Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
1.	Claims 1, 8 and 15 have been amended. Claim 20 has been canceled. Claim 21 was newly added. Claims 1-19 and 21 have been examined.

Continued Examination Under 37 CFR 1.114
2.	A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 06/17/2022 has been entered.
 
Response to Arguments
3.	Applicant’s arguments with respect to claims 1, 8, 15 and 21 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.

Information Disclosure Statement
4.	The information disclosure statement (IDS) submitted on 04/25/2022 was filed after the mailing date of the Final Rejection on 04/18/2022.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

5.	In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

6.	The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

7.	Claims 1-19 are rejected under 35 U.S.C. 103 as being unpatentable over Fava et al. (U.S. Patent Application Publication 2019/0229913; hereafter “Fava”), and further in view of Lin et al. (U.S. Patent Application Publication 2019/0220419; hereafter “Lin”).

	For claim 1, Fava teaches a method comprising:
	receiving, at a secure region of a memory of a processing unit (note paragraphs [0048], [0063] and [0113], data is received in buffer 158 or buffer 204), the secure region physically separate and isolated from other regions of the memory (note Fig. 1 and 2; paragraphs [0030] and [0047], buffer 158 and buffer 204 are physically separate and isolated from system memory by interconnects 172 and 170) such that data overrun of the secure region does not affect code executing at the processing unit (note paragraphs [0063] and [0103], computer instructions are stored in system memory after cryptographic measurement of data in buffer; instructions are loaded into DRAM and/or in-processor cache and would therefore not be affected by data overrun of buffer), first boot code from an external boot source connected to the processing unit via a peripheral interface (note paragraphs [0058] and [0065], boot code is moved from storage device);
	validating the first boot code at the secure region of the memory (note paragraphs [0048], [0063] and [0114]-[0116], boot code data is validated with MAC); and
	transferring the first boot code to a boot memory connected to the processing unit in response to validating the first boot code (note paragraphs [0046], [0063] and [0118], if data is accepted as valid, it is transferred to system memory).

	Fava differs from the claimed invention in that they fail to teach:
	wherein the boot memory is separate from a system memory of the processing unit

	Lin teaches:
	wherein the boot memory is separate from a system memory of the processing unit (note Fig. 1 and paragraph [0021], Secure boot ROM 120, i.e. the boot memory, is separate from first non-volatile memory 130 and first volatile memory 140, i.e. a system memory)

	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the boot code validation of Fava and the separate boot memory and system memory of Lin. It would have been obvious because combining prior art elements (validating a boot code before moving it to memory of Fava; having separate boot and system memories of Lin) would yield the predictable results of validating boot code before transferring it to memory (Fava) where the memory storing the boot code is a boot memory that is separate from the system memory (Lin)


	For claim 8, the combination of Fava and Lin teaches a method, comprising:
	isolating (note paragraphs [0048], [0063] and [0113] of Fava, data is received in buffer 158 or buffer 204) a first boot code received via a peripheral interface (note paragraphs [0058] and [0065] of Fava, boot code is moved from storage device) at a secure region of memory physically separate and isolated from other regions of memory of a processing system (note Fig. 1 and 2; paragraphs [0030] and [0047] of Fava, buffer 158 and buffer 204 are physically separate and isolated from system memory by interconnects 172 and 170) such that a data overrun of the secure region does not affect code executing at the processing system (note paragraphs [0063] and [0103] of Fava, computer instructions are stored in system memory after cryptographic measurement of data in buffer; instructions are loaded into DRAM and/or in-processor cache and would therefore not be affected by data overrun of buffer); and
	transferring the first boot code to a boot memory of the processing system in response to (note paragraphs [0046], [0063] and [0118] of Fava, if data is accepted as valid, it is transferred to system memory) validating a checksum of the first boot code (note paragraphs [0048], [0063] and [0114]-[0116] of Fava, boot code data is validated with MAC), wherein the boot memory is separate from a system memory of the processing system (note Fig. 1 and paragraph [0021] of Lin, Secure boot ROM 120, i.e. the boot memory, is separate from first non-volatile memory 130 and first volatile memory 140, i.e. a system memory).

	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the boot code validation of Fava and the separate boot memory and system memory of Lin. It would have been obvious because combining prior art elements (validating a boot code before moving it to memory of Fava; having separate boot and system memories of Lin) would yield the predictable results of validating boot code before transferring it to memory (Fava) where the memory storing the boot code is a boot memory that is separate from the system memory (Lin)

	

