DETAILED ACTION

Continued Examination Under 37 CFR 1.114
1.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 07/13/2022 has been entered. 
2.	Claims 1-15 are pending.

Notice of Pre-AIA  or AIA  Status
3.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 

Response to Applicant’s Arguments
3.	Applicant’s arguments are moot in view of new ground of rejection rendered below.

Claim Rejections - 35 USC § 103
4.	In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
5.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

6.	The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

7.	Claims 1-3, 6-8, 11-15 are rejected under 35 U.S.C. 103 as being unpatentable over US 20140115292 McLachlan et al. (“McLachlan”) in view of US 20140082373 Colnot (“Colnot”), and further in view of US 2007/0101096 Gorobets.

Regarding claim 1, method, comprising: dividing a firmware image into a set of chunks sized to fit into memory blocks of a firmware memory of a device, 
assigning members of the set of chunks to respective memory blocks based, on a first security value associated with the device; storing the members of the set of chunks in their respective memory blocks to create a firmware content; and obfuscating the firmware content.
McLachlan discloses obfuscating Memory Management Unit 420, which breaks the memory accesses into scattered and intertwined components and teaches multiple encoders (e.g., #1 Encoder 422 through #N Encoder 430) can be configured to translate multiple memory translation requests in an unrelated fashion, such that each memory allocation is translated in a different manner based on encoder assignment and configuration. This arrangement breaks the relationship between process data and the logical structure of the data's organization in memory, such that the Program Heap Allocations 445 are arranged in a nondeterministic manner in system memory. In one embodiment, a #1 Encoder 422 can be configured to reorder the elements of a fixed range of memory, while a #2 Encoder 424 can be configured to use a complex algorithm to scramble individual bytes of a memory allocation across a range of memory. Additionally, a #3 Encoder can be configured to automatically encrypt data written to memory, while automatically decrypting data during a memory read, such that the memory is encrypted while stored in memory, but the encryption is abstracted from the application's programmer, and any users of the application ([0030-0036], fig. 4-9).
Examiner notes McLachlan does not explicitly recite firmware image or firmware content. Examiner understands the firmware content or image is referring to data and McLachlan meets those limitations however for clarity of record, Colnot is used to teach the firmware image limitations.
Colnot teaches a firmware "image" refers to a single file containing the complete contents of a software object. In an embodiment, a firmware image is created by creating a complete sector-by-sector copy of a source medium, thereby perfectly replicating the structure and contents of the stored firmware, Colnot [0029].
McLachlan and Colnot are analogous to firmware in a computing device. Thus it would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the invention of McLachlan with Colnot for the purposes of providing encrypting to firmware content to prevent the device from untethered jailbreaking, resulting in a more efficient processor, see Colnot [0029].
	McLachlan as modified do not explicitly disclose wherein the firmware memory comprises non-volatile hardware memory; and the fact that block chunks are in the firmware memory of the device as described as non-volatile memory. However, in analogous art Gorobets disclose wherein the firmware memory comprises non-volatile hardware memory; and the fact that block chunks are in the firmware memory of the device as described as non-volatile memory (see Gorobets Par. [0032-0033, 0037] disclose the firmware memory could be non-volatile memory of different types that are “block addressable”).
Thus it would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the invention of McLachlan as modified with Gorobets’s non-volatile hardware memory types for the purposes of firmware memory that are block addressable (see Gorobets [0032]).


Regarding claim 2, McLachlan teaches where the first security value is a value unique to the device (The encoders can each map to one or more address blocks (e.g., 651-658) in a memory heap 650 [0033, 0035, and 0038]).

Regarding claim 3, McLachlan teaches where the first security value is one of, a serial number of the device, a media access control address, a universally unique identifier (UUID) of a system processor of the device, a serial number of a subcomponent of the device, a global system for mobile communications (GSM) radio identifier, and a security processor identifier (the Address Scrambling Encoder 922, a mapping the byte allocations is maintained to enable address decode for a memory read. It will be noted that specific implementations of encoders, or specific implementations of encoder refresh, are not unique to any one implementation or embodiment of the Obfuscating Heap Memory Management Unit (e.g., 615-915 as illustrated in FIG. 6 through FIG. 9) and the invention is not limited as such. In addition to address encoding, in one embodiment, a Data Encryption Encoder 923 is present that can perform real time data encryption and decryption instead of, or in addition to address obfuscation such that the underlying data at the obfuscated address is encrypted during authorized memory writes and decrypted during authorized memory reads [0033, 0035, 0038]).

