Detailed Action
This is a final Office action in response to communications received on 7/12/2022.  Claim 1 was amended. Claims 1-24 are pending and are examined.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
Applicant’s amendments, filed 7/12/2022, to claim 1 correcting the punctuation of the claim is sufficient to overcome the objection to the aforementioned claim.  Accordingly, the objection to claim 1, as filed in (5) of the Non-Final Office action filed 4/12/2022, is withdrawn.  
Applicant’s arguments regarding the rejection under 35 U.S.C. 102 of the claims under Su and under 35 U.S.C. 103 of the claims under Su and Britt have been considered, and are found unpersuasive.
Applicant argues on pages 7-9 of the Remarks, filed 7/12/2022, the cited prior art fail to teach or suggest "store the received update in a secure array of the memory" or "store the hash of the received signature in a dedicated register of the memory” because “Su teaches a data processing system that is clearly a sending device that provides a digital signature and transmits a session identifier and firmware update to a vehicle. In contrast, Applicant's claims 1, 12, and 17 are directed to a device that receives an update and receives a hash of a signature” and because “Su merely appears to teach that the digital signature is stored in a block of a blockchain”. However, Examiner respectfully disagrees. Su teaches in Col. 2, Lines 6-7 that he data processing system can transfer the firmware update file to the vehicle (i.e. secure array of the memory). Fig. 1 of Su also shows the vehicle interface system containing a vehicle data repository (i.e. secure array of the memory) where information sent to the vehicle would be stored. Examiner interprets the vehicle, including the vehicle interface system, as well as the corresponding blockchain system to be a part of the total functioning system of Su which corresponds to Applicant’s apparatus of the claims. Additionally, Applicant argues that the digital signature stored in the blockchain which does not correspond to the claimed dedicated register. Techtarget.com defines a register (processor register, CPU register) as “one of a small set of data holding places that are part of the computer processor”. Because the register claimed is part of the memory associated with the circuitry (i.e. computer processor) and not integrated as part of the circuitry, Examiner interprets this as not holding to this specific definition of a register and rather as a term referring more broadly to a storage location of the claimed memory. As a part of submitting the digital signature to the blockchain the system stores the digital signature in an immutable blockchain transaction (Su; Col. 1, Lines 39-42) (i.e. store the hash of the received signature in a dedicated register of the memory).
The remaining arguments fail to comply with 37 C.F.R. 1.111(b) because they amount to a general allegation that the claims define a patentable invention without specifically pointing out how the language of the claims patentably distinguishes them from the references. 
Consequently, the rejection of the claims under 35 U.S.C. 102 and 35 U.S.C. 103 is sustained.

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 1-2, 4-6, 10-15 and 17-18 is/are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Su (US 10447483 B1).
 Regarding claim 1, Su teaches the limitations of claim 1 substantially as follows:
An apparatus, comprising: a memory; and circuitry associated with the memory, the circuitry configured to: (Su; Col. 1, Lines 52-55: The data processing system can include one or more processors and memory)
monitor the memory for receipt of over-the-air updates; (Su. Col. 1, Lines 42-45; Col. 2, Lines 8-10: Receipt of the firmware update file by the vehicle (i.e. monitor the memory for receipt of over-the-air updates) can cause the vehicle to verify the firmware update file prior to installation)
receive an update and a hash of a signature transmitted together with the received update  (Su; Col. 1, Lines 39-45; Col. 1, Line 67 – Col. 2, Line 7: The data processing system can generate a digital signature based on a combination of the session identifier and a first hash value (i.e. hash of a signature) generated via application of a hash function to the firmware update file which is transmitted to the vehicle (i.e. transmitted together with the received update))
store the received update in a secure array of the memory; (Su; Col. 2, Lines 6-7: The data processing system can transfer the firmware update file to the vehicle (i.e. secure array of the memory))
store the hash of the received signature in a dedicated register of the memory; (Su; Col. 1, Lines 39-42; Col. 2, Lines 3-5: Provide, for storage in a block at the blockchain address (i.e. dedicated register of the memory), the digital signature containing the hash (i.e. hash of the received signature))
receive an indication that the received update is authentic, (Su; Col. 2, Lines 10-11: The vehicle can verify the firmware update file based on a comparison (i.e. indication that the received update is authentic))
wherein the indication includes a hash of an expected signature; and (Su; Col. 2, Lines 10-16: A comparison is made between the received signature and second hash value generated by a hash function (i.e. hash of an expected signature))
take an action in response to the indication that the received update is authentic. (Su; Col. 2, Lines 8-16: Verify the firmware update file prior to installation (i.e. take action in response to the indication))

