DETAILED ACTION
	Claims 23-42 are pending. Claims 1-22 are canceled. Claim 23-36 are amended. This is in response to Applicant’s Request for Continued Examination filed on September 21, 2022.

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on September 21, 2022 has been entered.
 
Response to Arguments
Applicant’s argument with respect to claims 23 and 33 has been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument. 

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.


Claims 23-29, 33-39 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by PG Pub 20170185777 (hereinafter Li)
 	Regarding claim 23, Li discloses a non-transitory computer-readable medium including instructions that, when executed by at least one processor, cause the at least one processor to perform operations for customized code execution flow integrity for a controller, comprising: 
 	embedding, in a controller, customized and controller-specific code execution flow inspection code (Fig. 1 and par. [0020]-[0033] disclose a system to detect malware using the self-check policy enabling generation of callbacks when certain branch instructions execute (any appropriate code segment that may depend on and/or alter an execution flow at a particular point) in a processor (e.g. controller) such as an embedded processor as shown in Fig. 4 and par. [0043]-[0049]), the controller-specific code execution flow inspection code being configured to: 
compare code execution requests of the controller to a map of permitted sequences of at least one of process calls or function calls for execution on the controller (par. [0033]-[0036] discloses “…Self-check application 124 can receive self-check policy information 114 stored in memory. Self-check policy
information can include a white list 116 of allowable execution instructions and register locations. The self-check policy 114 can be used by the self-check application 124 to prevent an undesirable indirect branch execution… The self-check policy 114 can include a set of authorized or permitted memory address spaces. In some cases, the self-check policy 114 can include a whitelist 116 of authorized memory address spaces for critical function calls or indirect branch calls. In the owned policy callback, the application knows how critical function calls exactly happen and it can define very accurate policy check to block any unexpected branch transfer”); 
determine whether the code execution requests conflict with the map of permitted  sequences of at least one of process calls or function calls  for execution on the controller (par. [0040] discloses “If the self-check application determines that there is an impermissible indirect branch execution, the executable application can skip that instruction set…”); and implement, based on the determination, a control action to prevent the code execution requests that conflict with the map of permitted sequences of at least one of process calls or function calls from being executed on the controller (par. [0041] discloses ”… the self-check application first defines owned policy callbacks [e.g. permitted callbacks]… Before indirect branches are called, the self-check application registers owned callback before calling into critical functions… The self-check application can evaluate the indirect branch based on the owned policy callback (356). The self-check application can determine whether to block or allow the function call based on the policy callback …”).  

 	Regarding claim 24, Li discloses obtaining software stack information associated with the code execution requests; and comparing the code execution requests to the map of permitted sequences comprises comparing the software stack information to the map of permitted sequences (par. [0034]-[0035] disclose a self-check callback stack maintaining a callback stack, which keeps all registered callbacks).

	Regarding claim 25, Li discloses wherein the map of permitted sequences is based on a build process for the controller (par. [0021]-[0022] discloses the application can be applied to an application-specific integrated circuit).  

 	Regarding claim 26, Li discloses wherein the map of permitted sequences is based on a static analysis of binary code installed on the controller (par. [0029] discloses using binary translation for the detection).  

 	Regarding claim 27, Li discloses wherein the embedding includes integrating the controller-specific code execution flow inspection code into executable code installed on the controller (par. [0021]-[0022] discloses the system can be implemented on an application-specific integrated circuit).  

 	Regarding claims 28-29, Li discloses wherein the operations further comprise accessing signatures associated with the code execution requests and
 wherein the operations further comprise comparing the signatures with a database of approved signatures (par. [0036] discloses using whitelist).  

 	Claims 33-39 are rejected in view of claims 23-29 rejections respectively.
 	
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

	Claims 30-32 and 40-42 are rejected under 35 U.S.C. 103 as being unpatentable over Li in view of PG Pub 20150191135 (hereinafter Ben Noon)
 	Regarding claim 30, Li does not disclose wherein a hook registered with a kernel of the controller is configured to redirect processing of the controller to a process verification function. Ben Noon discloses a plurality of Watchmen as a hardware component to monitor CAN bus messages but can also be hosted in an operating system of CAN in-vehicle communication network and is hooked into positions in the operating system (Summary, Figs. 1-2 and par. [0050]-[0055] and [0078] disclose information received by the hook(s) that enable the Watchman to perform a security verification).  Therefore, it would have been obvious before the effective filing date of the claimed invention to modify Li with Ben Noon to further teach the aforementioned feature. One would have done so to provide the detection utilization that can be a standalone device or integrated into the vehicle operating system computer by using hooks.

 	Regarding claim 31, Ben Noon further discloses wherein the process verification function is configured to return processing of the controller following the process verification function (par. [0078] states “…The received information may enable the Watchman to perform a security verification prior to performing a potentially damaging activity on the system…”; moreover, Fig. 2B at steps 117 and 118 discloses the inspection by a Watchman if the message is normal it will be return to the CAN bus to carry out the request, if the message is not normal it will not be returned to the CAN bus for normal processing).

 	Regarding claim 32, the combination of Li and Ben Noon further discloses wherein the process verification function is configured to determine signatures associated with the code execution requests (Li, par. [0036] discloses the self-check policy includes a whitelist of authorized memory address spaces for critical function calls or indirect branch calls as requests).

	Claims 40-42 are rejected in view of claims 30-32 rejections respectively.

Inquiry communication
Any inquiry concerning this communication or earlier communications from the examiner should be directed to TRI M TRAN whose telephone number is (571)270-1994.  The examiner can normally be reached on Mon-Fri: 9am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Nickerson can be reached on (469)295-9235.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/TRI M TRAN/Primary Examiner, Art Unit 2494