DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 

The instant application having application No. 17/239,113 filed on June 29, 2021, presents claims 1-20 for examination.  The instant application claims priority to the provisional application having application No. 63/014,851 filed on April 24, 2020.

Information Disclosure Statement
  The information disclosure statement (IDS) submitted on 2/16/2022 was filed before the mailing date of the Non-Final Office Action.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Examiner Notes
Examiner cites particular columns, paragraphs, figures and line numbers in the references as applied to the claims below for the convenience of the applicant. Although the specified citations are representative of the teachings in the art and are applied to the specific limitations within the individual claim, other passages and figures may apply as well. It is respectfully requested that, in preparing responses, the applicant fully consider the references in their entirety as potentially teaching all or part of the claimed invention, as well as the context of the passage as taught by the prior art or disclosed by the examiner.

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Specification
The disclosure is objected to because of the following informality: 
para [0033], line 2, “may be include”, suggestion: -may 
Appropriate correction is required.

Claim Objections
Claims 1-7 and 14 are objected to because of the following informalities:  
Claim 1, lines 2-3 recites “updating software of a cyber-physical system (CPS) device, maintaining a CPS device, diagnosing a CPS device,” which should recite -- updating software of a cyber-physical system (CPS) device, maintaining [[a]] the CPS device, diagnosing [[a]] the CPS device --. dependent claims 2-7 are objected for the same reason because of their dependencies from the independent claim 1.
Claim 14, line 1, insert --wherein the process-- before “further”.
Appropriate correction is required.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Wang et al. (US 20190187971 A1 – hereinafter Wang, cited from IDS filed on 2/16/2022) in view of EDWARDS (GB 2547472 A-- hereinafter EDWARDS).

With respect to claim 1, Wang discloses A computer-implemented method that provides a secure and assured method for updating software of a cyber-physical system (CPS) device, maintaining a CPS device, diagnosing a CPS device, and transferring of CPS data, the method comprising (Abstract, Fig. 3, wherein the vehicle control system 348 reads on CPS): 
authenticating a moment a secure maintenance device (SMD) is connected to a first device before a software-based communication is established (para [0089], “… According to one embodiment, the service tool 725 can comprise a cellphone, tablet, laptop computer, or other portable computing device having cellular, WiFi, Bluetooth, and/or other wireless communications abilities and can be used in any one or more environments to transport certificates used to support secure connectivity for vehicle systems in a state where the vehicle may or may not have immediate internet access. …” wherein the service tool 725 reads on SMD. para [0090] discloses providing authorized installation ID which reads on authenticating, and wherein the vehicle 100 reads on the first device); 
establishing a secure communication channel between the SMD and the first device (para [0089]); 
authenticating a user of the first device and determining access rights of the user using an identity of the first device (para [0090] wherein providing authorized installation ID reads on authenticating a user); 
transmitting digitally signed updates from the SMD to the first device (para [0081], “… The content distribution server 705 or CDN can be used to distribute update packages 715 generated, encrypted, and signed by the update provider server 705 or may participate in generated and encrypting the update packages 715. …”); 
performing diagnostic and maintenance functions at the first device (para [0089], “… These functions can include performing diagnostics, updating firmware images, collecting log and other data from the vehicle, etc.”); and 
exporting data from the first device to the SMD for mobile transfer to another platform (para [0090], “… the tool 725 may communicate with a vehicle 100 and receive a vehicle identification. …”).
Wang does not appear to explicitly disclose receiving, at the SMD, digitally signed first data from the first device; However, this is taught in analogous art, EDWARDS (e.g., [0069] “… In response to receiving the digitally signed data packet from the mobile device 120…” wherein the mobile device reads on the first device, and the service provider reads on the SMD).
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the invention of Wang with the invention of EDWARDS because it solves disadvantages of known authentication techniques as suggested by EDWARDS (see [0004).

With respect to claim 2, Wang also discloses wherein the first device is a CPS device (Fig. 7, wherein the vehicle is a CPS device).

