DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The following is a Final Office action in response to communications received on 07/27/2022. 

Response to Amendment
Claims 1, 11 and 13 have been amended. 
Claims 1-20 have been examined. 
Applicant’s arguments with respect to claim(s) 1, 11 and 13 regarding the new limitations: “wherein the enrollment period includes measuring a voltage of the separate processor prior to runtime operation via a power supply pin of the ADC” and “wherein the runtime measurement is retrieved directly from the power supply pin” have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1-20 are provisionally rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of copending Application No. 16/723861 in view of US 20040268159 to Aasheim et al (hereinafter Aasheim) and Behavior Profiling of Power Distribution Networks for Runtime Hardware Trojan Detection by Khalid et al (hereinafter Khalid). 
Instant application
Copending Application No. 16/723861
1. (Currently Amended) A system comprising: memory; a microcontroller including an analog-to-digital converter (ADC) and in communication with the memory and configured to: 
define a fingerprint that includes a baseline measurement of side-channel traces of a side-channel of a separate processor retrieved from the ADC, during an enrollment period of the system, wherein the enrollment period includes measuring a voltage of the separate processor prior to runtime operation via a power supply pin of the ADC; 
receive a runtime measurement from the ADC regarding the voltage of at least the separate processor during runtime, wherein the runtime measurement is retrieved directly from the power supply pin; 
compare the runtime measurement to the fingerprint; and 
in response to the measurement exceeding a threshold, executing a countermeasure operation against software ran by the separate processor, a hardware modification, or one or more fault-attacks.
1. (Currently Amended) A system comprising: memory; a processor in communication with the memory and programmed to: 

during an enrollment period, define a fingerprint that includes a baseline measurement of a physical attribute of at least a separate processor during an enrollment period of the system, wherein the enrollment period includes measuring the physical attribute of the separate processor prior to runtime operation; 
receive a runtime measurement-from a sensor, the physical attribute of at least the separate processor during runtime; 



compare the runtime measurement of the physical attribute to the fingerprint; and in response to the measurement exceeding a threshold, executing a countermeasure operation against software ran by the separate processor.
2. (Original) The system of claim 1, wherein the physical attribute includes a power consumption.