	For claim 15, the combination of Fava and Lin teaches a processing unit to access boot code from an external boot source to bootstrap a processing unit (note paragraphs [0058] and [0065] of Fava, boot code is moved from storage device when booting processor application controller), the processing unit comprising:
	a secure region of memory (note paragraphs [0048], [0063] and [0113] of Fava, data is received in buffer 158 or buffer 204), the secure region physically separate and isolated from other regions of memory (note Fig. 1 and 2; paragraphs [0030] and [0047] of Fava, buffer 158 and buffer 204 are physically separate and isolated from system memory by interconnects 172 and 170) such that a data overrun of the secure region does not affect code executing at the processing unit (note paragraphs [0063] and [0103] of Fava, computer instructions are stored in system memory after cryptographic measurement of data in buffer; instructions are loaded into DRAM and/or in-processor cache and would therefore not be affected by data overrun of buffer), wherein the secure region is configured to receive first boot code from the external boot source via a peripheral interface (note paragraphs [0058] and [0065] of Fava, boot code is moved from storage device); and
	a validation module to validate a checksum of the first boot code (note paragraphs [0048], [0063] and [0114]-[0116] of Fava, boot code data is validated with MAC), wherein the processing unit is to transfer the first boot code from the secure region of memory to a boot memory of the processing unit in response to the validation module validating the checksum (note paragraphs [0046], [0063] and [0118] of Fava, if data is accepted as valid, it is transferred to system memory), wherein the boot memory is separate from a system memory of the processing unit (note Fig. 1 and paragraph [0021] of Lin, Secure boot ROM 120, i.e. the boot memory, is separate from first non-volatile memory 130 and first volatile memory 140, i.e. a system memory).
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the boot code validation of Fava and the separate boot memory and system memory of Lin. It would have been obvious because combining prior art elements (validating a boot code before moving it to memory of Fava; having separate boot and system memories of Lin) would yield the predictable results of validating boot code before transferring it to memory (Fava) where the memory storing the boot code is a boot memory that is separate from the system memory (Lin)


	For claim 2, the combination of Fava and Lin teaches claim 1, further comprising:
	receiving, at the secure region of the memory, second boot code from the external boot source in response to transferring the first boot code to the boot memory (note paragraphs [0040], [0064] and [0130] of Fava, data is moved into buffer as page portions);
	validating the second boot code at the secure region of the memory (note paragraphs [0046], [0066] and [0132]-[0134] of Fava, boot data code is validated with MAC); and
	transferring the second boot code to the boot memory in response to validating the second boot code (note paragraphs [0046], [0066] and [0136] of Fava, if data is accepted as valid, it is transferred to system memory),
	wherein the first boot code comprises a first batch of a plurality of batches of boot code and the second boot code comprises a second batch of the plurality of batches of boot code (note paragraphs [0043], [0064] and [0130] of Fava, data is moved into buffer as page portions).

	For claim 3, the combination of Fava and Lin teaches claim 2, further comprising:
	verifying a signature of the plurality of batches of boot code in response to transferring the plurality of batches of boot code to the boot memory (note paragraph [0074] of Fava, a final signature of the entire boot code is verified); and
	accessing the plurality of batches of boot code at the boot memory to bootload the processing unit in response to verifying the signature of the plurality of batches of boot code (note paragraph [0074] of Fava, final signature is used for certifying boot operations accessing the boot code).

	For claim 4, the combination of Fava and Lin teaches claim 1, further comprising:
	enabling a bus interface  to access the secure region of the memory in response to a request from the external boot source to write boot code to the boot memory (note paragraphs [0035] and [0107] of Fava, bus interface between storage device and buffers of application controller or boot device), wherein
	receiving the first boot code comprises receiving the first boot code via the bus interface (note paragraphs [0048], [0063] and [0113] of Fava, data is received in buffer 158 or buffer 204 through bus interface).

	For claim 5, the combination of Fava and Lin teaches claim 4, further comprising: initializing a controller of the processing unit to enable communication between the secure region and the external boot source in response to enabling the bus interface (note paragraph [0109] of Fava, memory controller is initialized with communications from application controller to manipulate data).

	For claim 6, the combination of Fava and Lin teaches claim 1, wherein the memory comprises a static random access memory (note paragraph [0095] of Fava, static random access memory may be used instead of DRAM).

	For claim 7, the combination of Fava and Lin teaches claim 1, further comprising: restricting transfer of the first boot code to the boot memory in response to failing to validate the first boot code (note paragraphs [0038]-[0039], [0049] and [0140] of Fava, data that fails validation is rejected and not transferred to memory).

	For claim 9, the combination of Fava and Lin teaches claim 8, further comprising:
	isolating second boot code received via the peripheral interface at the secure region of the memory in response to transferring the first boot code to the boot memory (note paragraphs [0040], [0064] and [0130] of Fava, data is moved into buffer as page portions); and
	transferring the second boot code to the boot memory in response to (note paragraphs [0046], [0066] and [0136] of Fava, if data is accepted as valid, it is transferred to system memory) validating a checksum of the second boot code (note paragraphs [0046], [0066] and [0132]-[0134] of Fava, boot data code is validated with MAC),
	wherein the first boot code comprises a first batch of a plurality of batches of boot code and the second boot code comprises a second batch of the plurality of batches of boot code (note paragraphs [0043], [0064] and [0130] of Fava, data is moved into buffer as page portions).

	For claim 10, the combination of Fava and Lin teaches claim 9, further comprising:
	verifying a signature of the plurality of batches of boot code in response to transferring the plurality of batches of boot code to the boot memory (note paragraph [0074] of Fava, a final signature of the entire boot code is verified); and
	accessing the plurality of batches of boot code from the boot memory to bootload the processing system in response to verifying the signature of the plurality of batches of boot code (note paragraph [0074] of Fava, final signature is used for certifying boot operations accessing the boot code).

