Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
This final action is in response to amendment filed on 07/13/2022. In this amendment, claims 13-28 have been amended. Claims 13-28 are pending, with claims 13 and 21 being independent. 

Response to Arguments
35 U.S.C. § 112(f)
	In view of amended claims, the claims no longer invoke § 112(f) interpretation.
Claim Objections
Previous claim objections have been withdrawn in view of amended claims.
35 U.S.C. § 112(a) and 112(b) Rejections
	Previous claim rejections have been withdrawn in view of amended claims.
35 U.S.C. § 101 Rejections
Claim rejections have been withdrawn in view of amended claims.
35 U.S.C. § 103 Rejections
Applicants’ arguments have been fully considered but they are not persuasive.
In the response, applicant argues in substance that:
- 	Neither McQuillan' s description in paragraph [0048], nor any other portion of McQuillan, teaches or suggests that the "device data" includes a state machine pertaining to any particular device whose traffic is monitored by the IDS.
Examiner respectfully disagrees. Claim 13 recites each of the state machines defining communication operations of a control logic employed by a corresponding one of the plurality of devices. McQuillan teaches SCADA system's stored configuration, which includes device information describing each of the connected devices and any information relating to the devices and the device communications [communication operations] (paragraph 27). Thus, information included in SCADA system's stored configuration is corresponding to state machine.
- 	Applicant respectfully submits that Ji is silent in regard to the use of whitelists. 
The examiner respectfully disagrees. One cannot show nonobviousness by attacking references individually where the rejections are based on combinations of references. The rejection is 35 U.S.C. 103 rejection and the examiner indicates that McQuillan teaches the whitelists, not Ji.
- 	Applicant respectfully submits that there is no teaching or suggestion in either McQuillan or Ji of converting a state machine into a whitelist, as recited in independent claims 13 and 21.
The examiner respectfully disagrees. McQuillan teaches authorized communication information (e.g., a whitelist) is created from the SCADA system's stored configuration, which includes device information describing each of the connected devices and any information relating to the devices and the device communications [communication operations] (paragraph 27) and the IDS can compare the incoming device traffic to the whitelist to determine whether to allow or block the device communication (paragraph 47). In other words, McQuillan teaches obtaining device information describing each of the connected devices and any information relating to the devices and the device communications, and generating a whitelist (list for authorized communications). Thus, McQuillan teaches converting/transforming device information describing each of the connected devices and any information relating to the devices and the device communications to the whitelist.

Claim Objections
Claims 13 and 21 are objected to because of the following informalities: 
There is insufficient antecedent basis for “the state machine” for claim 13 line 14 and claim 21 line 11.
Appropriate correction is required.

Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.

Claims 13-28 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA  35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention. Limitation “extracting a plurality of state machines from the model” (in claims 13 and 21) was not described in the specification. As recited, the claims require two elements: the model and state machines which extracted from the model. The applicant indicated that the support for this amendment is in Fig. 3 and the corresponding written description of the present application. However; the corresponding written description indicates that a state machine may be referred to as a model. In other words, the application’s specification indicate that the state machine and the model are the same element whereas the claims require as two separate elements. In addition, there is no description indicate that the state machines are extracted from the model. The closest disclosure is in step 705 of Fig. 7, which discloses extract command from state transition action. Extracting state machines and extracting command are not the same.
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 13-28 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
For claims 13-20, it is not clear if the last limitation of independent claim 13 is required. In other words, claims 13-20 are whitelist generator claims; however, it is not clear if the last limitation of independent claim 13 is performed by or part of the whitelist generator. The examiner assumes that it is not required by the claim.
Similarly, for claims 21-28, it is not clear if the last limitation of independent claim 21 is required. In other words, claims 21-28 are whitelist generation method claims; however, it is not clear if whitelist generation method includes the last limitation of independent claim 21. The examiner assumes that it is not required by the claim.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claims 13-14 and 21-22 are rejected under 35 U.S.C. 103 as being unpatentable over McQuillan et al. (US 2016/0094578, published Mar. 31, 2016) and Ji et al. (US 2012/0246612, published Sep. 27, 2012).
As per claim 13, McQuillan discloses a whitelist generator (see McQuillan Fig. 1 and par. 6, a SCADA system 102 with an intrusion detection component to allow the automatic creation of a whitelist) applied to a system formed from a plurality of devices (McQuillan Fig. 1, ICS network 100 comprising SCADA system 102 and plurality of devices 104), the plurality of devices being configured to exchange data with each other (McQuillan par. 33, the device data 216 is descriptive of the devices 104 that exchange information via the network 106), and generating a whitelist corresponding to a system state in order to use for whitelisting intrusion detection (McQuillan par. 60, an IDS in a SCADA system generates a whitelist by using the SCADA system's inherent storage of all of the devices to which the SCADA system is connected; McQuillan par. 46, see example whitelist in table 1 including device state), the whitelist generator comprising: 
a processor (McQuillan Fig. 2, Processor 218); and 
a memory storing instructions (McQuillan Fig. 2, Memory 210) which, when executed by the processor, performs a process including 
receiving a model of the system (McQuillan par. 11, reading, from a memory, SCAD A configuration information [model] including ICS network configuration information and device information descriptive of each industrial control device of the plurality of industrial control devices, generating, from the SCADA configuration information, authorized communication information), and extracting a plurality of state machines from the model (McQuillan par. 27, authorized communication information (e.g., a whitelist) is created from the SCADA system's stored configuration, which includes device information describing each of the connected devices and any information relating to the devices and the device communications [state machines]), each of the state machines defining communication operations of a control logic employed by a corresponding one of the plurality of devices (McQuillan par. 27, authorized communication information (e.g., a whitelist) is created from the SCADA system's stored configuration, which includes device information describing each of the connected devices and any information relating to the devices and the device communications [state machines]), 
converting the plurality of state machines into the whitelist corresponding to the system state (McQuillan par. 27, authorized communication information (e.g., a whitelist) is created from the SCADA system's stored configuration, which includes device information describing each of the connected devices and any information relating to the devices and the device communications; see McQuillan par. 46, table 1 includes whitelist with device state), 
wherein, as the system is operating, the whitelist is compared against incoming packets in the system to detect an intrusion into the system of a cyberattack (McQuillan par. 47, the IDS can compare the incoming device traffic to the whitelist, which is built, in part, from stored device data 216. After comparing the incoming traffic to the whitelist, the IDS may authorize (e.g., where all of the information in the traffic is consistent with the whitelist) or block (e.g., where any element or elements of the information in the traffic is inconsistent with the whitelist) the device communication).  
McQuillan does not explicitly disclose:
by executing a model simulation, or by executing a formal method of mathematical verification of model accuracy, verifying for each of the plurality of state machines at least one of the following 
the state machine correctly models normal communication in the systems; and 
no logical contradiction exists in the state machine, and 
converting the plurality of state machines, having been subjected to said verification, into the whitelist.
Ji teaches:
by executing a model simulation, or by executing a formal method of mathematical verification of model accuracy, verifying for each of the plurality of state machines at least one of the following 
the state machine correctly models normal communication in the systems; and 
no logical contradiction exists in the state machine (Ji par. 10, formal methods are instituted to verify and validate the finite state machine).
It would have been obvious to one skilled in the art before the effective filing date of the claimed invention to modify the system of McQuillan with the teaching of Ji for by executing a model simulation, or by executing a formal method of mathematical verification of model accuracy, verifying for each of the plurality of state machines at least one of the following the state machine correctly models normal communication in the systems; and no logical contradiction exists in the state machine, and converting the plurality of state machines, having been subjected to said verification, into the whitelist. One of ordinary skilled in the art would have been motivated because it offers the advantage of validating state machine of the system.