Copending Application No. 16/723861 does not teach: an analog-to-digital converter (ADC) and in communication with the memory; measuring a voltage of the separate processor via a power supply pin of the ADC; and wherein the runtime measurement is retrieved directly from the power supply pin. However, Aasheim teaches:
an analog-to-digital converter (ADC) and in communication with the memory; measuring a voltage of the separate processor via a power supply pin of the ADC (Aasheim: [0027] Power measurement circuit 106 typically includes an analog to digital converter (ADC) 208, a communications interface 210 and a memory 212. [0028] FIG. 3 illustrates an example of how a typical ADC 208 on circuit 106 might be coupled to an embedded device 102 to measure power consumption. ADC 208 generally converts a continuously variable (i.e., analog) power consumption signal from device 102 into a digital (discrete) form).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Aasheim in the invention of Co-pending application 16/723861 to include the above limitations. The claim would have been obvious because a particular known technique was recognized as part of the ordinary capabilities of one skilled in the art (see KSR Int’l Co. v. Teleflex Inc. 550 U.S. ___, 82 USPQ2d 1385 (Supreme Court 2007) (KSR)).
Co-pending application 16/723861 in view of Aasheim does not teach: wherein the runtime measurement is retrieved directly from the power supply pin. However, Khalid teaches:
wherein the runtime measurement is retrieved directly from the power supply pin (Khalid: Page 1317, Fig. 1 and right column: B. Runtime Power Analysis: Fig. 1 shows the proposed off-chip runtime power monitors, which operates in two steps. In the first step, it obtains runtime power profile by measuring the current from the power ports of each module (PP1, PP2, ..., PPn) of integrated circuits. These values are then converted into the respective digital values through an analog to digital converter and then stored into memory. Fig. 1 shows the current from power ports of modules PP1, PP2, PPn being directly measured by the ADC). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Khalid in the invention of Co-pending application 16/723861 to include the above limitations. The claim would have been obvious because a particular known technique was recognized as part of the ordinary capabilities of one skilled in the art (see KSR Int’l Co. v. Teleflex Inc. 550 U.S. ___, 82 USPQ2d 1385 (Supreme Court 2007) (KSR)).
Similarly, the rest of the independent and dependent claims of the instant application are analogous to the rest of the independent and dependent claims of Co-pending application 16/723861.
This is a provisional nonstatutory double patenting rejection.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.
Claims 1-3, 7-9, 11-15 and 17-19 are rejected under 35 U.S.C. 103 as being unpatentable over Behavior Profiling of Power Distribution Networks for Runtime Hardware Trojan Detection by Khalid et al (hereinafter Khalid), US 20040268159 to Aasheim et al (hereinafter Aasheim) and prior art of record US 10157278 to Gonzalez et al (hereinafter Gonzalez).
As per claim 1, Khalid teaches:
A system comprising: 
memory; a microcontroller including an analog-to-digital converter (ADC) and in communication with the memory (Khalid: page 1317: Fig. 1 shows an ADC in communication with a memory) and configured to: define a fingerprint that includes a baseline measurement of side-channel traces of a side-channel of a separate processor retrieved from the (Khalid: Page 1317: Fig. 1, Left column, 2nd paragraph: The first step is to obtain the signature power behavior of the given integrated circuit that consists of sequentially connected modules at the pre-market test stage. A. Pre-Market Stage Power Behavior Extraction: The first phase of proposed methodology is to obtain the power behavior of different modules that are sequentially connected by utilizing the following steps: 1) In the first, we measure the power of each sequentially connected modules to extract the modular power behavior. Right column: In the proposed methodology, we utilized rate power consumption in different sequentially connected blocks of IP modules to develop a two stage classification criteria. In order to establish this criteria, the first step is to identify the normal behavior zone, which is the range between the maximum and minimum values of δP. Similarly, its normal behavior zone is the range between the maximum and minimum values of ΔP. Page 1318: left column: III Case Study: A. Signature obtained for the Power Behavior of AES: The first step is to obtain the signature power behavior of the AES, which is obtained by implementing AES modules without intrusion and with some of the benchmarks intrusions [18] in Verilog. The extraction of signature behavior of AES module is completed in two stages: In the first stage, the AES module is implemented in Verilog and its power rating is extracted using the Xillinx power (Xpower) analyzer for Virtex-5 (xc5vlx330) and Virtex-6 (Xc6vlx760). The highlighted columns of Table I show the dynamic power behavior signature of the AES in Xpower analyzer.); 
receive a runtime measurement from the ADC regarding the voltage of at least the separate processor during runtime, wherein the runtime measurement is retrieved directly from the power supply pin (Khalid: Page 1317, Fig. 1 and right column: B. Runtime Power Analysis: Fig. 1 shows the proposed off-chip runtime power monitors, which operates in two steps. In the first step, it obtains runtime power profile by measuring the current from the power ports of each module (PP1, PP2, ..., PPn) of integrated circuits. These values are then converted into the respective digital values through an analog to digital converter and then stored into memory. Fig. 1 shows the current from power ports of modules PP1, PP2, PPn being directly measured by the ADC); 
compare the runtime measurement to the fingerprint (Khalid: Page 1317, Fig. 1 and right column: B. Runtime Power Analysis: In the second step, the extracted power behavior is used to calculate the changes in current with respect to the sequentially connected modules (first and second derivatives of power behavior) and then compared to the upper and lower bounds of the changes in current from the signature power profile); and 
in response to the measurement exceeding a threshold, (Khalid: Page 1317, Fig. 1 and right column: B. Runtime Power Analysis: If it lies outside the bounds then the integrated circuit is considered as intruded).
Khalid teaches obtaining power behavior signature at pre-market test stage using a Xillinx power (Xpower) analyzer but does not teach: via a power supply pin of the ADC. Also, Khalid does not teach: executing a countermeasure operation against software ran by the separate processor, a hardware modification, or one or more fault-attacks. However, Aasheim teaches:
a baseline measurement of side-channel traces of a side-channel … via a power supply pin of the ADC (Aasheim: [0027] Power measurement circuit 106 typically includes an analog to digital converter (ADC) 208, a communications interface 210 and a memory 212. [0028] FIG. 3 illustrates an example of how a typical ADC 208 on circuit 106 might be coupled to an embedded device 102 to measure power consumption. ADC 208 generally converts a continuously variable (i.e., analog) power consumption signal from device 102 into a digital (discrete) form. [0029]. Memory 218 includes a power profiler 220 module that is configured to execute on processor 216 to track and identify software instructions 206 executing on embedded device 102. [0033] Power profiler 220 is also configured to correlate the power consumption data 214 received from power measurement circuit 106 with the software instructions 206 executing on processor 200 of embedded device 102. Power profiler 220 generates a power profile 224 that quantifies the power consumed for the precise software instruction executing on processor 200 of embedded device 102.).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Aasheim in the invention of Khalid to include the above limitations. The claim would have been obvious because a particular known technique was recognized as part of the ordinary capabilities of one skilled in the art (see KSR Int’l Co. v. Teleflex Inc. 550 U.S. ___, 82 USPQ2d 1385 (Supreme Court 2007) (KSR)).
	Khalid in view of Aasheim does not teach: executing a countermeasure operation against software ran by the separate processor, a hardware modification, or one or more fault-attacks. However, Gonzalez teaches:
executing a countermeasure operation against software ran by the separate processor, a hardware modification, or one or more fault-attacks (Gonzalez: column 4, lines 10-16: Based on the comparison, the fingerprinting system 100 can determine whether there is an anomaly of the measured target device/system at 104. If yes, the fingerprinting system can alert a user at 106. Column 7, lines 43-54: The response module 210 triggers automatic actions that affect the target device in response to integrity violations. Some of the actions/responses 221 can include, but not limited to activating another device, disabling control ports of the target device, notifying user of the target device, etc.).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Gonzalez in the invention of Khalid in view of Aasheim to include the above limitations. The claim would have been obvious because a particular known technique was recognized as part of the ordinary capabilities of one skilled in the art (see KSR Int’l Co. v. Teleflex Inc. 550 U.S. ___, 82 USPQ2d 1385 (Supreme Court 2007) (KSR)).

