DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
No claims have been amended. No claims have been cancelled. Claims 1-12 and 15-22 are pending
Priority
Acknowledgment is made of applicant’s claim for foreign priority under 35 U.S.C. 119 (a)-(d). The certified copy has been filed in parent Application No. DE 10 2018202626.2, filed on 02/21/2018.
Response to Arguments
Applicant's arguments filed on 08/15/22 have been fully considered but they are not persuasive. On page 8 the applicant argued that Neither Abraham or Haase teach or suggest "performing, after determining that a number of conditions comprising the external digital information that comply with the number of rules are present, a parameter setting in the technical system using the external digital information." Examiner respectfully disagrees. Examiner interpreted “update definition” as  external digital information. “update definition” contains approved update configuration(rules) attached with the update package from outside(USB device, pls see col 2 line 60-67;), update definition check rules before installation of update( col 5 line 50-65; Utility 112 is implemented to include a preset update definition 114 for initial processing of the software update. … For example, update definition 114 is used during the initial processing of the software update to determine if the contents of medium 120 are configured properly).  Abraham further describe that after update installation may prepare target device (technical system) with unique utility ( parameter setting)for initiating and performing verification for a future software update (col 6 line 60-67;  Update executable file 128 and/or update files 130 may include new versions of components used by utility 112 to initiate and verify the software update. For example, a new version of update definition 114, private encryption key 116 and/or public signature key 118 may be installed in device 110, potentially along with a new version of utility 112, during the installation and update process. The installation and update process may prepare device 110 for a further update at a future date by being able to provide a unique utility 112 for initiating and performing verification for a future software update.)  Thus, Abraham teaches "performing, after determining that a number of conditions comprising the external digital information that comply with the number of rules are present, a parameter setting in the technical system using the external digital information."

On page 10 the applicant argued that Abraham does not disclose a method for the computer-aided parameterization of a technical system but rather a method for securely deploying a software update package including an executable update program. Examiner respectfully disagrees. Examiner interpreted “new version” as parameter of software. Abraham col 6 line 60-67 teaches registering a unique “new version” thus teaches, a method for the computer-aided parameterization of a technical system.

On same page the applicant argued that Abraham does not disclose "checking, by the test program during installation, whether a number of rules that are stored at least in part in the test program are complied with by external digital information that originates from outside the software package."  Examiner respectfully disagrees. Abraham Col 8 line 50-65 teaches software update programs are checked according to the  update definition. Col 8 line 50-65 further discloses that update definition check certain files identifier located in storage and content of storage media in accordance with update definition. Also col 9 line 0-10 suggest  storage media content goes through a threshold test as per update definition.

On page 9 the applicant further argued that Abraham does not determine "whether the number of external digital information complies with the number of rules." Claims require performing, after determining that a number of conditions comprising the external digital information that comply with the number of rules are present …” Examiner interpreted “update definition” as  external digital information. “update definition” contains approved update configuration(rules) attached with the update package from outside(USB device, pls see col 2 line 60-67;), update definition check rules before installation of update( col 5 line 50-65; Utility 112 is implemented to include a preset update definition 114 for initial processing of the software update. … For example, update definition 114 is used during the initial processing of the software update to determine if the contents of medium 120 are configured properly).  

Applicant is reminded that although during patent examination, the pending claims must be "given their broadest reasonable interpretation consistent with the specification." The Federal Circuit's en banc decision in Phillips v. AWH Corp., 415 F.3d 1303, 75 USPQ2d 1321 (Fed. Cir. 2005) the specification is not read into the claims and the USPTO is to employ the "broadest reasonable interpretation".

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-6, 8, 11-12, 15-20 are rejected under 35 U.S.C. 103 as being unpatentable over Abraham et al(US 9276752 B2) in view of Haase (US 20170293484 A1).