Regarding claim 6, McLachlan teaches a device, comprising: a firmware data store for storing firmware instructions having a first ordering, where the firmware data store is divided into a s addressable blocks, where the firmware instructions are segmented into a set of chunks, where the chunks are stored in respective blocks of the firmware memory according to an assignment scheme based on a first security value associated with the device, and where the chunks are obfuscated based on a second security value associated with the device,
A de-obfuscation module to use the second security value to de-obfuscate the chunks of firmware instructions; and a firmware reconstruction module to load the firmware instructions for execution by accessing the chunks from their respective blocks in an order determined based on the first security value so that the chunks are accessed in the first ordering. (Obfuscating Heap Memory Management Unit 915, in which processor logical addresses are converted to memory physical addresses according to memory obfuscation logic represented by one or more encoders in an encoder block 920. For example, an encoder E0 in the encoder block 920 can be configured to implement a Reverse Address Index encoder 921 that maps linear addresses in reverse order across a range of physical addresses. In one embodiment of a Reverse Address Index encoder 921, for a specific address range of a specific size, the lowest linear addresses of the allocation corresponds to the highest physical address of an allocation, and as the linear addresses increment, the physical addresses decrement within the memory allocation. Regarding a first and second security value, abstraction unit, to translate a first memory address to a second memory address, wherein the relationship between the first memory address and the second memory address [0030]-[0036], abstract, claims 1-3, and fig. 4-9).
Examiner notes McLachlan does not explicitly recite firmware image or firmware content. Examiner understands the firmware content or image is referring to data and McLachlan meets those limitations however for clarity of record, Colnot is used to teach the firmware image limitations.
Colnot teaches a firmware "image" refers to a single file containing the complete contents of a software object. In an embodiment, a firmware image is created by creating a complete sector-by-sector copy of a source medium, thereby perfectly replicating the structure and contents of the stored firmware, Colnot [0029].
McLachlan and Colnot are analogous to firmware in a computing device. Thus it would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the invention of McLachlan with Colnot for the purposes of providing encrypting to firmware content to prevent the device from untethered jailbreaking, resulting in a more efficient processor, see Colnot [0029].
McLachlan as modified do not explicitly disclose wherein the firmware memory comprises non-volatile hardware memory; and the fact that block chunks are in the firmware memory of the device as described as non-volatile memory. However, in analogous art Gorobets disclose wherein the firmware memory comprises non-volatile hardware memory; and the fact that block chunks are in the firmware memory of the device as described as non-volatile memory (see Gorobets Par. [0032-0033, 0037] disclose the firmware memory could be non-volatile memory of different types that are “block addressable”).
Thus it would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the invention of McLachlan as modified with Gorobets’s non-volatile hardware memory types for the purposes of firmware memory that are block addressable (see Gorobets [0032]).


Regarding claim 7, McLachlan teaches where the chunks have been at least one of individually obfuscated and collectively obfuscated (obfuscation can be performed at compile time for a specific set of allocations based on one or more compile time options, [0032-0036] Fig. 6-8).

Regarding claim 8, McLachlan teaches further comprising: a private memory for storing a copy of the firmware instructions; and a verification module for verify the firmware instructions loaded for execution using the copy of the firmware instructions prior to execution of the firmware instructions loaded for execution (The system 100 also includes memory 110 for storing data and programs for execution by the processing system, the heap 214 and stack 212 segments are available to an executable program when it is loaded into the memory for execution[0022-0027], Fig. 1, memory 110).

Regarding claim 11, McLachlan teaches the device of claim where the firmware data store is a member of a set of firmware data stores, each storing a respective set of firmware instructions that have been segmented into chunks that are assigned, according to respective assignment schemes, to blocks of the member of the set of firmware data stores in which the respective set of firmware instructions is stored (Process Heap 310 can contain blocks of memory with backing allocations in System Memory 350. The blocks of memory in process memory space can be arranged such that an example Process Allocation A 312 in process virtual memory is backed by a System Allocation A 352 in physical memory, and System Allocation B 354 lies adjacent in physical memory to Process Allocation B 314 in process virtual memory, [0028]).
Examiner notes: McLachlan does not explicitly recite firmware image or firmware content. Examiner understands the firmware content or image is referring to data and McLachlan meets those limitations however for clarity of record, Colnot is used to teach the firmware image limitations.
Colnot teaches a firmware "image" refers to a single file containing the complete contents of a software object. In an embodiment, a firmware image is created by creating a complete sector-by-sector copy of a source medium, thereby perfectly replicating the structure and contents of the stored firmware, Colnot [0029].
McLachlan and Colnot are analogous to firmware in a computing device. Thus it would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the invention of McLachlan with Colnot for the purposes of providing encrypting to firmware content to prevent the device from untethered jailbreaking, resulting in a more efficient processor, see Colnot [0029].

Regarding claim 12, McLachlan teaches where, the respective assignment schemes are based on the first security value (Encoder can be configured to automatically encrypt data written to memory, while automatically decrypting data during a memory read, such that the memory is encrypted while stored in memory, but the encryption is abstracted from the application's programmer, and any users of the application, the security level or encoder assignment can be changed to present a dynamic data landscape in system memory, and improve the system's resilience to data flow inspection and analysis. [0031, 0038-0039].