As per claim 14, McQuillan as modified discloses the whitelist generator according to claim 13. McQuillan also discloses wherein the process generates the whitelist from the plurality of state machine on the basis of a state of the system (McQuillan par. 27, authorized communication information (e.g., a whitelist) is created from the SCADA system's stored configuration, which includes device information describing each of the connected devices and any information relating to the devices and the device communications; see McQuillan par. 46, table 1 includes whitelist with device state).  

Claims 21-22 are method claims corresponding to the device claims 13-14; thus claim 21-22 are analyzed and rejected accordingly.

Claims 15-16 and 23-24 are rejected under 35 U.S.C. 103 as being unpatentable over McQuillan et al. (US 2016/0094578, published Mar. 31, 2016), Ji et al. (US 2012/0246612, published Sep. 27, 2012) and Prieur et al. (US 2012/0133579, published May 31, 2012).
As per claims 15-16, McQuillan as modified discloses the whitelist generator according to claim 13. McQuillan as modified does not explicitly discloses wherein the process improves at least one of the plurality of state machines as required on the basis of a verification result obtained in relation to the at least one state machine.  
Prieur teaches:
improves at least one of the plurality of state machine as required on the basis of a verification result obtained in relation to the at least one state machine (Prieur par. 60, In response to receiving validation results, a developer or other user may perform one or more actions, such as modifying a state machine).
It would have been obvious to one skilled in the art before the effective filing date of the claimed invention to further modify the system of McQuillan with the teaching of Prieur for improving at least one of the plurality of state machines as required on the basis of a verification result obtained in relation to the at least one state machine. One of ordinary skilled in the art would have been motivated because it offers the advantage of resolving issue associated with the state machine.

Claims 23-24 are method claims corresponding to the device claims 15-16; thus claims 23-24 are analyzed and rejected accordingly.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
US 20030172291 A1; Systems And Methods For Automated Whitelisting In Monitored Communications
Systems and methods for automated whitelist generation based on outbound traffic associated with electronic communications transmitted over a communications network.
US 20090288152 A1; Automatic Population Of An Access Control List To Manage Femto Cell Coverage
System(s) and method(s) provide access management to femto cell service through access control list(s) (e.g., white list(s)). White list(s) includes a set of subscriber station(s) identifier numbers, codes, or tokens, and also can include additional fields for femto cell access management based on desired complexity.
US 20140313975 A1; White Listing For Binding In Ad-Hoc Mesh Networks
Techniques are disclosed for specifying and enforcing connections in a network. Embodiments generally include a network device that maintains a data structure that identifies preferred nodes. The data structure includes entries associated with preferred nodes. Connections are established and enforced based on the entries of the data structure.

THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KHANG DO whose telephone number is (571)270-7837. The examiner can normally be reached Monday-Friday 8:00 - 5:00 EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, SALEH NAJJAR can be reached on (571)272-4006. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/KHANG DO/Primary Examiner, Art Unit 2492