Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Detailed Action
1.	The office action is in response to the amended communication filed 10/03/2022.

Claim Status
2.	Claims 4-5, 11, and 13 have been currently amended. Newly added claims 16-19 have been entered.

Response to Arguments
3.	The applicant’s arguments filed 10/03/2022 have been considered, but are not persuasive.
A.	In response to the applicant’s argument (disclosed in pg. 3-5 of the remarks segment) that Diamant fails to teach or suggest the processor is configured to re-execute the boot program code while the operating system is being executed in order to cryptographically encrypt data upon the basis of the cryptographic keys stored in the second memory area:
Using the broadest reasonable interpretation of “re-execute the boot program code while the operating system is being executed,” the examiner maintains that it would be required for the apparatus of Diamant to re-execute boot program code when performing the system reinitialization (disclosed in the Abstract of Diamant) because the boot program code or BIOS is automatically re-initialized upon restart or reinitialization. The applicant’s claim language doesn’t explicitly require the operation system to remain up and running during the re-execution of the boot program code (as the applicant claims and referenced regarding par [0011] of the applicant’s specification). The applicant’s specification and claim language do not explicitly disclose that the OS remains up and running during the re-execution of the boot program code and only require the re-execution of the boot program code is performed/started/initialized while the operating system is being executed, but does not disclose the OS is active or remains active during the completion of the execution of the boot program code, as it would be obvious that the operating system would still be running, initially, when the system reinitialization (disclosed by Diamant) and re-execution of the boot program code/BIOS has begun. 
The examiner suggests amending the claim language to specify that the operating system remains in execution during the entire duration of the re-execution of the boot program code.
Regarding the applicant’s statement that the encryption key disclosed by Diamant only discloses a decryption and not encryption of data, see col. 1, lines 60-67 of Diamant, which discloses using the encryption key to also encrypt a software image and col. 7, lines 60-62, which also discloses the encryption key being implemented to also encrypt data. The limitation of “cryptographically encrypt data upon the basis of the cryptographic keys stored in the second memory area” is also broadly implemented and does not specifically disclosed how the re-execution of the boot program code while the OS is being executed facilitates for said data encryption upon the basis of the cryptographic keys.

B.	In response to the applicant’s argument (disclosed in pg. 5-6 of the remarks segment) that Laffy teaches away from wherein the second memory area is only accessible to the boot program code, when the boot program code is executed by the processor:
	 The examiner maintains that the non-volatile memory (which is known to one of ordinary skill in the art as memory implemented to retain data after reboot) storing trusted boot code (as disclosed in par [0014-0015] of Laffy) is obvious in light of wherein the second memory area is only accessible to the boot program code because the non-volatile memory taught by Laffy is implemented for only storing said trusted boot code and implemented for protection of said trusted boot code and other code portions, during initialization and execution of the OS (as disclosed in par [0010], lines 1-5 of Laffy). 

C.	In response to the applicant’s argument (disclosed in pg. 6-7 of the remarks segment) that Hesse fails to teach wherein the processor is configured to terminate execution of the boot program code while the operating system is being executed by the processor:
Neither the applicant’s specification nor the claim language explicitly requires the operating system to remain in an execution state after termination of execution of the boot program code. The limitation requires the operating system to be in an execution state/running when the termination of the execution of the boot program code has been initiated, but doesn’t further disclose what extent the OS is being executed upon the processor being configured to terminate the boot program code. The examiner maintains that it is obvious that the stoppage of execution in the event that an unauthorized code change has been detected (as disclosed in par [0006] and [0008] of Hesse) is obvious in light of the claimed termination of execution of the boot program code while the operating system is being executed by the processor because the applicant’s claim language doesn’t explicitly require the operating system to remain in execution for the duration of the execution the boot operation code, only that the OS in execution when the determination of terminating execution of the boot program code initiated.
The examiner suggests amending the claim language to specify that the operating system remains in execution by the processor during the entire duration of the termination of execution the boot program code.