Regarding claim 13, McLachlan teaches where the respective assignment schemes are based on security values associated with respective components of the device for which the member of the set of firmware provides instructions (each encoder can accept an assignment of a security parameter and an address range for an address block (e.g., address block 0 851 through address block 7 858) for the encoder to manage. In one embodiment, increasing or decreasing the value of the security parameter, can tune or adjust the logic used to encode or decode various address blocks, [0035]).

Regarding claim 14, McLachlan teaches a method, comprising: accessing an assignment scheme that maps a set of ordered chunks of a firmware image to a set of memory blocks of a firmware memory into which the ordered chunks have been stored, where the assignment scheme is based on a first security value associated with a device in which the firmware memory is embedded; loading, based on the assignment scheme, a first chunk of the firmware image to a system memory of the device; successively loading, based on the assignment scheme, subsequent chunks of the firmware image into the system memory of the device until the firmware image has been reconstructed in the system memory; and executing the firmware image (In one embodiment, a data processing system with one or more processors 905 can access memory through an Obfuscating Heap Memory Management Unit 915, in which processor logical addresses are converted to memory physical addresses according to memory obfuscation logic represented by one or more encoders in an encoder block 920. Reverse Address Index encoder 921 that maps linear addresses in reverse order across a range of physical addresses. Address Scrambling Encoder 922, a mapping the byte allocations is maintained to enable address decode for a memory read. It will be noted that specific implementations of encoders, or specific implementations of encoder refresh, are not unique to any one implementation or embodiment of the Obfuscating Heap Memory Management Unit, [0033, 0035-0036]).
Examiner notes: McLachlan does not explicitly recite firmware image or firmware content. Examiner understands the firmware content or image is referring to data and McLachlan meets those limitations however for clarity of record, Colnot is used to teach the firmware image limitations.
Colnot teaches a firmware "image" refers to a single file containing the complete contents of a software object. In an embodiment, a firmware image is created by creating a complete sector-by-sector copy of a source medium, thereby perfectly replicating the structure and contents of the stored firmware, Colnot [0029].
McLachlan and Colnot are analogous to firmware in a computing device. Thus it would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the invention of McLachlan with Colnot for the purposes of providing encrypting to firmware content to prevent the device from untethered jailbreaking, resulting in a more efficient processor, see Colnot [0029].
McLachlan as modified do not explicitly disclose wherein the firmware memory comprises non-volatile hardware memory; and the fact that block chunks are in the firmware memory of the device as described as non-volatile memory. However, in analogous art Gorobets disclose wherein the firmware memory comprises non-volatile hardware memory; and the fact that block chunks are in the firmware memory of the device as described as non-volatile memory (see Gorobets Par. [0032-0033, 0037] disclose the firmware memory could be non-volatile memory of different types that are “block addressable”).
Thus it would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the invention of McLachlan as modified with Gorobets’s non-volatile hardware memory types for the purposes of firmware memory that are block addressable (see Gorobets [0032]).

Regarding claim 15, McLachlan teaches where the firmware image is stored in the firmware memory in an obfuscated state and where the method further comprises de-obfuscating the firmware image (Encryption encoder can perform real time data encryption and decryption, [0036]).

8.	Claims 4 is rejected under 35 U.S.C. 103 as being unpatentable over McLachlan in view of Colnot in view of US 2007/0101096 Gorobets, and further in view of US 20150039902 Arya et al. (“Arya”).

Regarding claim 4, McLachlan as modified does not explicitly teach where the firmware content is obfuscated using a salt function.
Arya teaches use of salt values in hashing algorithms is a way to alter the output hashed values, but in so doing the salt also alters the inputs to the hashing algorithm and the obfuscation application 122 may use a hash key 108 (e.g., obtained from a key server 110) to process the subscriber-identifiable information 102 into hashed subscriber identifiers 124, [0011-0013].
McLachlan, Colnot, Gorobets and Arya are analogous to obfuscation for data cryptography. Thus it would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify McLachlan as modified for the purpose of performing digest obfuscation on hashed values, security of the hashed information may be further improved, see Arya [0010].


Allowable Subject Matter
11.	Claims 5 and 9 are objected to as having allowable subject matter if it incorporates the limitations of the base claim it depends on and all limitations of the intervening claims. Claim 10 similarly objected as allowable based on its dependency on claim 9. Reason for allowance will be furnished upon allowance of the application.

Conclusion
12.	The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Dewan et al. US 20160182238, discloses a first portion of firmware is to be verified based at least in part on the first immutable key and a second portion of firmware is to be verified based at least in part on the second immutable key, the first portion of firmware associated with the vendor and the second portion of firmware associated with the OEM.	
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KHALIL NAGHDALI whose telephone number is (571) 272-9884. The examiner can normally be reached on M-F 8-5.
If attempts to reach the examiner by telephone are unsuccessful, the examiner's acting supervisor, KRISTINE KINCAID can be reached on (571) 272-4063. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272- 1000.



/KHALIL NAGHDALI/Primary Examiner, Art Unit 2437