Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The present Office Action is responsive to communication received 2/12/2021. Claims 1-20 are pending.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 2/12/2021 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Objection to drawings
Fig. 2 and Fig. 4 are objected to because the figures present labels: DMAC, SMAC ... with no corresponding description or definition in the specification. The examiner recommends to describe in the Figures all labels.

Objection to the Claims
Claims 3, 13 are objected to because MACsec is defined as medium access security instead of medium access control security. 
Claims 5 and 15 are objected to because the claims recites the acronyms MAC, VLAN, MPLS without corresponding definition. 
Calim 6 is objected to because it recites an informality, the  claims recites “the unencrypted portion of second test packet” instead of “unencrypted portion of the second test packet”.
Correction is kindly requested.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.



Claims 9 and 19 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claims 9, 19 recite wherein forming the test identifier using a subset of bits from a secure channel identifier comprises using M bits of the unencrypted portion of the packet. Claims 1, 11 from which claims 9 and 19 depend respectively, do not recite “forming the test identifier using a subset of bits from a secure channel identifier”. Therefore it is unclear what limitations from claims 1, 11,  claims 9 and 19 are further limiting. For examination purposes, the limitations will be considered as “forming the test that uniquely identifies the layer 2 secure channel  using a subset of bits from the unencrypted portion comprises using M bits of the unencrypted portion of the packet”.
Clarification is kindly requested.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 3-5, 7-9, 11, 13-15, 17-19 are rejected under 35 U.S.C. 103 as being unpatentable over US 20210314351 to Mozumdar et al., hereinafter Mozumdar.
 Regarding claim 1, and substantially claim 11, Mozumdar discloses 
method for testing a system under test (SUT), the system comprising (Fig. 7): sending a first test packet to the SUT over a communication link, wherein the first test packet is associated with a layer 2 secure channel ([0054], Fig. 7: test system sends packet thru layer 2 to DUT;); receiving a second test packet from the SUT over the communication link, wherein the second test packet includes an unencrypted portion and an encrypted portion ([0055]: DUT sends back a packet, the packets including an uncrypted portion and an encrypted payload (Fig. 1)); forming a test identifier that uniquely identifies the layer 2 secure channel and the emulated network device using a subset of bits from the unencrypted portion of the second test packet (Fig. 7: table mapping identifier AN with keys, the AN being a portion of the unencrypted packet header TCI/AN, Fig. 1),  ; and decrypting the encrypted portion of the second test packet by finding a security key using the test identifier ([0053]: DUT decrypts the packets with secure association key SAK1, Fig. 7: mapping between SAK1 and AN=0). 
Mozumdar does not explicitly teach a layer 2 secure channel that is bound to an emulated network device, Mozumdar discloses the need to find a better method than modifying test system hardware to accommodate changing sending data rates of devices to test, by generating MACsec emulated ([0004][005]).   It would have been obvious to a skilled artisan before the instant application was filed to associated test  packets to a layer 2 secure channel  bound to an emulated network device because a software-based emulation of MACSec packets would allow “to test a device under test MACsec compliance and performance without redesigning the test system  hardware” ([0004]). 

Regarding claim 3, and substantially claim 13, Mozumdar discloses the method of claim 1, wherein the layer 2 secure channel is a medium access security (MACsec) secure channel ([0012]MACsec is a layer 2 security protocol, Fig. 1 shows  the format of the packet including a SCI (secure channel identifier)).  
Regarding claim 4, and substantially claim 14, Mozumdar discloses the method of claim 1, wherein forming the test identifier comprises forming a portion of the test identifier as a device identifier from the unencrypted portion of the second test packet ([0053] and table Fig. 6: the test identifier AN is a portion of the unencrypted header (Fig. 1 TCI/AN) and corresponds to the device identifier).
Regarding claim 5, and substantially claim 15, Mozumdar discloses the method of claim 4, wherein forming the device identifier comprises using one or more of the following values from the unencrypted portion of the second test packet: destination MAC address, VLAN identifier, MPLS ID or any other protocol fields from the unencrypted portion of second test packet (Fig. 1, field 118).  

Regarding claim 7, and substantially claim 17, Mozumdar discloses the method of claim 1, comprising receiving a plurality of incoming test packets, forming test identifiers for the incoming packets, and decrypting the incoming packets at line rate ([0037][0040]).
Regarding claim 8, and substantially claim 18, Mozumdar discloses the method of claim 1, wherein decrypting the encrypted portion of the second test packet by finding a security key using the test identifier comprises using the test identifier as an index to a key table at a key server (Fig. 7, table with index AN mapped to SAK).
Regarding claim 9, and substantially claim 19, Mozumdar discloses the method of claim 1, wherein forming the test identifier using a subset of bits from a secure channel identifier comprises using M bits of the unencrypted portion of the packet (Fig. 1, identifier 118 is M bits of the 16 bytes of the unencrypted header).

