of the software genome in the knowledge graph includes linking the granularities of the functional blocks including the genes of the functional blocks (Figure 5; paragraph [0054], “… the presence of individual materials is verified by decomposing the software product in a hierarchical fashion. For example, referring now to FIG. 5, when presented with a top-level software product 500, the top-level software product 500 is decomposed into its components (e.g., the three second-level component materials 5041, 5042, and 5043). Having decomposed the top-level software product 500 into its component materials 5041, 5042, and 5043, attempts are then made to decompose each second level component material 5041, 5042, and 5043 into its own constituent component materials. For example, second-level component material 5041 is decomposed into two third-level components materials 5081 and 5082, and second-level component material 5042 is decomposed into n third-level component materials 5121 to 512n. Attempts are made to decompose each level of component materials as described until the resulting component materials cannot be further decomposed.”).
The combination of Pedersen and Park does not explicitly disclose:
wherein the decomposing uses an X-ray method of decomposing on a functional level of the software to provide genes of the functional blocks.
However, Howard discloses:
wherein decomposing uses an X-ray method of decomposing on a functional level of software to provide genes of functional blocks (Figure 2; paragraph [0105], “The standard view of the functional ordering of decomposed functions "g( )" might give is shown in FIG. 2, which is a diagram showing a standard, prior art, functional decomposition. The function-order arrows (control flow indicators) on the standard functional decomposition diagram of FIG. 2 indicate the calling order of the functions. This calling order comes from a combination of the decomposition level (indicated by the level number shown on the diagram) and the parameter order of the functions as shown in FIG. 2.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of Howard into the combined teachings of Pedersen and Park to include “wherein the decomposing uses an X-ray method of decomposing on a functional level of the software to provide genes of the functional blocks.” The modification would be obvious because one of ordinary skill in the art would be motivated to hierarchically identify functions within functions such that the equivalent functionality of an original function is maintained while the complexity of component functions simplifies (Howard, paragraph [0104]).

As per Claim 11, the rejection of Claim 9 is incorporated; and Pedersen further discloses:
wherein the building of the representation of the software genome in the knowledge graph includes linking the granularities of the functional blocks including the genes of the functional blocks (Figure 5; paragraph [0054], “… the presence of individual materials is verified by decomposing the software product in a hierarchical fashion. For example, referring now to FIG. 5, when presented with a top-level software product 500, the top-level software product 500 is decomposed into its components (e.g., the three second-level component materials 5041, 5042, and 5043). Having decomposed the top-level software product 500 into its component materials 5041, 5042, and 5043, attempts are then made to decompose each second level component material 5041, 5042, and 5043 into its own constituent component materials. For example, second-level component material 5041 is decomposed into two third-level components materials 5081 and 5082, and second-level component material 5042 is decomposed into n third-level component materials 5121 to 512n. Attempts are made to decompose each level of component materials as described until the resulting component materials cannot be further decomposed.”), and
wherein the identifying of the issues with the target software based on the knowledge graph includes identifying security issues or intellectual property issues of the software (paragraph [0017], “… the method further includes receiving a notification concerning at least one of the materials specified in the inventory and providing an indication concerning the received notification. Typical notifications include one or more of the availability of a newer version of at least one of the materials specified in the inventory, a security vulnerability in at least one of the materials specified in the inventory …”; paragraph [0032], “In broad overview, in accordance with this aspect of the invention, a specification of materials, including software components, services. and other materials to be included in a software product is received, thereby generating an inventory of materials included in the software product.”).
Pedersen does not explicitly disclose:
wherein the identifying of the issues with the target software based on the knowledge graph includes identifying security issues or intellectual property issues of the software to an organization.
However, Park discloses:
an organization (paragraph [0002], “Today's networks are larger and more complex than ever before, and protecting them against malicious activity is a never-ending task. Organizations seeking to safeguard their intellectual property, protect their customer identities, avoid business disruptions, and the like, need to do more than just monitor logs and network flow data; indeed, many organizations create millions, or even billions, of events per day, and distilling that data down to a short list of priority offenses can be daunting.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of Park into the teaching of Pedersen to include “wherein the identifying of the issues with the target software based on the knowledge graph includes identifying security issues or intellectual property issues of the software to an organization.” The modification would be obvious because one of ordinary skill in the art would be motivated to allow organizations to safeguard their intellectual property, protect their customer identities, avoid business disruptions, and the like (Park, paragraph [0002]).
The combination of Pedersen and Park does not explicitly disclose:
wherein the decomposing uses an X-ray method of decomposing on a functional level of software to provide genes of the functional blocks.
However, Howard discloses:
wherein decomposing uses an X-ray method of decomposing on a functional level of software to provide genes of functional blocks (Figure 2; paragraph [0105], “The standard view of the functional ordering of decomposed functions "g( )" might give is shown in FIG. 2, which is a diagram showing a standard, prior art, functional decomposition. The function-order arrows (control flow indicators) on the standard functional decomposition diagram of FIG. 2 indicate the calling order of the functions. This calling order comes from a combination of the decomposition level (indicated by the level number shown on the diagram) and the parameter order of the functions as shown in FIG. 2.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of Howard into the combined teachings of Pedersen and Park to include “wherein the decomposing uses an X-ray method of decomposing on a functional level of software to provide genes of the functional blocks.” The modification would be obvious because one of ordinary skill in the art would be motivated to hierarchically identify functions within functions such that the equivalent functionality of an original function is maintained while the complexity of component functions simplifies (Howard, paragraph [0104]).