Regarding claim 2, Su teaches the limitations of claim 1.
Su teaches the limitations of claim 2 as follows:
The apparatus of claim 1, wherein the circuitry is configured to generate the hash of the expected signature in response to a signal received by the memory from a host to execute the received update.   (Su Col. 2, Lines 8-16: Receipt of the firmware update file by the vehicle can cause the vehicle to verify the firmware update file prior to installation (i.e. in response to a signal received by the memory from a host to execute the received update), wherein the verification is based on a comparison of the digital signature retrieved to a generated hash value (i.e. generate the hash of the expected signature))

Regarding claim 4, Su teaches the limitations of claim 1.
Su teaches the limitations of claim 4 as follows:
The apparatus of claim 1, wherein the circuitry is further configured to: 
generate, in response to receiving a signal, the hash of the expected signature; and (Su Col. 2, Lines 8-16: Receipt of the firmware update file by the vehicle can cause the vehicle to verify the firmware update file prior to installation (i.e. in response to receiving a signal), wherein the verification is based on a comparison of the digital signature retrieved to a generated hash value (i.e. generate the hash of the expected signature))
compare, in response to receiving the signal, the hash of the expected signature to the hash of the received signature as part of an operation to check the validity of the received update.  (Su; Col. 2, Lines 10-16: A comparison is made between the received signature and second hash value generated by a hash function (i.e. comparison between the received signature and a hash of the expected signature))

Regarding claim 5, Su teaches the limitations of claim 4.
Su teaches the limitations of claim 5 as follows:
The apparatus of claim 4, wherein the hash of the received signature and the hash of the expected signature are different when the update is determined to be invalid.  (Su; Col. 20, Lines 3-6: If, however, the firmware is not verified at block, then the vehicle can proceed via ACT to send a second or subsequent update request to the data processing system to redo the over-the-air firmware update (i.e. indicates that the update is not valid))

Regarding claim 6, Su teaches the limitations of claim 4.
Su teaches the limitations of claim 6 as follows:
The apparatus of claim 4, wherein the hash of the received signature and the hash of the expected signature are the same when the update is authentic.  (Su; Col. 2, Lines 10-11: The vehicle can verify the firmware update file based on a comparison (i.e. the update is authentic))

Regarding claim 10, Su teaches the limitations of claim 1.
Su teaches the limitations of claim 10 as follows:
The apparatus of claim 1, wherein the action is to copy the received update from the secure array to a non-secure portion of the memory where the received update is accessible to a device monitored by a host.  (Su; Col. 4, Lines 66-67; Col. 8, Lines 50-53: Install the firmware update (i.e. copy the received update from the secure array to a non-secure portion of the memory) to the vehicle data repository (i.e. update is accessible to a device) upon verification through comparison)

Regarding claim 11, Su teaches the limitations of claim 1.
Su teaches the limitations of claim 11 as follows:
The apparatus of claim 1, wherein the action is to copy the received update from the secure array to a different portion of the secure array of the memory where the received update is accessible to a device monitored by a host.  (Su; Col. 4, Lines 66-67; Col. 8, Lines 50-53: Install the firmware update (i.e. copy the received update from the secure array to a different portion of the secure array of the memory) to the vehicle data repository (i.e. update is accessible to a device) upon verification through comparison)