Claims 2, 12 are rejected under 35 USC 103 as being unpatentable over Mozumdar in view of publication titled “An Open Framework for Managed Regression Testing”, 2003, p265-278, hereinafter Mittal.
Regarding claim 2, and substantially claim 12, Mozumdar discloses the method of claim 1. Mozumdar discloses determining whether the DUT responds correctly to the emulated MACsec packets given a replay protection configuration of the DUT, and generating a test output ([0016]), the test metric is the response to the MACsec packet. Mozumdar does not explicitly teach: storing one or more test metrics for the emulated network device in a data structure using the test identifier.  
In an analogous art Mittal discloses a framework for executing testing execution flows, each test execution allocated a unique test identifier (p.270, Engine server) and storing test results in a database indexed by the test identifier (p.271). It would have been obvious to a skilled artisan before the instant application was effectively filed to store the test metrics in a data structure using the test identifier as taught by Mittal because it would allow a fast and efficient retrieval of the test results when queried by users.

Claims 6, 10, 16 and 20 are rejected under 35 USC 103 as being unpatentable over Mozumdar in view of publication titled “Secure Ethernet Service”, by O’Connor, 2005 , 10 pages, hereinafter O’Connor.

Regarding claim 6, and substantially claim 16, Mozumdar discloses the method of claim 4 but does not explicitly teach the rest of the limitation.
In an analogous art, O’Connor discloses computing a secure association identifier SAI by concatenating the AN and the SCI, the SCI being part of the header  and including a globally unique MAC address (p.3). It would have been obvious to a skilled artisan before the instant application was effectively filed to form the test identifier by concatenating the device identifier and N bits from the unencrypted portion of second test packet (interpreted as SCI) as taught O’Connor because such test identifier would be more representative of the Security Association to which the encryption/decryption key in Mozumdar is bound ([0015]). 

Regarding claim 10, and substantially claim 20, Mozumdar discloses the method of claim 1; Mozumdar discloses configuring by a processor, at expiration of the timer, of a new key for the security association ([0015][0016]). Mozumdar does not explicitly teach the rest of the limitation.  In an analogous art, O’Connor discloses computing a secure association identifier SAI by concatenating the AN and the SCI, the SCI being part of the header  and including a globally unique MAC address (p.3). It would have been obvious to a skilled artisan before the instant application was effectively filed to implement a method, comprising preconfiguring, before initiating a test case, a programmable logic device for forming the test identifier using M bits as a device identifier and N bits as a secure channel identifier as taught O’Connor because such test identifier would be more representative of the Security Association to which the encryption/decryption key in Mozumdar is bound ([0015]). 

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Yang et al 20200204591 disclose testing a device or system under test (DUT) located between emulated servers and clients. The servers and clients that communicate through the DUTs being tested can be emulated or they can be actual/physical servers and clients. 
Gordon et al 20220232009 discloses a MACsec frame 140 that may be used in the communication network and including a destination MAC address, a source MAC address, a security tag (Sectag), an authenticated and (optionally) encrypted payload, and an integrity check value (ICV). The MAC address may be a unique identifier of a network interface controller (NIC) of the device. 
Raj et al 20200280566 discloses MACsec frames and a packet classification that 
can identify a packet type based on one or more fields in the packet header, packet body, or other portion of the packet, such as a port number, a VLAN group ...
Sergeev 20200252201 discloses MACsec protocol to test traffic.

Jana et al 20150180743 discloses transmitting a selected packet  network traffic to a device under test, the test environments may be configured with a secure connection between a client and a device under test.
Mitra 20080137543 disclose an electronic device having logic that allows testing the device via a network interface. The electronic device has testing logic that receives test input signals and generate a test output signal. 
Sawant et al 20220360566 disclose VMs belonging to same layer 2 segents communicating with each other using VPN connections that are encrypted by a virtual network identifier (VNI)-specific key.
Buer et al 8340299 disclose IPSec security association and encryption keys associated with a session
Elzur et al 20080126559 disclose the conversion between Ethernet packets comprising payloads secured utilizing IPsec protocols and Ethernet packets secured utilizing MACsec protocols. 
Sankaran et al 20190173860 dicloses a database storing a mapping of the destination MAC address and encryption key used for encrypting/decrypting MACsec packets
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CATHERINE B THIAW whose telephone number is (571)270-1138. The examiner can normally be reached Monday-Friday 7am-4pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, CARL G COLIN can be reached on 571-272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/Catherine Thiaw/Primary Examiner, Art Unit 2493                                                                                                                                                                                                        11/19/2022