As per claim 2, Khalid in view of Aasheim and Gonzalez teaches:
The system of claim 1, wherein the countermeasure includes outputting a message or a notification (Gonzalez: Column 7, lines 43-54: Some of the actions/responses 221 can include, but not limited to …, notifying user of the target device).
The examiner provides the same rationale to combine prior arts Khalid in view of Aasheim and Gonzalez as in claim 1 above. 

As per claim 3, Khalid in view of Aasheim and Gonzalez teaches:
The system of claim 1, wherein the ADC includes an ADC input pin connected to an internal voltage pin of the microcontroller, a powers supply, an internal regulator, or an intermediate voltage (Khalid: page 1317: Fig. 1, Right column: B. Runtime Power Analysis: In the first step, it obtains runtime power profile by measuring the current from the power ports of each module (PP1, PP2, ..., PPn) of integrated circuits. Fig. 1 shows the ADC connected to the power ports of the modules. Aasheim: Fig. 3 and [0028] FIG. 3 illustrates an example of how a typical ADC 208 on circuit 106 might be coupled to an embedded device 102 to measure power consumption).
The examiner provides the same rationale to combine prior arts Khalid and Aasheim as in claim 1 above. 

As per claim 7, Khalid in view of Aasheim and Gonzalez teaches:
The system of claim 1, wherein the ADC is connected via a least one data bus to the separate processor, wherein the ADC includes at least one channel connected via a secure bus that requires encryption or authentication or both (Aasheim: [0021]: In the exemplary environment 100, the host computer 104 and the power measurement circuit 106 are also coupled via bus 108. [0027] Power measurement circuit 106 typically includes an analog to digital converter (ADC) 208. Gonzalez: Column 6, lines 1-21: After the signals are digitized, however, they can be stored for later processing or transferred to another location to be processed. Thus, the link or network 204 between the digitizer 203 and the DSP 205 can be a direct connection, a storage element for later processing, or a network connection for sending the digitized signals to a remote location. For added security, the network 204 may be physically or logically separated from the other network that carries traffic for the device being monitored. In some cases, encryption of the link (secure bus) or network 204 for added security may be desirable).
The examiner provides the same rationale to combine prior arts Khalid in view of Aasheim and Gonzalez as in claim 1 above. 

As per claim 8, Khalid in view of Aasheim and Gonzalez teaches:
The system of claim 7, wherein the secure bus is controlled by a secure element or in response to a secure state of the microcontroller (Gonzalez: Column 6, lines 1-21: After the signals are digitized, however, they can be stored for later processing or transferred to another location to be processed. Thus, the link or network 204 between the digitizer 203 and the DSP 205 can be a direct connection, a storage element for later processing, or a network connection for sending the digitized signals to a remote location. For added security, the network 204 may be physically or logically separated from the other network that carries traffic for the device being monitored. In some cases, encryption of the link or network 204 for added security may be desirable).
The examiner provides the same rationale to combine prior arts Khalid in view of Aasheim and Gonzalez as in claim 1 above. 

As per claim 9, Khalid in view of Aasheim and Gonzalez teaches:
The system of claim 1, wherein a channel of the side-channel includes a higher sampling rate than other channels of the side-channel of the ADC, wherein the channel is utilized for the baseline measurement (Aasheim: [0028]: The analog power consumption signal from device 102 is sampled at a rate that is typically greater than the rate at which instructions 206 are being executed by processor 200 on embedded device 102).
The examiner provides the same rationale to combine prior arts Khalid and Aasheim as in claim 1 above. 