With regards to claim 1, 15 Abraham discloses, A method for computer-aided parameterization of a technical system, wherein a software package is stored on the technical system, wherein the software package is signed with a first digital signature and comprises a test program, wherein the method comprising: 
checking the validity of the first digital signature by the technical system (FIG 3 324 and associated text; ); 
installing, after determining the first digital signature is valid, the software package on the technical system (FIG 3 354 and associated text; ), 
checking, by the test program during installation, whether a number of rules that are stored at least in part in the test program are complied with by external digital information that originates from outside the software package (Col 8 line 50-65; Upon initiation of the secure update process, the target device performs a preliminary predetermined check on the contents of the storage media to verify that the contents are as expected. The expectations relating to the content and character of the files placed on the storage media are defined by an update definition that is previously provided to the target device. For example, the update definition may specify a certain tag or identifier for files located on the storage media, and may specify a particular location for various tags, identifiers or files on the storage media. The check on the content of the storage media in accordance with the updated definition is illustrated in block 314 of flowchart 300 ); and 
performing, after determing that a number of conditions comprising the external digital information that comply with the number of rules are present (Col 9 line 0-10; If the contents of the storage media meet the expectations specified by the update definition, the storage media contents are considered to have passed this threshold test, and the software update installation process can continue, as indicated by the Yes branch being taken from decision block 316.), 

Abraham does not but Haase teaches, 
a parameter setting is performed in the technical system using the external digital information ([0035]; following successful authentication of the first firmware image, storage of the second authentication datum in a persistent memory of the device; erasure of the first firmware component, wherein erasure is controlled by a second firmware component embedded in the microcontroller ). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify Abraham method with teaching of Haase in order to ensuring the integrity of all firmware/software components involved, without exception, is therefore crucial for ensuring the complete integrity of the system (Haase [0010])

With regards to claim 2, 16, Abraham further discloses, wherein the external digital information comprises configuration data that influence the operation of the technical system (FIG 1 114 and associated text; Col 5 line 55-67; For example, update definition 114 is used during the initial processing of the software update to determine if the contents of medium 120 are configured properly. ).

With regards to claim 3, 17 Abraham further discloses, wherein the configuration data specify a respective parameter value for at least one configuration parameter of the technical system  (FIG 1 114 and associated text; Col 5 line 55-67; For example, update definition 114 may include a literal or hardcoded identifier that specifies one or more of a folder location, a file location, a data location in a file or a data location defined by the hardware characteristics of medium 120 or the hardware mechanisms used to access medium 120. According to an exemplary embodiment, medium 120 may be organized with a file allocation table (FAT) file system or an NTFS (new technology file system) file system. In accordance with such a FAT or NTFS file system, update definition 114 may define a file name or code and/or a directory or folder in which the file or code is located.) and wherein a rule that the respective parameter value is permissible in the technical system is stored as a rule to be complied with in the number of rules (Col 5 line 55-67; Utility 112 may look for the particular file names or codes that are contained within storage medium 120 as an initial test to determine if the contents of medium 120 are as expected. As an example, utility 112 may look for a file with a name of update.exe, or a tag of <update1> in an XML file in accordance with update definition 114 to determine if the contents of medium 120 are approved.).

With regards to claim 4, 18 Abraham further discloses, wherein one or more of the rules from the number of rules are contained in the external digital information (Col 8 line 50-65; Upon initiation of the secure update process, the target device performs a preliminary predetermined check on the contents of the storage media to verify that the contents are as expected. The expectations relating to the content and character of the files placed on the storage media are defined by an update definition that is previously provided to the target device.).

With regards to claim 5, 19 Abraham further discloses, wherein the test program contains one or more specifications, wherein a portion of the rules that is checked for compliance is selected from a set of rules in the external digital information (Col 9 line 0-15; If the contents of the storage media meet the expectations specified by the update definition, the storage media contents are considered to have passed this threshold test, and the software update installation process can continue, as indicated by the Yes branch being taken from decision block 316. The software update installation process continues with the retrieval of the digital signature and the first data block representing the encrypted session key from the package document to permit authentication of the update package, as illustrated in block 320.).