Regarding claim 12, Su teaches the limitations of claim 12 substantially as follows:
An apparatus, comprising: a memory associated with a host; and circuitry associated with the memory, the circuitry configured to: (Su; Col. 1, Lines 52-55: The data processing system can include one or more processors and memory)
receive an update associated with the host, (Su. Col. 1, Lines 42-45; Col. 2, Lines 8-10: Receipt of the firmware update file by the vehicle from a server (i.e. update associated with the host) can cause the vehicle to verify the firmware update file prior to installation)
receive a signature transmitted together with the update; (Su; Col. 1, Lines 39-45; Col. 1, Line 67 – Col. 2, Line 7: The data processing system can generate a digital signature based on a combination of the session identifier and a first hash value (i.e. a signature) generated via application of a hash function to the firmware update file which is transmitted to the vehicle (i.e. transmitted together with the update))
store the update in a secure array of the memory; (Su; Col. 2, Lines 6-7: The data processing system can transfer the firmware update file to the vehicle (i.e. secure array of the memory))
store the signature in a register of the memory, (Su; Col. 2, Lines 3-5: Provide, for storage in a block at the blockchain address (i.e. dedicated register of the memory), the digital signature containing the hash (i.e. hash of the received signature))
wherein the received signature includes a freshness value indicating that the update is associated with the host; (Su; Col. 1, Line 67 – Col. 2, Line 3; Col. 2, Lines 10-16: The signature is generated using a session identifier (i.e. freshness value) which is used to verify the firmware update (i.e. indicating that the update is associated with the host))
determine whether the update is valid based on a comparison between the received signature and an expected signature, (Su; Col. 2, Lines 10-16: A comparison is made between the received signature and second hash value generated by a hash function (i.e. comparison between the received signature and an expected signature))
wherein a difference between the received signature and the expected signature indicates that the update is invalid; and (Su; Col. 20, Lines 3-6: If, however, the firmware is not verified at block, then the vehicle can proceed via ACT to send a second or subsequent update request to the data processing system to redo the over-the-air firmware update (i.e. indicates that the update is not valid))
copy the update from the secure array to a non-secure portion of the memory in response to the determination that the received signature and the expected signature are the same. (Su; Col. 4, Lines 66-67; Col. 8, Lines 50-53: Install the firmware update to the vehicle data repository (i.e. non-secure portion of the memory) upon verification through comparison (i.e. determination that the received signature and the expected signature are the same))

Regarding claim 13, Su teaches the limitations of claim 12.
Su teaches the limitations of claim 13 as follows:
The apparatus of claim 12, wherein the memory validates the update for a device managed by the host.  (Su; Col. 2, Lines 10-16: A comparison is made between the received signature and second hash value generated by a hash function (i.e. validates the update))

Regarding claim 14, Su teaches the limitations of claim 13.
Su teaches the limitations of claim 14 as follows:
The apparatus of claim 13, wherein the device accesses the validated update when the update is copied from the secure array to the non-secure portion of the memory.  (Su; Col. 4, Lines 66-67; Col. 8, Lines 50-53: Install the firmware update to the vehicle data repository (i.e. non-secure portion of the memory) upon verification through comparison)

Regarding claim 15, Su teaches the limitations of claim 12.
Su teaches the limitations of claim 15 as follows:
The apparatus of claim 12, wherein the update is received over-the-air from the host in response to the host transmitting the update for multiple devices managed by the host.  (Su; Col. 3, Lines 35-36 & 42-45: over-the-air updates provided to remote vehicles (i.e. multiple devices managed by the host))