With respect to claim 3, Wang also discloses further comprising encrypting and/or decrypting commands between the SMD and the first device by using 68Attorney Docket No.: 194-0239-01 000 / H214969 existing network transport mechanism with a network protocol extension to network protocol TCP/IP (Fig. 8, step 825 teaches encryption, Fig. 9, step 920 teaches decryption. para [0027] teaches TCP/IP protocol for communication. para [0103] “… These wired or wireless links can also be secure links and may be capable of communicating encrypted information… ” these links read on network protocol extension).

With respect to claim 4, Wang also discloses wherein the SMD performs a diagnostic test on the first device (para [0089], “… These functions can include performing diagnostics, updating firmware images, collecting log and other data from the vehicle, etc.”).

With respect to claim 5, Wang also discloses further comprising creating one or more security domains that are isolated using different levels of security from each other, and enabling for support of third-party diagnostics and maintenance software (para [0058], “The subsystem 350 can also optionally contain a security module (not shown). This security module can contain information regarding but not limited to, security parameters required to connect the device to one or more other devices or other available network(s), and can include WEP or WPA/WPA-2 (optionally+AES and/or TKIP) security access keys, network keys, etc. …” wherein the security module creates a security domain isolated from other devices (the other devices may use a different level of security), and enabling for support of third-party diagnostics and maintenance software, see para [0089] as cited above for claim 4).

With respect to claim 6, Wang also discloses wherein the one or more security domains comprise at least one from among a user domain, a CPS domain, and/or a vendor domain (para [0058] as cited for claim 5, wherein the security domain reads on a CPS domain).

With respect to claim 7, Wang also discloses further comprising isolating the one or more security domains from each other using hardware virtualization technology (para [0027] “… Other examples of the communication network 352 include, without limitation, …, a virtual network, including without limitation a virtual private network (“VPN”); …” wherein the virtual private network creates a security domain by using hardware virtualization technology).

With respect to claim 8, it is directed to a system to implement the method disclosed in claim 1, please see the rejections directed to claim 1 above which also cover the limitations recited in claim 8. Note that, Wang teaches A system for securely maintaining, diagnosing, and updating a device while protecting the security assurance of the device, the system comprising: 
a memory storing instructions; and 
a processor executing the instructions to perform a process including (Fig. 6): 

With respect to claim 9, it recites same features as claim 2, and is rejected for the same reason.

With respect to claim 10, it recites same features as claim 3, and is rejected for the same reason.

With respect to claim 11, it recites same features as claim 4, and is rejected for the same reason.

With respect to claim 12, it recites same features as claim 5, and is rejected for the same reason.

With respect to claim 13, it recites same features as claim 6, and is rejected for the same reason.

With respect to claim 14, it recites same features as claim 7, and is rejected for the same reason.

With respect to claim 15, it is directed to A non-transitory computer-readable medium to implement the method disclosed in claim 1, please see the rejections directed to claim 1 above which also cover the limitations recited in claim 15. Note that, Wang teaches A non-transitory computer-readable medium storing instructions that, when executed by a processor, cause the processor to perform a method for securely maintaining, diagnosing, and updating a device while protecting the security assurance of the device (Fig. 6): 

With respect to claim 16, it recites same features as claim 2, and is rejected for the same reason.

With respect to claim 17, it recites same features as claim 3, and is rejected for the same reason.

With respect to claim 18, it recites same features as claim 4, and is rejected for the same reason.

With respect to claim 19, it recites same features as claim 5, and is rejected for the same reason.

With respect to claim 20, it recites same features as claim 6, and is rejected for the same reason.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. For example Sweet et al. (US 20150058619 A1) teaches systems and methods for implementing computer security.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Zengpu Wei whose telephone number is 571-270-1302. The examiner can normally be reached on Monday to Friday from 8:00AM to 5:00 PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Sam Sough, can be reached on 5712726799. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://portal.uspto.gov/external/portal. Should you have questions about access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

/Zengpu Wei/
Examiner, Art Unit 2192

/S. Sough/SPE, AU 2192/2194