DETAILED ACTION

The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendment

A preliminary amendment was received concurrently with the filing of the present application.  By this amendment, Claims 6-8, 13, 14, 16, and 19 have been amended.  Claims 20-25 have been canceled.  New Claims 26-31 have been added. Claims 1-19 and 26-31 are currently pending in the present application.

Priority

The present application is a national stage entry under 35 U.S.C. 371 of International Application PCT/CN2017/117970, filed 22 December 2017.

Information Disclosure Statement

The information disclosure statement (IDS) submitted on 02 September 2020 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.  US Patent Application Publication citations 3 and 4 include publication numbers that do not correspond to existing US Patent Application Publication documents, and therefore have not been considered.

Drawings

The drawings are objected to as failing to comply with 37 CFR 1.84(p)(5) because they include the following reference character(s) not mentioned in the description: 255 (Figure 2), 608 (Figure 6).  Corrected drawing sheets in compliance with 37 CFR 1.121(d), or amendment to the specification to add the reference character(s) in the description in compliance with 37 CFR 1.121(b) are required in reply to the Office action to avoid abandonment of the application.
The drawings are objected to as failing to comply with 37 CFR 1.84(p)(5) because they do not include the following reference sign(s) mentioned in the description: 400 (see page 24, line 24).  Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. 
The drawings are objected to because they include informalities.  In Figure 3, it is not clear what the distinction is between elements 304 and 306.  In Figure 5, it is not clear how to determine which branch to take from step 510.  In Figure 6, step 610 is depicted as a decision but does not include a branch for if there is a match.  Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application.
Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. The figure or figure number of an amended drawing should not be labeled as “amended.” If a drawing figure is to be canceled, the appropriate figure must be removed from the replacement sheet, and where necessary, the remaining figures must be renumbered and appropriate changes made to the brief description of the several views of the drawings for consistency. Additional replacement sheets may be necessary to show the renumbering of the remaining figures. Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement Sheet” or “New Sheet” pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance.

Specification

The abstract of the disclosure is objected to because it includes informalities.  In particular, in line 7, in the phrase “a firmware”, “a” should be deleted because firmware is an uncountable noun that does not take the indefinite article.  Correction is required.  See MPEP § 608.01(b).
The disclosure is objected to because of the following informalities:  
The specification does not include a brief summary of the invention as per 37 CFR 1.73.  See also MPEP § 608.01(d).  If a summary was intentionally omitted, Applicant is requested to make a statement confirming this on the record.
The specification includes minor grammatical and other errors.  For example, on page 1, line 6, and throughout the specification, it appears that “that” should be inserted after “It will be appreciated”.  On page 1, line 18, the phrase “and start over” is not grammatically clear in context.  On page 1, line 26, the abbreviation “IA” is used without having been defined.  On page 4, line 5, it appears that “with” should be inserted after “familiar”.  On page 4, line 14, it appears that “ram” should read “RAM”.  On page 5, line 6, the antecedents of “its” and “it” are unclear given the plural “Platforms”.  On page 5, line 13, and throughout the specification, in “a firmware”, “a” should be deleted because the uncountable noun firmware does not take the indefinite article.  See also page 5, lines 9-10, “an updated uncorrupted firmware”, where “an” should be deleted, and throughout the specification where “a” or “an” before “firmware” should be deleted.  On page 6, line 11, the tense of the verbs “identify, retrieve, and prepare” is not clear in context.  On page 6, lines 27-28, the phrase “and that the database is illustrated” is not grammatically clear in context.  On page 8, line 22, the phrase “will appreciated” is grammatically unclear.  On page 13, line 19, the abbreviation “FPD” has not been defined.  On page 14, line 15, the abbreviation “EMC” has not been defined.  On page 16, line 4, the abbreviation “PGU” is used before being defined.  On page 24, line 24, reference is made to an environment including a flowchart, but it is not clear what the “environment” would actually entail.  See also with respect to the descriptions of Figures 5 and 6.
Appropriate correction is required.  The above is not intended as an exhaustive list of errors in the specification.  The lengthy specification has not been checked to the extent necessary to determine the presence of all possible minor errors. Applicant’s cooperation is requested in correcting any errors of which applicant may become aware in the specification.
The use of the numerous terms, such as Intel AMT, Intel vPro, ARM Trusted Firmware, Intel Pentium, Core, Xeon, Atom, Core M, AMD, Epyc, Ryzen, Apple A Series, etc., Qualcomm Snapdragon, FireWire, Thunderbolt, which are trade names or marks used in commerce, has been noted in this application. The terms should be accompanied by the generic terminology; furthermore the terms should be capitalized wherever they appear or, where appropriate, include a proper symbol indicating use in commerce such as ™, SM , or ® following the term.
Although the use of trade names and marks used in commerce (i.e., trademarks, service marks, certification marks, and collective marks) is permissible in patent applications, the proprietary nature of the marks should be respected and every effort made to prevent their use in any manner which might adversely affect their validity as commercial marks.