As per claim 11, Khalid teaches:
A computer-implement method, comprising: 
defining a fingerprint that includes a baseline measurement retrieved from a side-channel of at least a separate processor during an enrollment period, wherein the baseline measurement includes one or more physical attributes (Khalid: Page 1317: Fig. 1, Left column, 2nd paragraph: The first step is to obtain the signature power behavior of the given integrated circuit that consists of sequentially connected modules at the pre-market test stage. A. Pre-Market Stage Power Behavior Extraction: The first phase of proposed methodology is to obtain the power behavior of different modules that are sequentially connected by utilizing the following steps: 1) In the first, we measure the power of each sequentially connected modules to extract the modular power behavior. Right column: In the proposed methodology, we utilized rate power consumption in different sequentially connected blocks of IP modules to develop a two stage classification criteria. In order to establish this criteria, the first step is to identify the normal behavior zone, which is the range between the maximum and minimum values of δP. Similarly, its normal behavior zone is the range between the maximum and minimum values of ΔP. Page 1318: left column: III Case Study: A. Signature obtained for the Power Behavior of AES: The first step is to obtain the signature power behavior of the AES, which is obtained by implementing AES modules without intrusion and with some of the benchmarks intrusions [18] in Verilog. The extraction of signature behavior of AES module is completed in two stages: In the first stage, the AES module is implemented in Verilog and its power rating is extracted using the Xillinx power (Xpower) analyzer for Virtex-5 (xc5vlx330) and Virtex-6 (Xc6vlx760). The highlighted columns of Table I show the dynamic power behavior signature of the AES in Xpower analyzer.); 
receiving a runtime measurement from the ADC, wherein the runtime measurement includes the one or more physical attributes of at least the separate processor during runtime, wherein the runtime measurement is retrieved directly from a power supply pin of the ADC (Khalid: Page 1317, Fig. 1 and right column: B. Runtime Power Analysis: Fig. 1 shows the proposed off-chip runtime power monitors, which operates in two steps. In the first step, it obtains runtime power profile by measuring the current from the power ports of each module (PP1, PP2, ..., PPn) of integrated circuits. These values are then converted into the respective digital values through an analog to digital converter and then stored into memory. Fig. 1 shows the current from power ports of modules PP1, PP2, PPn being directly measured by the ADC); 
comparing the runtime measurement of the physical attribute to the fingerprint (Khalid: Page 1317, Fig. 1 and right column: B. Runtime Power Analysis: In the second step, the extracted power behavior is used to calculate the changes in current with respect to the sequentially connected modules (first and second derivatives of power behavior) and then compared to the upper and lower bounds of the changes in current from the signature power profile); and 
in response to the runtime measurement exceeding a threshold  (Khalid: Page 1317, Fig. 1 and right column: B. Runtime Power Analysis: If it lies outside the bounds then the integrated circuit is considered as intruded).
Khalid teaches obtaining power behavior signature at pre-market test stage using a Xillinx power (Xpower) analyzer but does not teach: physical attributes received from an analog-to-digital converter (ADC) of a microcontroller. Also, Khalid does not teach: executing a countermeasure operation against software ran by the separate processor, a hardware modification, or one or more fault-attacks. However, Aasheim teaches:
physical attributes received from an analog-to-digital converter (ADC) of a microcontroller (Aasheim: [0027] Power measurement circuit 106 typically includes an analog to digital converter (ADC) 208, a communications interface 210 and a memory 212. [0028] FIG. 3 illustrates an example of how a typical ADC 208 on circuit 106 might be coupled to an embedded device 102 to measure power consumption. ADC 208 generally converts a continuously variable (i.e., analog) power consumption signal from device 102 into a digital (discrete) form. [0029]. Memory 218 includes a power profiler 220 module that is configured to execute on processor 216 to track and identify software instructions 206 executing on embedded device 102. [0033] Power profiler 220 is also configured to correlate the power consumption data 214 received from power measurement circuit 106 with the software instructions 206 executing on processor 200 of embedded device 102. Power profiler 220 generates a power profile 224 that quantifies the power consumed for the precise software instruction executing on processor 200 of embedded device 102).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Aasheim in the invention of Khalid to include the above limitations. The claim would have been obvious because a particular known technique was recognized as part of the ordinary capabilities of one skilled in the art (see KSR Int’l Co. v. Teleflex Inc. 550 U.S. ___, 82 USPQ2d 1385 (Supreme Court 2007) (KSR)).
Khalid in view of Aasheim does not teach: executing a countermeasure operation against software ran by the separate processor, a hardware modification, or one or more fault-attacks. However, Gonzalez teaches:
executing a countermeasure operation against software ran by the separate processor, a hardware modification, or one or more fault-attacks (Gonzalez: column 4, lines 10-16: Based on the comparison, the fingerprinting system 100 can determine whether there is an anomaly of the measured target device/system at 104. If yes, the fingerprinting system can alert a user at 106. Column 7, lines 43-54: The response module 210 triggers automatic actions that affect the target device in response to integrity violations. Some of the actions/responses 221 can include, but not limited to activating another device, disabling control ports of the target device, notifying user of the target device, etc.).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Gonzalez in the invention of Khalid in view of Aasheim to include the above limitations. The claim would have been obvious because a particular known technique was recognized as part of the ordinary capabilities of one skilled in the art (see KSR Int’l Co. v. Teleflex Inc. 550 U.S. ___, 82 USPQ2d 1385 (Supreme Court 2007) (KSR)).