Claim 17 is a computer program product claim corresponding to the system claim hereinabove (Claim 11). Therefore, Claim 17 is rejected for the same reason set forth in the rejection of Claim 11.

Response to Arguments
Applicant’s arguments filed on September 6, 2022 have been fully considered, but they are not persuasive.

In the Remarks, Applicant argues:
There is no mathematical relationship, formula, or calculation, or any of the judicial exceptions enumerated in the 2019 PEG per se. Even if it is argued that the claims fall on the judicial exception, prong 2 must be looked at.
Additionally, it can be seen that claims 9 and 20 includes the following structural components, “computer readable medium” and a processor. These structural components cannot be abstract.
(See Remarks – page 11, emphasis in original.)

Examiner’s response:
Examiner disagrees. Applicant’s arguments are not persuasive for at least the following reasons:
First, with respect to the Applicant’s assertion that Prong Two must be looked at, the Examiner respectfully submits that, as pointed out in the 35 U.S.C. § 101 rejections hereinabove, the claims are evaluated under revised Step 2A, Prong Two, to determine whether the claims recite additional elements that integrate the judicial exception into a practical application of the judicial exception. The claims do not recite additional elements that integrate the judicial exception into a practical application of the judicial exception. The claims are directed to an abstract idea.
Second, with respect to the Applicant’s assertion that structural components cannot be abstract, the Examiner respectfully submit that “the courts [do not] distinguish between claims that recite mental processes performed by humans and claims that recite mental processes performed on a computer. As the Federal Circuit has explained, ‘[c]ourts have examined claims that required the use of a computer and still found that the underlying, patent-ineligible invention could be performed via pen and paper or in a person’s mind.’” Versata Dev. Group v. SAP Am., Inc., 793 F.3d 1306, 1335, 115 USPQ2d 1681, 1702 (Fed. Cir. 2015). See also Intellectual Ventures I LLC v. Symantec Corp., 838 F.3d 1307, 1318, 120 USPQ2d 1353, 1360 (Fed. Cir. 2016). See also MPEP § 2106.04(a)(2).
Therefore, for at least the reasons set forth above, the rejections made under 35 U.S.C. § 101 with respect to Claims 1-20 are proper and therefore, maintained.

In the Remarks, Applicant argues:
As seen in the amended claims, the claims integrate into a practical application.
For example, claim 1 recites “identifying issues with a target software based on the knowledge graph”.
For example, claim 20 recites “wherein the identifying of the issues uses a set of external resources and internal resources threat intelligence to determine risks”.
Therefore, the claims recite the practical application of not only outputting of the data, but also for stream processing.
Therefore, even if the Examiner argues that the claims are in the judicial exception, the claims still integrates to a practical application.
Therefore, since the claims pass step 2A, there is no need to go to Step 2B.
(See Remarks – pages 11 and 12, emphasis in original.)

Examiner’s response:
Examiner disagrees. With respect to the Applicant’s assertion that the claims recite the practical application of not only outputting of the data, but also for stream processing, the Examiner respectfully submits that, as pointed out in the 35 U.S.C. § 101 rejections hereinabove, the recited steps of the claims cover performance of the steps in the human mind alone or with the aid of pen or paper. And the claims do not recite additional elements that integrate the judicial exception into a practical application of the judicial exception. The claims are directed to an abstract idea.
Therefore, for at least the reason set forth above, the rejections made under 35 U.S.C. § 101 with respect to Claims 1-20 are proper and therefore, maintained.

In the Remarks, Applicant argues:
For example, the specification recites the improvements, as mentioned in the specification the problems in the prior art is discussed which the claimed invention solves:
[…]
As shown, the techniques exhibit advantages over the related art and problems that the claimed invention solves.
Therefore, the computer functionality is improved by the claimed invention.
(See Remarks – pages 13 and 14, emphasis in original.)