With regards to claim 6, 20 Abraham further discloses, wherein the software package, the external digital information, or the software package and the external digital information is transferred from a portable data carrier to the technical system via a predefined communication interface (Col 2 line 66 to col 10 line 6;  The software update can be applied using an external hardware device, such as may be attached to an input/output port of the device to be updated. Examples of the external hardware device include serial or parallel port-connectable devices, USB type devices, such as USB flash drives, as well as any other portable, connectable hardware devices that can store a software update package..
With regards to claim 8 Abraham further discloses wherein the number of conditions comprises at least a condition including at least one of wherein the technical system has includes at least one of a permissible identification, a permissible state (Abraham FIG 3 316 and associated text; ), or a permissible identification and permissible state,  wherein  a current time of the installation of the software package is within a permissible time window, wherein the technical system includes has a permissible state following installation of the software package, or wherein the external digital information is assigned to at least two different people. 

With regards to claim 11 Abraham further discloses wherein the software package contains (FIG 1 120), in addition to the test program (FIG 1 122), further software  that is installed (FIG 1 120 ) when the number of conditions are present in the course of the installation of the software package on the technical system (FIG 1 114 and associated text; Col 5 line 60- col 6 line 15; (10) Update definition 114 may indicate a specific storage location on medium 120 for the storage of specific data expected by utility 112 upon initiation of the software update. For example, update definition 114 may include a literal or hardcoded identifier that specifies one or more of a folder location, a file location, a data location in a file or a data location defined by the hardware characteristics of medium 120 or the hardware mechanisms used to access medium 120. According to an exemplary embodiment, medium 120 may be organized with a file allocation table (FAT) file system or an NTFS (new technology file system) file system. In accordance with such a FAT or NTFS file system, update definition 114 may define a file name or code and/or a directory or folder in which the file or code is located. Utility 112 may look for the particular file names or codes that are contained within storage medium 120 as an initial test to determine if the contents of medium 120 are as expected ).
With regards to claim 12, Abraham in view of Haase further discloses,  wherein the technical system comprises one of a charging column for charging electric vehicles, a traffic signal installation, an electrical energy generation installation or a control system for an industrial automation installation (Haase [0004] Automation solutions consist of a plurality of independent subcomponents, such as controllers, sensors, network infrastructure components such as routers, etc. These subcomponents can each be designed separately as an individual device of measurement and control technology or also be at least partially integrated into a device. Today, each of these subcomponents typically contains its own software components so-called firmware. In addition, each individual device, such as a field device for pH measurement, can also be composed of several submodules that each contains its own firmware for example, a subsystem having a microcontroller for each fieldbus interface, a subsystem for measured value signal processing, as well as a subsystem for analog-digital conversion. The firmware is embedded in the microcontroller in each case. In addition to the integrity of the data transfer to the communication interfaces (fieldbus, Ethernet, wireless HART, etc.) of devices or subcomponents, the integrity of the measured value processing in the subcomponents (transmitter, sensor) is crucial for the accuracy of the measurement.). 


Claim 7 is/are rejected under 35 U.S.C. 103 as being unpatentable over Abraham et al(US 9276752 B2) in view of Haase (US 20170293484 A1) and In view of  Jang et al(US 20150134970 A1).

With regards to claim 7, Abraham in view of Haase do not but wherein the external digital information comprises digital data that are signed with a second digital signature (Jang [0131] Referring to FIG. 12, a firmware image file 300e may include a data area 330 and a second digital signature 340 for the data area 330. [0133] The second digital signature 340 may be generated by applying one or more various encryption algorithms to the data area 330. ), wherein the number of rules comprises at least a rule to be complied with whereby the second digital signature is valid ([0135] In this case, the application processor 100 may verify the integrity of the firmware image file 300e using the second digital signature 340.)  It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify Abraham in view of Haase’s method with teaching of Jang in order to secure the integrity (Jang [0144])

Allowable Subject Matter
Claims 9-10, 21-22 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOHAMMED WALIULLAH whose telephone number is (571)270-7987. The examiner can normally be reached 8.30 to 430 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on 1-571-272-8878. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MOHAMMED WALIULLAH/Primary Examiner, Art Unit 2498