As per claim 12, Khalid in view of Aasheim and Gonzalez teaches:
The computer-implemented method of claim 11, wherein the physical attribute includes a voltage (Aasheim: [0028] FIG. 3 illustrates an example of how a typical ADC 208 on circuit 106 might be coupled to an embedded device 102 to measure power consumption. Gonzalez: Column 11, lines 57-60: The on-chip sensor may be located in a processor, support chip, or in the power management chip, and may detect voltage).
The examiner provides the same rationale to combine prior arts Khalid in view of Aasheim and Gonzalez as in claim 11 above. 

As per claim 13, Khalid teaches:
 A system comprising: 
memory; a microcontroller including an analog-to-digital converter (ADC) and in communication with the memory (Khalid: page 1317: Fig. 1 shows an ADC in communication with a memory) and configured to: define a fingerprint that includes a baseline measurement of side-channel traces of a side-channel retrieved from the ADC, during an enrollment period of the system, wherein the enrollment period includes measuring voltage prior to runtime operation (Khalid: Page 1317: Fig. 1, Left column, 2nd paragraph: The first step is to obtain the signature power behavior of the given integrated circuit that consists of sequentially connected modules at the pre-market test stage. A. Pre-Market Stage Power Behavior Extraction: The first phase of proposed methodology is to obtain the power behavior of different modules that are sequentially connected by utilizing the following steps: 1) In the first, we measure the power of each sequentially connected modules to extract the modular power behavior. Right column: In the proposed methodology, we utilized rate power consumption in different sequentially connected blocks of IP modules to develop a two stage classification criteria. In order to establish this criteria, the first step is to identify the normal behavior zone, which is the range between the maximum and minimum values of δP. Similarly, its normal behavior zone is the range between the maximum and minimum values of ΔP. Page 1318: left column: III Case Study: A. Signature obtained for the Power Behavior of AES: The first step is to obtain the signature power behavior of the AES, which is obtained by implementing AES modules without intrusion and with some of the benchmarks intrusions [18] in Verilog. The extraction of signature behavior of AES module is completed in two stages: In the first stage, the AES module is implemented in Verilog and its power rating is extracted using the Xillinx power (Xpower) analyzer for Virtex-5 (xc5vlx330) and Virtex-6 (Xc6vlx760). The highlighted columns of Table I show the dynamic power behavior signature of the AES in Xpower analyzer); 
receive a runtime measurement from the ADC that includes voltage of at least a separate microcontroller during runtime, wherein the runtime measurement is retrieved from a power supply pin of the ADC (Khalid: Page 1317, Fig. 1 and right column: B. Runtime Power Analysis: Fig. 1 shows the proposed off-chip runtime power monitors, which operates in two steps. In the first step, it obtains runtime power profile by measuring the current from the power ports of each module (PP1, PP2, ..., PPn) of integrated circuits. These values are then converted into the respective digital values through an analog to digital converter and then stored into memory. Fig. 1 shows the current from power ports of modules PP1, PP2, PPn being directly measured by the ADC); 
compare the runtime measurement to the fingerprint (Khalid: Page 1317, Fig. 1 and right column: B. Runtime Power Analysis: In the second step, the extracted power behavior is used to calculate the changes in current with respect to the sequentially connected modules (first and second derivatives of power behavior) and then compared to the upper and lower bounds of the changes in current from the signature power profile); and 
in response to the measurement exceeding a threshold (Khalid: Page 1317, Fig. 1 and right column: B. Runtime Power Analysis: If it lies outside the bounds then the integrated circuit is considered as intruded).
Khalid teaches obtaining power behavior signature at pre-market test stage using a Xillinx power (Xpower) analyzer but does not teach: a baseline measurement retrieved from the ADC. Also, Khalid does not teach: executing a countermeasure operation against software ran by the separate processor, a hardware modification, or one or more fault-attacks. However, Aasheim teaches:
a baseline measurement retrieved from the ADC (Aasheim: [0027] Power measurement circuit 106 typically includes an analog to digital converter (ADC) 208, a communications interface 210 and a memory 212. [0028] FIG. 3 illustrates an example of how a typical ADC 208 on circuit 106 might be coupled to an embedded device 102 to measure power consumption. ADC 208 generally converts a continuously variable (i.e., analog) power consumption signal from device 102 into a digital (discrete) form. [0029]. Memory 218 includes a power profiler 220 module that is configured to execute on processor 216 to track and identify software instructions 206 executing on embedded device 102. [0033] Power profiler 220 is also configured to correlate the power consumption data 214 received from power measurement circuit 106 with the software instructions 206 executing on processor 200 of embedded device 102. Power profiler 220 generates a power profile 224 that quantifies the power consumed for the precise software instruction executing on processor 200 of embedded device 102.).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Aasheim in the invention of Khalid to include the above limitations. The claim would have been obvious because a particular known technique was recognized as part of the ordinary capabilities of one skilled in the art (see KSR Int’l Co. v. Teleflex Inc. 550 U.S. ___, 82 USPQ2d 1385 (Supreme Court 2007) (KSR)).
	Khalid in view of Aasheim does not teach: executing a countermeasure operation against software ran by the separate processor, a hardware modification, or one or more fault-attacks. However, Gonzalez teaches:
executing a countermeasure operation against software ran by the separate processor, a hardware modification, or one or more fault-attacks (Gonzalez: column 4, lines 10-16: Based on the comparison, the fingerprinting system 100 can determine whether there is an anomaly of the measured target device/system at 104. If yes, the fingerprinting system can alert a user at 106. Column 7, lines 43-54: The response module 210 triggers automatic actions that affect the target device in response to integrity violations. Some of the actions/responses 221 can include, but not limited to activating another device, disabling control ports of the target device, notifying user of the target device, etc.).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Gonzalez in the invention of Khalid in view of Aasheim to include the above limitations. The claim would have been obvious because a particular known technique was recognized as part of the ordinary capabilities of one skilled in the art (see KSR Int’l Co. v. Teleflex Inc. 550 U.S. ___, 82 USPQ2d 1385 (Supreme Court 2007) (KSR)).