Claim Objections

Claims 1, 2, 9, 10, 16, 19, 26, 29, and 31 are objected to because of the following informalities:  
In Claim 1, line 1, the word “a” should be deleted from “a firmware”, and in line 9, “an” should be deleted from “an updated firmware”, because the uncountable noun “firmware” does not take the indefinite article.
In Claim 2, the abbreviation “GUID” is used without being written out in full.
In Claim 9, line 1, the word “a” should be deleted from “a firmware”, and in line 9, “an” should be deleted from “an updated firmware”, because the uncountable noun “firmware” does not take the indefinite article.
In Claim 10, the abbreviation “GUID” is used without being written out in full.
In Claim 16, line 5, the word “a” should be deleted from “a bad firmware”.
In Claim 19, line 2, the word “a” should be deleted from “a new firmware”.
In Claim 26, line 1, the word “a” should be deleted from “a firmware”, and in line 10, “an” should be deleted from “an updated firmware”, because the uncountable noun “firmware” does not take the indefinite article.
In Claim 29, line 4, the word “a” should be deleted from “a bad firmware”.
In Claim 31, line 2, the word “a” should be deleted from “a new firmware”.
Appropriate correction is required.

Claim Rejections - 35 USC § 112

The following is a quotation of 35 U.S.C. 112(b):

(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

Claims 1-19 and 26-31 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claim 1 recites “comprising the system to” in line 3 and recites functions following this; however, there are no structural limitations described for the system, and therefore, the bounds of the claimed system are not clear.  Further, it is not clear what the subject of this phrase is intended to be, i.e. it is not clear what comprises the system.  The claim further recites “establish communication… with selected ones of the firmware agent or the device manager” in lines 6-7.  This is grammatically unclear as to how many elements are required to establish communication.  The above ambiguities render the claim indefinite.
Claim 2 recites “a selected one or more of a GUID” in lines 1-2.  This is grammatically unclear.
Claim 3 recites “any of claims 1” in line 1.  This is grammatically unclear, although it is assumed that Claim 3 is intended to depend from Claim 1.
Claim 5 recites “any of claims 1” in line 1.  This is grammatically unclear, although it is assumed that Claim 5 is intended to depend from Claim 1.  Claim 5 further recites “the firmware” in line 3.  It is not clear whether this is intended to refer to the firmware before or after the update.
Claim 6 recites “an operating system” in line 2.  It is not clear whether this is intended to refer to the same operating system as in Claim 1 or to a distinct OS.  Claim 6 further recites “the system further comprising to” inline 2.  This is grammatically unclear and not in proper idiomatic English.  The claim further recites “a selected one or more of the receive the validity indicator or the update the firmware” in lines 4-5.  First, it is not clear what “one or more of” is intended to modify.  Further, the phrases “the receive” and “the update” are not grammatically clear.
Claim 7 recites “further comprising to” in lines 1-2.  This is grammatically unclear.  The claim further recites “of the firmware in use by the device” in line 5.  It is not clear what this phrase is intended to modify.
Claim 8 recites “if new, to store a copy” in line 3.  It is not grammatically clear how this phrase relates to the remainder of the claim.  The claim further recites “the firmware” in line 3.  It is not clear whether this is intended to refer to the firmware before or after the update.  The claim additionally recites “and perform out of band vulnerability scans” in lines 3-4.  It is not clear whether this is coordinated with the phrase “if new” or a different portion of the claim.
Claim 9 recites “establishing communication… with selected ones of the firmware agent or the device manager” in lines 6-7.  This is grammatically unclear as to how many elements are required to establish communication.  The above ambiguities render the claim indefinite.
Claim 10 recites “a selected one or more of a GUID” in lines 1-2.  This is grammatically unclear.
Claim 12 recites “any of claims 9” in line 1.  This is grammatically unclear, although it is assumed that Claim 12 is intended to depend from Claim 9.
Claim 13 recites “an operating system” in line 3.  It is not clear whether this is intended to refer to the same operating system as in Claim 9 or to a distinct OS.  Claim 13 further recites “a selected one or more of receiving the validity indicator or updating the firmware” in lines 4-5.  It is not clear what “one or more of” is intended to modify.
Claim 14 recites “of the firmware in use by the device” in line 5.  It is not clear what this phrase is intended to modify.
Claim 15 recites “any of claims 14” in line 1.  This is grammatically unclear, although it is assumed that Claim 15 is intended to depend from Claim 14.  The claim additionally recites “if new, to store a copy” in line 3.  It is not grammatically clear how this phrase relates to the remainder of the claim.  The claim further recites “the firmware” in line 3.  It is not clear whether this is intended to refer to the firmware before or after the update.  The claim additionally recites “and perform out of band vulnerability scans” in lines 3-4.  It is not clear whether this is coordinated with the phrase “if new” or a different portion of the claim.
Claim 16 recites “an out of band a scan” in line 3.  This is grammatically unclear and not in proper idiomatic English.  The claim further recites “the firmware” in lines 3 and 4.  It is not clear whether this is intended to refer to the firmware before or after being updated.
Claim 17 recites “a potentially unwanted program operation” in lines 1-2.  The phrase “potentially unwanted” is ambiguous as to whether or not it is unwanted, and further, is subjective because it is not defined by whom or by what the operation would be unwanted.  See MPEP § 2173.05(b).
Claim 19 recites “an out of band a scan” in line 3.  This is grammatically unclear and not in proper idiomatic English.
Claim 26 recites “establishing communication… with selected ones of the firmware agent or the device manager” in lines 7-8.  This is grammatically unclear as to how many elements are required to establish communication.  The above ambiguities render the claim indefinite.
Claim 27 recites “an operating system” in line 2.  It is not clear whether this is intended to refer to the same operating system as in Claim 26 or to a distinct OS.  Claim 27 further recites “a selected one or more of receiving the validity indicator or updating the firmware” in lines 4-5.  It is not clear what “one or more of” is intended to modify.
Claim 28 recites “of the firmware in use by the device” in line 4.  It is not clear what this phrase is intended to modify.
Claim 29 recites “an out of band a scan” in line 2.  This is grammatically unclear and not in proper idiomatic English.  The claim further recites “the firmware” in lines 2 and 3.  It is not clear whether this is intended to refer to the firmware before or after being updated.
Claim 31 recites “an out of band a scan” in line 3.  This is grammatically unclear and not in proper idiomatic English.
Claims not specifically referred to above are rejected due to their dependence on a rejected base claim.