Regarding claim 17, Su teaches the limitations of claim 17 substantially as follows:
A system, comprising: a host; a memory device associated with the host; and circuitry configured to: (Su; Col. 1, Lines 52-55: The data processing system can include one or more processors and memory)
receive, from the host, a signature and an update corresponding to the signature, wherein: the signature is transmitted together with the update; and (Su; Col. 1, Lines 39-45; Col. 1, Line 67 – Col. 2, Line 7: The data processing system can generate a digital signature based on a combination of the session identifier and a first hash value (i.e. a signature) generated via application of a hash function to the firmware update file which is transmitted to the vehicle (i.e. transmitted together with the update))
the update is for a device monitored by the host; (Su. Col. 1, Lines 42-45; Col. 2, Lines 8-10: Receipt of the firmware update file by the vehicle (i.e. device monitored by the host) can cause the vehicle to verify the firmware update file prior to installation)
store the update in a secure array of the memory device; (Su; Col. 2, Lines 6-7: The data processing system can transfer the firmware update file to the vehicle (i.e. secure array of the memory))
store the received signature in a signature register of the memory device; (Su; Col. 2, Lines 3-5: Provide, for storage in a block at the blockchain address (i.e. signature register of the memory), the digital signature containing the hash)
generate an expected signature to verify the update, (Su; Col. 2, Lines 10-16: A comparison is made between the received signature and second hash value generated by a hash function (i.e. expected signature to verify the update))
wherein the update is verified when the expected signature and the received signature are the same; and (Su; Col. 2, Lines 10-16: A comparison is made between the received signature and second hash value generated by a hash function (i.e. comparison between the received signature and an expected signature))
copy the update to a non-secure portion of the memory device when the update is verified. (Su; Col. 4, Lines 66-67; Col. 8, Lines 50-53: Install the firmware update to the vehicle data repository (i.e. non-secure portion of the memory) upon verification through comparison (i.e. determination that the received signature and the expected signature are the same))

Regarding claim 18, Su teaches the limitations of claim 17.
Su teaches the limitations of claim 17 as follows:
The system of claim 17, wherein the circuitry is further configured to: receive a command from the host to read the signature; and generate the expected signature, wherein the expected signature is a hash of the secure array that is storing the update associated with the received signature.  (Su Col. 2, Lines 8-16: Receipt of the firmware update file by the vehicle can cause (i.e. command from the host to read a signature) the vehicle to verify the firmware update file prior to installation (i.e. in response to receiving a signal), wherein the verification is based on a comparison of the digital signature retrieved to a generated hash value which is a hash of the update (i.e. hash of the secure array that is storing the update))

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 3, 7-9, 16 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Su (US 10447483 B1), as applied to claims 1, 12 and 17, further in view of Britt (US 2017/0171314 A1).
 Regarding claim 3, Su teaches the limitations of claim 1.
Su does not teach the limitations of claim 3 as follows:
The apparatus of claim 1, wherein the update includes instructions to configure an internet of things (IoT) device monitored by a host associated with the memory.  
However, in the same field of endeavor, Britt discloses the limitations of claim 3 as follows:
The apparatus of claim 1, wherein the update includes instructions to configure an internet of things (IoT) device monitored by a host associated with the memory.  (Britt; Paras. [0037] & [0059]: Update the program code of IoT devices configured for IoT services)
Britt is combinable with Su because all are from the same field of endeavor of monitoring and management of authenticated device updates. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified system of Su to incorporate the Internet of Things configured device and validity time period as in Britt in order to expand the functionality of the system to incorporate updates for Internet of Things devices and improve the security of the system by proving a window of time within which the authentication key is valid.

Regarding claim 7, Su teaches the limitations of claim 1.
Su does not teach the limitations of claim 7 as follows:
The apparatus of claim 1, wherein the memory is associated with a host, and the host manages an internet of things (IoT) device 
However, in the same field of endeavor, Britt discloses the limitations of claim 7 as follows:
The apparatus of claim 1, wherein the memory is associated with a host, and the host manages an internet of things (IoT) device (Britt; Para. [0059]: The organization running the IoT service (i.e. host) provides the IoT hub and IoT hardware with software (i.e. manages an internet of things device))
Britt is combinable with Su because all are from the same field of endeavor of monitoring and management of authenticated device updates. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified system of Su to incorporate the Internet of Things configured device and validity time period as in Britt in order to expand the functionality of the system to incorporate updates for Internet of Things devices and improve the security of the system by proving a window of time within which the authentication key is valid.