	For claim 11, the combination of Fava and Lin teaches claim 8, further comprising:
	enabling a bus interface to access the secure region in response to a request from an external boot source to write boot code to the boot memory (note paragraphs [0035] and [0107] of Fava, bus interface between storage device and buffers of application controller or boot device); and
	receiving the first boot code at the secure region via the bus interface (note paragraphs [0048], [0063] and [0113] of Fava, data is received in buffer 158 or buffer 204 through bus interface).

	For claim 12, the combination of Fava and Lin teaches claim 11, further comprising:
	initializing a peripheral interface controller of the processing system to enable communication between the secure region and the external boot source in response to enabling the bus interface (note paragraph [0109] of Fava, memory controller is initialized with communications from application controller to manipulate data).

	For claim 13, the combination of Fava and Lin teaches claim 8, wherein the memory comprises a static random access memory (note paragraph [0095] of Fava, static random access memory may be used instead of DRAM).

	For claim 14, the combination of Fava and Lin teaches claim 8, further comprising: restricting transfer of the first boot code to the boot memory in response to failing to validate the checksum of the first boot code (note paragraphs [0038]-[0039], [0049] and [0140] of Fava, data that fails validation is rejected and not transferred to memory).

	For claim 16, the combination of Fava and Lin teaches claim 15, wherein:
	the secure region is further configured to receive second boot code from the external boot source via the peripheral interface in response to the processing unit transferring the first boot code to the boot memory (note paragraphs [0040], [0064] and [0130] of Fava, data is moved into buffer as page portions); and
	the processing unit is to transfer the second boot code to the boot memory in response to (note paragraphs [0046], [0066] and [0136] of Fava, if data is accepted as valid, it is transferred to system memory) validating a checksum of the second boot code (note paragraphs [0046], [0066] and [0132]-[0134] of Fava, boot data code is validated with MAC),
	wherein the first boot code comprises a first batch of a plurality of batches of boot code and the second boot code comprises a second batch of the plurality of batches of boot code (note paragraphs [0043], [0064] and [0130] of Fava, data is moved into buffer as page portions).

	For claim 17, the combination of Fava and Lin teaches claim 15, wherein:
	the validation module is further to verify a signature of the first boot code in response to transferring the first boot code to the boot memory (note paragraph [0074] of Fava, a final signature of the entire boot code is verified); and
	the processing unit is to access the first boot code from the boot memory to bootload the processing unit in response to the validation module verifying the signature of the first boot code (note paragraph [0074] of Fava, final signature is used for certifying boot operations accessing the boot code).

	For claim 18, the combination of Fava and Lin teaches claim 15, further comprising at least one bus interface for accessing the secure region in response to a request from the external boot source to write boot code to the boot memory (note paragraphs [0035] and [0107] of Fava, bus interface between storage device and buffers of application controller or boot device); and wherein the secure region is configured to receive the first boot code via the at least one bus interface (note paragraphs [0048], [0063] and [0113] of Fava, data is received in buffer 158 or buffer 204 through bus interface).

	For claim 19, the combination of Fava and Lin teaches claim 18, further comprising: a peripheral interface controller to enable communication between the secure region and the external boot source in response to enabling the at least one bus interface (note paragraph [0109] of Fava, memory controller is initialized with communications from application controller to manipulate data).


8.	Claim 21 is rejected under 35 U.S.C. 103 as being unpatentable over the combination of Fava and Lin as applied to claim 15 above, and further in view of Yasue (U.S. Patent Application Publication 2008/0040805).
	For claim 21, the combination of Fava and Lin differs from the claimed invention in that they fail to teach:
	further comprising a bus interface configured to exclusively service the secure region of memory

	Yasue teaches:
	further comprising a bus interface configured to exclusively service the secure region of memory (note paragraph [0034], secure buffer is serviced by an exclusive bus)

	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the combination of Fava and Lin and the secure buffer with an exclusive bus of Yasue. It would have been obvious because combining prior art elements (validating a boot code using secure buffers of Fava; secure buffers are serviced by an exclusive bus of Yasue) would yield the predictable results of validating boot code by transferring the code using isolated buffers (Fava) where the secure buffers are serviced by an exclusive, dedicated bus (Yasue)


Conclusion
9.	The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
	Pearson et al. (U.S. Patent Application Publication 2014/0082724) teaches a separate boot memory and system memory (note Fig. 2).

	Henry et al. (U.S. Patent Application Publication 2009/0293130) teaches secure memory that is serviced by a private bus (note paragraph [0022]).

	Mcdermott (U.S. Patent Application Publication 2005/0091516) teaches secure memory serviced by a private bus (note paragraph [0044]).

10.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to DAVID J PEARSON whose telephone number is (571)272-0711. The examiner can normally be reached 6:00 - 5:30 pm; Monday through Thursday.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi Arani can be reached on (571)272-3787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/David J Pearson/Primary Examiner, Art Unit 2438