Claim Rejections – 35 USC 101
4.	35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

5.	Claims 1-19 are rejected under 35 U.S.C. 101 because the claimed processor system is drawn to software, per se, because (as disclosed in par [0048] of the applicant’s specification) the invention can be implemented in software. The applicant’s specification also doesn’t disclose that the claimed processor or memory areas are drawn to physical structure or hardware. Although newly added claim 16 and other dependent claims disclose that the claimed memory areas are located in the same physical memory of the processor system, the actual physical memory is not explicitly being claimed, that claim language rather discloses that they claimed memory areas may be located in physical memory. The applicant’s claim language and specification also doesn’t disclose that the claimed processor is drawn to physical structure, such as hardware or a physical device.


Claim Rejections – 35 USC 103
4.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office Action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


5.	Claims 1-19 are rejected under 35 USC 103 as being unpatentable over Diamant et al (US 10,303,621) in view of Laffey (WO 2017/188976), further in view of Hesse (EP 3,509,003).

With respect to claim 1, Diamant et al teaches a processor system being operable by an operating system (fig. 1, ‘100), the processor system comprising: 
a processor (fig. 1, ‘102); 
a first memory area being configured to store a boot program code (fig. 1, ‘130/’132 & col. 3, lines 37-38, “The boot ROM may be pre-configured to store boot code”), the boot program code being configured to start execution of the operating system when executed by the processor (fig. 1, ‘132, “boot code” & col. 6, lines 64-67, “CPU core initiates a boot of an OS”), the boot program code being further configured for performing a cryptographic operation when the boot program code is executed by the processor (col. 3, lines 63-64, “The boot code, or other code that performs the decryption”); 
a second memory area being configured to store one or more cryptographic keys (fig. 1, ‘140, which discloses a non-volatile memory storing encryption keys); 
a third memory area being configured to store the operating system when executed by the processor (fig. 1, ‘150, which discloses and additional non-volatile memory storing a software image & col. 3, lines 44-48, which discloses the software image being implemented to store an OS); 
wherein the processor is configured to retrieve the boot program code from the first memory area (col. 6, lines 64-67, “the BIOS code may execute to perform a system initialization”), and to execute the boot program code in order to start execution of the operating system (fig. 1 & col. 9, lines 4-5, “initiates a boot of an operating system”), and
wherein the processor is configured to re-execute the boot program code while the operating system is being executed (Abstract, col. 6, lines 64-67, fig. 1, col. 9, lines 4-5, which disclose reinitialization of the system, which would cause re-execution of the boot code, stored in the Boot ROM) in order to cryptographically encrypt data upon the basis of the cryptographic keys stored in the second memory area (Abstract, “The secret value can’t again be accesses until the system is reinitialized, but the address transactions are modified during each system initialization so that the secret value is only usable for its intended purpose during the initialization process,” fig. 1, ‘140-‘142, col. 1, lines 60-67, col. 3, lines 37-43, and col. 7, lines 60-62, which disclose that the encryption key stored in NVM ‘140, could be utilized to encrypt the stored software image used to stores the OS).
Diamant et al does not explicitly teach wherein the second memory area is only accessible to the boot program code, when the boot program code is executed by the processor.
However, Laffey further teaches wherein the second memory area is only accessible to the boot program code, when the boot program code is executed by the processor (par [0010], lines 3-7, which discloses the boot code being implemented to protect content from unauthorized entities and par [0014], which discloses locking NVM regions to where only trusted boot code can access the NVM).
It would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention to combine the protected code execution system of Laffey within the teachings of Diamant et al, in order to provide the improvement upon protecting secure data during device BIOS by implementing disabling any updates to a particular memory region storing boot code (as disclosed by Laffey) which would allow the disclosure Diamant to ensure unauthorized access to boot code until any particular fraudulent access has been confirmed neutralized.
Diamant et al and Laffey do not explicitly teach wherein the processor is configured to terminate execution of the boot program code while the operating system is being executed by the processor.
Hesse further teaches wherein the processor is configured to terminate execution of the boot program code while the operating system is being executed by the processor (par [0006], lines 1-4 and par [0008], lines 7-9, which discloses stopping execution of boot code upon determining unauthorized code changes).
It would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention to combine the embodiment of Hesse within the teachings of Diamant et al and Laffey, in order to provide the improvement upon protecting secure data by implementing complete halt of execution upon detecting unauthorized boot code changes (as taught by Hesse) which further guarantees that the unauthorized code changes will not affect a particular OS by eliminating the particular untrusted code from reaching the system post-BIOS.
With respect to claim 2, Diamant et al, Laffey, and Hesse teach the limitations of claim 1.
Diamant et al further teaches wherein the processor is configured to perform an encryption and/or a decryption operation as the cryptographic operation when the boot program code is executed by the processor (col. 3, lines 37-51, “decrypt the encrypted software image”).
With respect to claim 3, Diamant et al, Laffey, and Hesse teach the limitations of claim 1.
Diamant et al does not explicitly teach wherein the processor is configured to re-activate the boot program code in the first memory area in order to re-execute the boot program code.
However, Laffey further teaches wherein the processor is configured to re-activate the boot program code in the first memory area in order to re-execute the boot program code (par [0031], lines 9-10, “in response to the reset”).
It would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention to combine the protected code execution system of Laffey within the teachings of Diamant et al according to the motivation previously addressed regarding claim 1.
 
