Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
This office action is in response to the communication filed on 1/21/2020.
Claims 1-20 have been examined.

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.


(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 1-20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Parkinson (Multicore MILS – Evolution of the multiple independent levels of security software architecture to enable multi-level secure multicore systems).
Regarding claim 1, Parkinson disclosed a high assurance kernel, comprising: 
at a safety certified hypervised system using a separation kernel (Parkinson Section IV for example): 
a first level of the separation kernel configured to perform first security features associated with a hypervisor, the first level configured to run on a primary core (Parkinson Section IV for example); and 
a second level of the separation kernel configured to augment the first security features with second security features, the second level implemented on a separate protected component from the primary core, the first level and the second level communicating with one another through a physical separation between the first and second levels (Parkinson Sections III.5 and IV for example).
Regarding claim 11, Parkinson disclosed an electronic device, comprising: 
a memory arrangement (Parkinson Section III for example); and 
a processor configured to run a safety certified hypervised system using a separation kernel, the separation kernel including a high assurance kernel, the high assurance kernel (Parkinson Section IV for example) comprising: 
a first level of the separation kernel configured to perform first security features associated with a hypervisor, the first level configured to run on a primary core (Parkinson Section IV for example); and 
a second level of the separation kernel configured to augment the first security features with second security features, the second level implemented on a separate protected component from the primary core, the first level and the second level communicating with one another through a physical separation between the first and second levels (Parkinson Sections III.B.5 and IV for example).
Regarding claim 20, Parkinson disclosed a high assurance kernel, comprising: 
at a safety certified hypervised system using a separation kernel(Parkinson Section IV for example): 
a first level of the separation kernel configured to perform first security features associated with a hypervisor, the first level configured to run on a primary core (Parkinson Section IV for example); 
a second level of the separation kernel configured to augment the first security features with second security features, the second level implemented on a separate protected component from the primary core, the first level and the second level communicating with one another through a physical separation between the first and second levels (Parkinson Sections III.B.5 and IV for example); and 
a third level of the separation kernel configured as a virtual machine to perform third security features associated with the hypervisor, the second level and the third level communicating with one another through a further physical separation between the second and third levels (Parkinson Sections III.B.5 and IV for example).

Regarding claim 2 and 12, Parkinson disclosed that the first security features comprise a resource utilization protection, an access control, a fault isolation, a safety audit logging, a safe inter-partition communication messaging, or a combination thereof (Parkinson Sections 1.A and IV for example).
Regarding claims 3 and 13, Parkinson disclosed that the second security features comprise a secure messaging between partitions of the hypervised system, a security audit logging, a trusted initialization of the high assurance kernel, an attestation, a use of cryptographic functions, a creation of reliable time stamps, or a combination thereof (Parkinson Section IV for example).
Regarding claims 4 and 14, Parkinson disclosed that the hypervised system includes a two level scheduler (Parkinson Section III.B.4 for example).
Regarding claims 5 and 15, Parkinson disclosed that the two level scheduler includes a module operating system for a virtual machine of the hypervised system and a partition operation system for within the virtual machine of the hypervised system (Parkinson Sections I.B, III.B.4 and IV for example – Guest OSs, Linux, and hosted operating system for example).
Regarding claims 6 and 16, Parkinson disclosed a third level of the separation kernel configured as a virtual machine to perform third security features associated with the hypervisor (Parkinson Sections I.B and IV for example).
Regarding claims 7 and 17, Parkinson disclosed that the third security features comprise an attestation of the hypervised system, a harvesting of logs, a processing for commands and responses from the high assurance kernel (Parkinson Section IV for example).
Regarding claims 8 and 18, Parkinson disclosed that the first level is protected by an onboard memory management unit function of the processor executing the hypervised system (Parkinson Sections I.B and  IV for example).
Regarding claims 9 and 19, Parkinson disclosed that the second level is protected by a physical messaging protocol defined by a platform on which the hypervised system is running (Parkinson Sections III.B.5 and IV for example).
Regarding claim 10, Parkinson disclosed at least one of a secure boot sequence and a trusted boot sequence (Parkinson section III.B.3 for example).

Conclusion
Claims 1-20 have been rejected.
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
US 2012/0066509 disclosed a multi-level security software architecture involving use of separation kernels including a domain separator which provides for secure communication between the domains.
US 2016/0070658 disclosed a multi-level hardware enforced domain separation using a separation kernel on a multicore processor, including a secure boot sequence.
US 2016/0364341 disclosed a virtualization based platform protection system including various trusted and untrusted domains.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MATTHEW T HENNING whose telephone number is (571)272-3790. The examiner can normally be reached Monday- Thursday 9AM-5PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on (571)272-3972. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MATTHEW T HENNING/            Primary Examiner, Art Unit 2491