Claim Rejections - 35 USC § 102

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.

Claims 1-19 and 26-31 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Brickell et al, US Patent Application Publication 2012/0137137.
In reference to Claim 1, Brickell discloses a system for validating firmware of a device that includes determining a signature corresponding to a portion of the firmware (see paragraphs 0079, 0113); establishing communication with a firmware agent or device manager (paragraph 0154, manageability engine); determining a validity indicator based on the signature (paragraph 0079, verifying firmware); and accessing  updated firmware based on the validity indicator and updating the firmware (paragraphs 0079-0080, updating).
In reference to Claim 2, Brickell further discloses a GUID or vulnerability signature (paragraph 0079).
In reference to Claims 3-5, Brickell further discloses providing the signature and that the validity indicator is based on a the signature (paragraph 0079).
In reference to Claim 6, Brickell further discloses interrupting a boot process and loading the operating system after updating the firmware (see paragraph 0077).
In reference to Claim 7, Brickell further discloses sending the signature, receiving the validity indicator, and pushing the updated firmware (paragraphs 0079-0080).
In reference to Claim 8, Brickell further discloses identifying a new signature and storing firmware in a database to scan (paragraphs 0079-0080).

Claims 9-15 are directed to methods corresponding substantially to functionality of the systems of Claims 1-8, and are rejected by a similar rationale, mutatis mutandis.
In reference to Claims 16-19, Brickell further discloses performing a scan of the firmware and determining a vulnerability and recording the validity indicator (paragraphs 0079-0080).
Claims 26-31 are directed to software implementations of the methods of Claims 9, 13, 14, 16, 18, and 19, respectively, and are rejected by a similar rationale.

Conclusion

The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Lazarowitz, US Patent 8869282, discloses a system for anti-malware support during firmware updates.
Smith et al, US Patent 10313134, discloses a system that includes firmware updates to patch security vulnerabilities.
Marnfeldt, US Patent 10819713, discloses a device having firmware that can be updated to patch identified vulnerabilities.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to Zachary A Davis whose telephone number is (571)272-3870. The examiner can normally be reached Monday-Friday, 9:30am-6:00pm, Eastern Time.
Examiner interviews are available via telephone and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on (571) 272-4006. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/Zachary A. Davis/Primary Examiner, Art Unit 2492