With respect to claim 4, Diamant et al, Laffey, and Hesse teach the limitations of claim 1.
Diamant et al further teaches wherein at least two memory areas of the first, second and third memory areas are arranged in different physical memories of the processor system (fig. 3, ‘130, ‘140, and ‘150).

With respect to claim 5, Diamant et al, Laffey, and Hesse teach the limitations of claim 1.
Diamant et al further teaches wherein the processor is configured to grant access to the cryptographic keys in the second memory area only to the boot program code located in the first memory area when the boot program code is being executed (Abstract, col. 6, lines 63-67, col. 4, lines 1-3, & fig. 3, ‘140, “authorized use of the encryption key”).

With respect to claim 6, Diamant et al, Laffey, and Hesse teach the limitations of claim 1.
Diamant et al further teaches wherein the operating system stored in the third memory area is prohibited or does not have an access right to access to the cryptographic keys in the second memory area when executed by the processor (Abstract & fig. 1, ‘130-‘150, fig. 3-4, “prevent unauthorized access”).

With respect to claim 7, Diamant et al, Laffey, and Hesse teach the limitations of claim 1.
Diamant et al further teaches wherein the operating system is stored encrypted in the third memory area, and wherein the boot program code is configured to use the cryptographic keys stored in the second memory area for decrypting the operating system before execution (col. 3, lines 57-65, “decryption process”).

With respect to claim 8, Diamant et al, Laffey, and Hesse teach the limitations of claim 1.
Diamant et al doesn’t explicitly teach wherein a first hash value of the operating system is stored in the first or in the second memory area, wherein the boot program code is configured, when executed by the processor, to calculate a second hash value of the operating system, to compares the first hash value with the second hash value, and wherein the processor is configured to execute the operating system only if the first hash value equals to the second hash value.
However, Laffey further teaches wherein the processor is configured to execute the operating system only if the first hash value equals to the second hash value (par [0036], lines 10-12, “hash values match”).
It would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention to combine the protected code execution system of Laffey within the teachings of Diamant et al according to the motivation previously addressed regarding claim 1.
Diamant et al and Laffey do not explicitly teach wherein a first hash value of the operating system is stored in the first or in the second memory area, wherein the boot program code is configured, when executed by the processor, to calculate a second hash value of the operating system, to compares the first hash value with the second hash value.
However, Hesse further teaches wherein a first hash value of the operating system is stored in the first or in the second memory area (par [0007-0008], which discloses storing hashed content in RAM), wherein the boot program code is configured, when executed by the processor, to calculate a second hash value of the operating system, to compares the first hash value with the second hash value (par [0007-0008], “hash calculation”).
It would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention to combine the embodiment of Hesse within the teachings of Diamant et al and Laffey according to the motivation disclosed regarding claim 1.