As per claim 14, Khalid in view of Aasheim and Gonzalez teaches:
The system of claim 13, wherein the runtime measurement is retrieved from a connection between an input supply pin of the ADC and a voltage supply of the microcontroller (Khalid: Page 1317, Fig. 1 and right column: B. Runtime Power Analysis: Fig. 1 shows the proposed off-chip runtime power monitors, which operates in two steps. In the first step, it obtains runtime power profile by measuring the current from the power ports of each module (PP1, PP2, ..., PPn) of integrated circuits. Aasheim: Fig. 3 show a input supply pin of the ADC Vin connected to the voltage supply).
The examiner provides the same rationale to combine prior arts Khalid and Aasheim as in claim 13 above. 

As per claim 15, Khalid in view of Aasheim and Gonzalez teaches:
The system of claim 13, wherein the runtime measurement is retrieved from a connection between an input supply pin of the ADC and a ground of the microcontroller (Khalid: Page 1317, Fig. 1 and right column: B. Runtime Power Analysis: Fig. 1 shows the proposed off-chip runtime power monitors, which operates in two steps. In the first step, it obtains runtime power profile by measuring the current from the power ports of each module (PP1, PP2, ..., PPn) of integrated circuits. Aasheim: Fig. 3 show a input supply pin of the ADC and the ground).
The examiner provides the same rationale to combine prior arts Khalid and Aasheim as in claim 13 above.

As per claim 17, Khalid in view of Aasheim and Gonzalez teaches:
The system of claim 13, wherein the countermeasure operation includes reprogramming the software to original code (Gonzalez: column 7, lines 43-54: Some of the actions/responses 221 can include, but not limited to activating another device, disabling control ports of the target device, notifying user of the target device, triggering the target device for reboot and reinitiating virtualization. Column 8, lines 3-9: In the case of that a virtual machine is running at the target device and anomalous behavior is found in one of the side channels, the virtual machine can be restarted or migrated).
The examiner provides the same rationale to combine prior arts Khalid in view of Aasheim and Gonzalez as in claim 13 above. 

As per claim 18, Khalid in view of Aasheim and Gonzalez teaches:
The system of claim 13, wherein the countermeasure operation includes reprogramming the software (Gonzalez: column 7, lines 43-54: Some of the actions/responses 221 can include, but not limited to activating another device, disabling control ports of the target device, notifying user of the target device, triggering the target device for reboot and reinitiating virtualization. Column 8, lines 3-9: In the case of that a virtual machine is running at the target device and anomalous behavior is found in one of the side channels, the virtual machine can be restarted or migrated).
The examiner provides the same rationale to combine prior arts Khalid in view of Aasheim and Gonzalez as in claim 13 above. 

As per claim 19, Khalid in view of Aasheim and Gonzalez teaches:
The system of claim 13, wherein the side-channel is associated with a separate microcontroller (Khalid: page 1317: Fig. 1 and left column, 2nd paragraph: The first step is to obtain the signature power behavior of the given integrated circuit).