Regarding claim 8, Su and Britt teach the limitations of claim 7.
Su and Britt teach the limitations of claim 8 as follows:
The apparatus of claim 7 wherein the received update is transmitted over-the-air to the memory from the host.  (Su. Col. 1, Lines 42-45; Col. 2, Lines 8-10: Receipt of the firmware update file using an over the air update process by the vehicle from a server (i.e. over-the-air to the memory from the host))
The same motivation to combine as in claim 7 is applicable to the instant claim.

Regarding claim 9, Su and Britt teach the limitations of claim 7.
Su and Britt teach the limitations of claim 9 as follows:
The apparatus of claim 7, wherein the memory provides the received update to the IoT device when the received update is determined, by the memory, to be valid. (Britt; Para. [0096]: The IoT device and/or mobile device periodically check to determine whether a connection has been established. If a connection is established, the updates are transferred to the IoT device and installed (i.e. provides the received update to the IoT device when the received update is determined to be valid))
The same motivation to combine as in claim 7 is applicable to the instant claim.

Regarding claim 16, Su teaches the limitations of claim 12.
Su does not teach the limitations of claim 16 as follows:
The apparatus of claim 12, wherein the circuitry is further configured to provide the freshness value to the host when the host generates the received signature associated with the update.  
However, in the same field of endeavor, Britt discloses the limitations of claim 3 as follows:
The apparatus of claim 12, wherein the circuitry is further configured to provide the freshness value to the host when the host generates the received signature associated with the update.  (Britt; Para. [0134]: The session keys (i.e. signature) is valid for a specified period of time (i.e. freshness value) which indicates a valid session between the IoT device and the IoT service)
Britt is combinable with Su because all are from the same field of endeavor of monitoring and management of authenticated device updates. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified system of Su to incorporate the Internet of Things configured device and validity time period as in Britt in order to expand the functionality of the system to incorporate updates for Internet of Things devices and improve the security of the system by proving a window of time within which the authentication key is valid.

Regarding claim 19, Su teaches the limitations of claim 17.
Su does not teach the limitations of claim 19 as follows:
The system of claim 17, wherein the device monitored by the host is an internet of things (IoT) sensor.  
However, in the same field of endeavor, Britt discloses the limitations of claim 3 as follows:
The system of claim 17, wherein the device monitored by the host is an internet of things (IoT) sensor.  (Britt; Para. [0059]: Update the program code of IoT devices for IoT services)
Britt is combinable with Su because all are from the same field of endeavor of monitoring and management of authenticated device updates. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified system of Su to incorporate the Internet of Things configured device and validity time period as in Britt in order to expand the functionality of the system to incorporate updates for Internet of Things devices and improve the security of the system by proving a window of time within which the authentication key is valid.

Claims 20-24 are rejected under 35 U.S.C. 103 as being unpatentable over Su (US 10447483 B1), further in view of Britt (US 2017/0171314 A1).
Regarding claim 20, Su teaches the limitations of claim 20 substantially as follows:
A method, comprising: 
receiving, by a memory device, a signature and an update from a host, wherein the update corresponds to the signatur(Su; Col. 1, Lines 39-45; Col. 1, Line 67 – Col. 2, Line 7: The data processing system can generate a digital signature based on a combination of the session identifier and a first hash value (i.e. a signature) generated via application of a hash function to the firmware update file which is transmitted to the vehicle (i.e. transmitted together with the update))
storing, by the memory device, the update in a secure array of the memory device, (Su; Col. 2, Lines 6-7: The data processing system can transfer the firmware update file to the vehicle (i.e. secure array of the memory))
storing, by the memory device, the received signature in a register of the memory device; (Su; Col. 2, Lines 3-5: Provide, for storage in a block at the blockchain address (i.e. signature register of the memory), the digital signature containing the hash)
comparing, by the memory device, an expected signature to the received signature, (Su; Col. 2, Lines 10-16: A comparison is made between the received signature and second hash value generated by a hash function (i.e. comparison between the received signature and an expected signature))
wherein the expected signature is generated to verify the update; and (Su; Col. 2, Lines 10-16: A comparison is made between the received signature and second hash value generated by a hash function (i.e. expected signature to verify the update))
copying, by the memory device, the update from the secure array of the memory device to a non-secure portion of the memory device in response to the update being verified, (Su; Col. 4, Lines 66-67; Col. 8, Lines 50-53: Install the firmware update to the vehicle data repository (i.e. non-secure portion of the memory) upon verification through comparison (i.e. determination that the received signature and the expected signature are the same))
wherein the update is available to the [IoT] device when the update is copied to the non-secure portion of the memory device. (Su; Col. 4, Lines 66-67; Col. 8, Lines 50-53: Install the firmware update to the vehicle data repository (i.e. update is available to the device) upon verification through comparison)
Su does not teach the limitations of claim 20 as follows:
wherein the update is for an internet of things (IoT)  device monitored by the host; 
the update is available to the IoT device  
However, in the same field of endeavor, Britt discloses the limitations of claim 20 as follows:
wherein the update is for an internet of things (IoT)  device monitored by the host; (Britt; Para. [0059]: Update the program code of IoT devices for IoT services)
the update is available to the IoT device (Britt; Para. [0059]: Update the program code of IoT devices for IoT services) 
Britt is combinable with Su because all are from the same field of endeavor of monitoring and management of authenticated device updates. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified system of Su to incorporate the Internet of Things configured device and validity time period as in Britt in order to expand the functionality of the system to incorporate updates for Internet of Things devices and improve the security of the system by proving a window of time within which the authentication key is valid.