Regarding claim 9, Diamant et al and Laffey do not explicitly teach wherein the first hash value is encrypted and wherein the boot program code is configured to decrypt the first hash value before comparing the first hash value with the second hash value using the cryptographic keys stored in the second memory area.
However, Hesse further teaches wherein the first hash value is encrypted (par [0007-0008], which discloses storing hashed content in RAM), and wherein the boot program code is configured to decrypt the first hash value before comparing the first hash value with the second hash value using the cryptographic keys stored in the second memory area (par [0008], “decrypt the reference hash”).
It would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention to combine the embodiment of Hesse within the teachings of Diamant et al and Laffey according to the motivation disclosed regarding claim 1.
With respect to claim 10, Diamant et al, Laffey, and Hesse teach the limitations of claim 1.
Diamant et al doesn’t explicitly teach wherein the boot program code is split up in a first level boot program code and a second level boot program code, wherein the first level boot program code is configured to decrypt the second level boot program code using the cryptographic keys stored in the second memory area.
However, Laffey further teaches wherein the boot program code is split up in a first level boot program code (par [0014], “lower level code”) and a second level boot program code (par [0014], “higher level code”), wherein the first level boot program code is configured to decrypt the second level boot program code using the cryptographic keys stored in the second memory area (par [0036], lines 10-12, “decrypt the digital signature”).
It would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention to combine the protected code execution system of Laffey within the teachings of Diamant et al according to the motivation previously addressed regarding claim 1.

With respect to claim 11, Diamant et al, Laffey, and Hesse teach the limitations of claim 1.
Diamant et al doesn’t explicitly teach wherein the first and second level boot program codes are stored in different memory areas, in particular in different isolated memory areas.
However, Laffey further teaches wherein the first and second level boot program codes are stored in different memory areas (fig. 5-6, “first region” ….”second region”).
It would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention to combine the protected code execution system of Laffey within the teachings of Diamant et al according to the motivation previously addressed regarding claim 1.

With respect to claim 12, Diamant et al, Laffey, and Hesse teach the limitations of claim 1.
Diamant et al doesn’t explicitly teach wherein the memory areas are isolated from each other by a physical memory protection.
However, Laffey further teaches wherein the memory areas are isolated from each other by a physical memory protection (pg. 17, lines 2-12, “protected code”).
It would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention to combine the protected code execution system of Laffey within the teachings of Diamant et al according to the motivation previously addressed regarding claim 1.

With respect to claim 13, Diamant et al, Laffey, and Hesse teach the limitations of claim 1.
Diamant et al further teaches an application programming interface for triggering the execution of the boot program code (col. 1, lines 64-67 & col. 2, lines 1-5, and col. 3, lines 44-47, “boot code that executed after the boot code completes”).

With respect to claim 14, Diamant et al, Laffey, and Hesse teach the limitations of claim 1.
Diamant et al further teaches wherein the operating system is configured to implement an application when executed by the processor (fig. 1) and wherein the application is configured to trigger execution of the boot program code via the application programming interface (fig. 1, ‘132).
With respect to claim 15, Diamant et al, Laffey, and Hesse teach the limitations of claim 1.
Diamant et al further teaches wherein the processor is configured to execute the operating system (fig. 1).
With respect to claim 16, Diamant et al, Laffey, and Hesse teach the limitations of claim 1.
Diamant et al further teaches wherein the first, the second and the third memory areas are located in the same physical memory of the processor system (fig. 1).

With respect to claim 17, Diamant et al, Laffey, and Hesse teach the limitations of claim 1.
Diamant et al further teaches wherein the processor is configured to grant access to the cryptographic keys in the second memory area only (Abstract, col. 6, lines 63-67, col. 4, lines 1-3, & fig. 3, ‘140, “authorized use of the encryption key”).

With respect to claim 18, Diamant et al, Laffey, and Hesse teach the limitations of claim 10.
Diamant et al further teaches wherein the first and second level boot program codes are stored in different isolated memory areas (fig. 2-3).

With respect to claim 19, Diamant et al, Laffey, and Hesse teach the limitations of claim 1.
Diamant et al further teaches an application programming interface that triggers the execution of the boot program code for performing a cryptographic encryption (fig. 1, ‘152) and decryption operation (fig. 1, ‘220).

Conclusion
Applicant's amendment necessitated the new grounds of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Randy A. Scott whose telephone number is (571) 272-3797. The examiner can normally be reached on Monday-Thursday 7:30 am-5:00 pm, second Fridays 7:30 am-4pm.
If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Luu Pham can be reached on (571) 270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/RANDY A SCOTT/Primary Examiner, Art Unit 2439                                                                                                                                                                                                        20221018