Examiner’s response:
Examiner disagrees. With respect to the Applicant’s assertion that the computer functionality is improved by the claimed invention, the Examiner respectfully submits that “[i]t is important to note that in order for a method claim to improve computer functionality, the broadest reasonable interpretation of the claim must be limited to computer implementation. That is, a claim whose entire scope can be performed mentally, cannot be said to improve computer technology.” Synopsys, Inc. v. Mentor Graphics Corp., 839 F.3d 1138, 120 USPQ2d 1473 (Fed. Cir. 2016) (a method of translating a logic circuit into a hardware component description of a logic circuit was found to be ineligible because the method did not employ a computer and a skilled artisan could perform all the steps mentally). See also MPEP § 2106.05(a).
Therefore, for at least the reason set forth above, the rejections made under 35 U.S.C. § 101 with respect to Claims 1-20 are proper and therefore, maintained.

In the Remarks, Applicant argues:
The combination fails to teach or suggest (e.g. claim 1), “building a representation of the software genome in a knowledge graph linking granularities of the functional blocks”.
[…]
However, Pederson merely describes verifying materials by decomposing software by a hierarchical method. However, there is no specific teaching or suggestion of building a representation of the software genome in a knowledge graph linking granularities of the functional blocks.
[…]
There is no teaching or suggestion of building a representation of the software genome in such a general knowledge graph.
However, Park merely discloses a knowledge graph in general.
Therefore, the combination fails to teach or suggest “building a representation of the software genome in a knowledge graph linking granularities of the functional blocks”.
(See Remarks – pages 14 and 16, emphasis in original.)

Examiner’s response:
Examiner disagrees. Applicant’s arguments are not persuasive for at least the following reasons:
First, without acquiescing to the Applicant’s assertion that the combination fails to teach or suggest “building a representation of the software genome in a knowledge graph linking granularities of the functional blocks,” the Examiner first submits that, in response to the Applicant’s arguments against the references individually, one cannot show nonobviousness by attacking references individually where the rejections are based on combinations of references. See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986).
Second, with respect to the Applicant’s assertion that the combination fails to teach or suggest “building a representation of the software genome in a knowledge graph linking granularities of the functional blocks,” the Examiner respectfully submits that Pedersen discloses “building a representation of the software genome in a graph linking granularities of the functional blocks.” Pedersen discloses “a graph,” but Pedersen does not explicitly disclose “a knowledge graph.” However, Park discloses “a knowledge graph.” Thus, the Applicant’s argument that the combination fails to teach or suggest “building a representation of the software genome in a knowledge graph linking granularities of the functional blocks” is, at best, moot.
Third, with respect to the Applicant’s assertion that the combination fails to teach or suggest “building a representation of the software genome in a knowledge graph linking granularities of the functional blocks,” the Examiner respectfully submits that Pedersen discloses “building a representation of the software genome in a graph linking granularities of the functional blocks” (Figure 5; paragraph [0054], “… the presence of individual materials is verified by decomposing the software product in a hierarchical fashion. For example, referring now to FIG. 5, when presented with a top-level software product 500, the top-level software product 500 is decomposed into its components (e.g., the three second-level component materials 5041, 5042, and 5043). Having decomposed the top-level software product 500 into its component materials 5041, 5042, and 5043, attempts are then made to decompose each second level component material 5041, 5042, and 5043 into its own constituent component materials. For example, second-level component material 5041 is decomposed into two third-level components materials 5081 and 5082, and second-level component material 5042 is decomposed into n third-level component materials 5121 to 512n [building a representation of the software genome in a graph linking granularities of the functional blocks]. Attempts are made to decompose each level of component materials as described until the resulting component materials cannot be further decomposed.”). Note that Figure 5 of Pedersen depicts a graph linking granularities of the decomposed components of the software product. A top-level software product is decomposed into its second-level components, and those second-level components are further decomposed into their respective third-level components, and so forth. Thus, one of ordinary skill in the art would readily comprehend that the various levels of decomposed components of the software product are linked in the graph and the granularity of the components become finer as the components get further decomposed.
Therefore, for at least the reasons set forth above, the rejections made under 35 U.S.C. § 103 with respect to Claims 1, 9, and 15 are proper and therefore, maintained.

Conclusion
THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.

Any inquiry concerning this communication or earlier communications from the Examiner should be directed to Qing Chen whose telephone number is 571-270-1071. The Examiner can normally be reached on Monday through Friday from 9:00 AM to 5:00 PM EST.
If attempts to reach the Examiner by telephone are unsuccessful, the Examiner’s supervisor, Wei Zhen, can be reached at 571-272-3708. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Any inquiry of a general nature or relating to the status of this application or proceeding should be directed to the TC 2100 Group receptionist whose telephone number is 571-272-2100.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).

/Qing Chen/
Primary Examiner, Art Unit 2191