Claim 4 is rejected under 35 U.S.C. 103 as being unpatentable over Khalid in view of Aasheim and Gonzalez as applied to claim 1 above, and further in view of prior art of record An Encryption-Authentication Unified A/D Conversion Scheme for loT Sensor Nodes by Gadde et al (hereinafter Gadde).
As per claim 4, Khalid in view of Aasheim and Gonzalez does not teach: wherein the ADC includes an encryption unit. However, Gadde teaches: 
wherein the ADC includes an encryption unit (Gadde: Abstract: We have proposed an Analog-to-Digital Conversion scheme, based on slope A/D conversion, involving two randomized slopes, to realize resistance to side channel attacks and perform data encryption-authentication during the A/D conversion process. We have designed and fabricated the proposed encryption- authentication unified ADC in 0.18pm CMOS process).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Gadde in the invention of Khalid in view of Aasheim and Gonzalez to include the above limitations. The motivation to do so would be to realize resistance to side channel attacks (Gadde: Abstract).

Claims 5, 6 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Khalid in view of Aasheim and Gonzalez as applied to claims 1 and 13 above, and further in view of prior art of record US 20150317475 to Aguayo Gonzalez et al (hereinafter Gonzalez’475).
As per claim 5, Khalid in view of Aasheim and Gonzalez teaches: 
The system of claim 1, wherein the ADC includes an ADC input pin connected to an internal voltage pin of the microcontroller (Aasheim: [0028] FIG. 3 illustrates an example of how a typical ADC 208 on circuit 106 might be coupled to an embedded device 102 to measure power consumption).
Khalid in view of Aasheim and Gonzalez does not teach: to measure drain power voltage. However, Gozalez’475 teaches:
measure drain power voltage (Gonzalez’475: [0074] The physical location of the sensor is a critical element for the success of this approach. The ideal location 210 is shown in FIG. 2 at the VDD signal of the processor 205).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Gonzalez’475 in the invention of Khalid in view of Aasheim and Gonzalez to include the above limitations. The motivation to do so would be to provide an integrity assessment and intrusion detection solution for critical cyber systems (Gonzalez’475: [0005)).

As per claim 6, Khalid in view of Aasheim and Gonzalez teaches: 
The system of claim 1, wherein the channel is utilized for the baseline measurement (Aasheim: [0028] FIG. 3 illustrates an example of how a typical ADC 208 on circuit 106 might be coupled to an embedded device 102 to measure power consumption).
Khalid in view of Aasheim and Gonzalez does not teach: wherein a channel of the side-channel includes a higher bandwidth than other channels of the side-channel. However, Gonzalez’475 teaches:
wherein a channel of the side-channel includes a higher bandwidth than other channels of the side-channel (Gonzalez’475: [0073] The general PFP method begins by collecting fine-grained measurements from the power consumption during the execution of trusted code. The sensor 110 can be implemented by means of ..., a high-bandwidth current mirror. [0353] One example approach to reduce the variance of the estimates, and thus the probabilities of making a classification error, is to increase the time-bandwidth product of the observation).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Gonzalez’475 in the invention of Khalid in view of Aasheim and Gonzalez to include the above limitations. The motivation to do so would be to provide an integrity assessment and intrusion detection solution for critical cyber systems (Gonzalez’475: [0005)).

As per claim 20, Khalid in view of Aasheim and Gonzalez teaches: 
The system of claim 13, wherein runtime measurement is sent to an intrusion detection system segregated from the separate processor and MCU (Gonzalez: column 7, lines 24-35: Upon performing comparison and analytics, the PFP analytics 206 can forward comparison data to a decision module 206b to determine whether an intrusion or anomaly exists. In other instances, the PFP analytics 206 can send the analytics data to other intrusion detectors 223).
Khalid in view of Aasheim and Gonzalez does not teach: wherein the intrusion detection system is configured to compare the runtime measurement to the baseline measurement utilizing a neural network. However, Gonzalez’475 teaches: 
wherein the intrusion detection system is configured to compare the runtime measurement to the baseline measurement utilizing a neural network (Gonzalez’475: [0091]: Other techniques for detector design and machine training include: Neural Networks. [0343] In one embodiment, the PFP system may enable intrusion detection based on a supervised learning approach, preventing attackers from training the intrusion detection system (IDS) after deployment to accept their malicious actions, traffic packets or other activities. In supervised learning, the specific features and patterns used as a baseline reference (power fingerprint) to determine when anomalies exist are determined during a pre-characterization stage and are not changed until the system gets updated. [0347] The PFP system can observe and characterize the fine-grained patterns in the power consumption of digital systems).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Gonzalez’475 in the invention of Khalid in view of Aasheim and Gonzalez to include the above limitations. The motivation to do so would be to provide an integrity assessment and intrusion detection solution for critical cyber systems (Gonzalez’475: [0005)).