Regarding claim 21, Su and Britt teach the limitations of claim 20.
Su and Britt teach the limitations of claim 21 as follows:
The method of claim 20, wherein receiving the signature from the host further comprises the memory device transmitting, in response to a signal received from the host, a freshness value to the host.  (Britt; Para. [0134]: The session keys is valid for a specified period of time (i.e. freshness value) which indicates a valid session between the IoT device and the IoT service (i.e. a freshness value to the host))
The same motivation to combine as in claim 20 is applicable to the instant claim.

Regarding claim 22, Su and Britt teach the limitations of claim 20.
Su and Britt teach the limitations of claim 22 as follows:
The method of claim 20, wherein comparing the expected signature to the received signature further comprises generating a hash of the expected signature in response to receiving a command from the host to execute the received update.  (Su Col. 2, Lines 8-16: Receipt of the firmware update file by the vehicle can cause the vehicle to verify the firmware update file prior to installation (i.e. in response to receiving a command from the host to execute the received update), wherein the verification is based on a comparison of the digital signature retrieved to a generated hash value (i.e. generate the hash of the expected signature))

Regarding claim 23, Su and Britt teach the limitations of claim 20.
Su and Britt teach the limitations of claim 23 as follows:
The method of claim 20, wherein copying the update from the secure array of the memory device to the non-secure portion of the memory device further comprises transmitting the update to the IoT device for execution.  (Britt; Para. [0059]: Transmitting the update of the program code of IoT devices for IoT services)
The same motivation to combine as in claim 20 is applicable to the instant claim.

Regarding claim 24, Su and Britt teach the limitations of claim 20.
Su and Britt teach the limitations of claim 24 as follows:
The method of claim 20, wherein the host is a manufacturer of the IoT device. (Britt; Para. [0059]: The developers of the IoT device provide updates (i.e. host is a manufacturer of the IoT device))
The same motivation to combine as in claim 20 is applicable to the instant claim.

Prior Art Considered But Not Relied Upon
	Fontenot (US 2015/0185713 A1) which teaches an approach for extending platform trust during program updates.
	Kotani (US 2015/0113520 A1) which teaches a system receiving an update from an update server and a digital signature which has been encrypted and comparing the digital signature to determine that the update server is authentic.

Conclusion
For the above-stated reasons, claims 1-24 are rejected.
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BLAKE ISAAC NARRAMORE whose telephone number is (303)297-4357.  The examiner can normally be reached on Monday - Friday 0700-1700 MT.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi T Arani can be reached on (571) 272-3787.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/B.I.N./Examiner, Art Unit 2438  

/TAGHI T ARANI/Supervisory Patent Examiner, Art Unit 2438