Claims 10 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Khalid in view of Aasheim and Gonzalez as applied to claims 1 and 13 above, and further in view of prior art of record Measurements of spurious emission with a time-domain EMI measurement system using multi-sampling techniques by Braun et al (hereinafter Braun).
As per claim 10, Khalid in view of Aasheim and Gonzalez does not teach the limitations of claim 10. However, Braun teaches:
wherein the ADC is unconnected and configured to measure parasitic noise on the ADC (Braun: Page 793: Left column: A Nonlinearity of ADCs: Analog-to- Digital Converter show deviations from the ideal quantization steps that are described by the differential nonlinearity (DNL) and integral nonlinearity (INL). Right column: B. Methods to determine INL and DNL of ADCs: A sinusoidal signal is applied to the ADC. The sinusoidal signal x(t) = sin (ωt) is digitized by an ADC with K quantization steps. For a full scale sinusoidal signal we obtain a digitized signal x[k] of an ideal ADC according to: x[k] = round(                        
                            
                                
                                    K
                                
                                
                                    2
                                
                            
                        
                    sin (ωt). The probability density function (PDF) PDF[k] is calculated according to: PDF[k] =                         
                            
                                
                                    ∑
                                    
                                        n
                                        =
                                        1
                                    
                                    
                                        N
                                    
                                
                                
                                    δ
                                    (
                                    x
                                    
                                        
                                            n
                                        
                                    
                                    -
                                    k
                                    )
                                
                            
                        
                     (4) where                         
                            δ
                            (
                            x
                            
                                
                                    n
                                
                            
                            -
                            k
                            )
                        
                     is the Kronnecker Symbol and returns 1 if x[n] = k. From the relation between the PDF of an ideal ADC and the measured PDF the DNL of the ADC is determined. By performing a numeric integration of the DNL the INL is calculated. Page 794: 1) Stationary spurious signals: Stationary spurious signals are independent of the input signals and are mainly caused by internal ADC clocking signals. Their frequencies are a fraction of the sampling frequency. The frequency of the spurious signals can be described by (6) fspur =                         
                            
                                
                                    m
                                    f
                                    s
                                
                                
                                    l
                                
                            
                        
                     I,m = 1, 2, 3, ... (6)).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Braun in the invention of Khalid in view of Aasheim and Gonzalez to include the above limitations. The motivation to do so would be to enhance the spurious free dynamic range of the Time-domain EMI Measurement System (Braun: Abstract).

As per claim 16, Khalid in view of Aasheim and Gonzalez does not teach the limitations of claim 16. However, Braun teaches:
wherein the runtime measurement is retrieved from no connection with an input supply pin of the ADC, wherein the runtime measurement includes parasitic noise of the ADC (Braun: Page 793: Left column: A Nonlinearity of ADCs: Analog-to- Digital Converter show deviations from the ideal quantization steps that are described by the differential nonlinearity (DNL) and integral nonlinearity (INL). Right column: B. Methods to determine INL and DNL of ADCs: A sinusoidal signal is applied to the ADC. The sinusoidal signal x(t) = sin (ωt) is digitized by an ADC with K quantization steps. For a full scale sinusoidal signal we obtain a digitized signal x[k] of an ideal ADC according to: x[k] = round(                        
                            
                                
                                    K
                                
                                
                                    2
                                
                            
                        
                    sin (ωt). The probability density function (PDF) PDF[k] is calculated according to: PDF[k] =                         
                            
                                
                                    ∑
                                    
                                        n
                                        =
                                        1
                                    
                                    
                                        N
                                    
                                
                                
                                    δ
                                    (
                                    x
                                    
                                        
                                            n
                                        
                                    
                                    -
                                    k
                                    )
                                
                            
                        
                     (4) where                         
                            δ
                            (
                            x
                            
                                
                                    n
                                
                            
                            -
                            k
                            )
                        
                     is the Kronnecker Symbol and returns 1 if x[n] = k. From the relation between the PDF of an ideal ADC and the measured PDF the DNL of the ADC is determined. By performing a numeric integration of the DNL the INL is calculated. Page 794: 1) Stationary spurious signals: Stationary spurious signals are independent of the input signals and are mainly caused by internal ADC clocking signals. Their frequencies are a fraction of the sampling frequency. The frequency of the spurious signals can be described by (6) fspur =                         
                            
                                
                                    m
                                    f
                                    s
                                
                                
                                    l
                                
                            
                        
                     I,m = 1, 2, 3, ... (6)).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Braun in the invention of Khalid in view of Aasheim and Gonzalez to include the above limitations. The motivation to do so would be to enhance the spurious free dynamic range of the Time-domain EMI Measurement System (Braun: Abstract).

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to MADHURI R HERZOG whose telephone number is (571)270-3359. The examiner can normally be reached 8:30AM-5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi Arani can be reached on (571)272-3787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

MADHURI R. HERZOG
Primary Examiner
Art Unit 2438



/MADHURI R HERZOG/Primary Examiner, Art Unit 2438