Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .


DETAILED ACTION
The instant application having Application No. 16/969,010 is presented for examination by the examiner.  Claims 1-5 and 7-14 are amended.  Claims 1-14 are pending.


Response to Amendment



Claim Rejections - 35 USC § 101
	Rejections under this statute have been overcome by amendment.






Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.




Claims 1-14 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
After reviewing the extensive amendments to the claims there are numerous antecedent issues, improper articles, change in number, and confusing terms.  Examiner has tried to point them out below but Applicant is encouraged to carefully review the claims for some problems overlooked.
As per claim 1, the terms a system hierarchy structure is recited.  Throughout claims 2-10 the term “the system hierarchy” omitting the ‘structure’.  It is unclear which is the proper term and if they are directed to the same thing or not.  It is strange to say the layers ‘comprising’ a system hierarchy structure because when one thinks of a hierarchy structure, one can envision the hierarchy structure comprised of layers more so than the other way around.  Perhaps the layers correspond to the hierarchy structure?  
The layers comprising the system hierarchy structure is introduced again in the limitation regarding the evaluation calculation data table. Layers without any article is also recited in the 3rd clause.  This is problematic because the system hierarchy table relates the system operating environment table to layers.  Then the specification table relates layers from the system hierarchy table, raising the question if these layers are the same the layers comprising the system hierarchy structure.  It is unclear which layers are ultimately related to one another if there is a distinction between the layers comprising a system hierarchy structure and the layers from the system hierarchy table.
The amendment in the hierarchy generation unit clause to the plurality of layers creates a number of problems.  The words ‘the’ and ‘of’ now appear beside one another.  The removal of plurality deletes the antecedent basis for this term in the following clause.  Lastly, the reference to the layers comprising the system hierarchy table is unclear because previously this term was recited as “layers from the system hierarchy table”.  The claims need consistency when addressing previous limitations.  
The claim recites a plural "first evaluation values but only a single first evaluation value was defined.  
As per claim 2, the plurality of layers comprising the system hierarchy lacks antecedent basis for “the plurality” and “the system hierarchy”.  As mentioned above, this term is either missing ‘structure’ or is meant to refer to another term i.e. the system hierarchy table.  
Throughout claims 2-10, many references to the system hierarchy is made.  
Claims 9 and 10, recites “the plurality of layers of the system hierarchy hierarchies”.  It is unclear what this means and there is no antecedent basis for the term in claim 1.    
As per claim 11, in the evaluation clause, the layers should be the plurality of layers to match the its antecedent basis.    The generation step has the articles “the” and “a” next to one another.  In the calculating step, each of a plurality of layers corresponding to a security function requirement is vaguely similar to the relationship between the layers comprising the system hierarchy and security function requirements (as shown in the evaluation step).  Are these layers different?  Are these the same security function requirements in both the evaluation and calculation steps?



Response to Arguments
Applicant’s arguments, see page 18, filed 9/9/22, with respect to claim 1 have been fully considered and are unpersuasive.  Applicant alleges that the Examiner mapped KPI’s to numerous claim terms and that the four new limitations added to claim 1 are not taught by the prior art.
In regards to the KPI’s, there is an individual KPI value for each component of the evaluated in terms of security compliance.  There is then an aggregate KPI for some groups/domains of security types and then an overall KPI value for the system (0005 and 0007).  Macy’s system has hierarchy which differentiate KPI values but the hierarchy per se was not mapped to the KPI.  The security function requirement was also not mapped to the KPI.  The system has procedure, protocols, and policies which dictate the requirements.
In regard to the new limitations, every effort was given to interpret the claim language under BRI despite the numerous problems under 35 USC §112, detailed above.
Moreover, this argument only addressed the new limitations added to claim 1.  Applicant’s assertion that those limitations similarly overcome the rejection of claim 11 is unpersuasive because they are not required by claim 11.  Claim 11 has different limitation added.

Claim Interpretation

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier.  Such claim limitation(s) is/are: “unit configured to” in claim 1.
Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.  The specification discloses each of these unit executes inside of the CPU (see Fig. 2).
If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.


Claim Rejections - 35 USC § 102

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.




Claims 1-14 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by USP Application Publication 2013/028336 to Macy et al., hereinafter Macy.

As per claim 1, Macy teaches a security evaluation server comprising: 
a system operating environment table (system illustrated in Fig. 2); 
a system hierarchy table that relates a system from the system operating environment table to layers comprising a system hierarchy structure [system on top of the hierarchy structure; 0031]; 
a system structure specification table that relates layers from the system hierarchy table to security function requirements [system has security function requirements for different categories in the system; 106, 118, and 114 under it; Fig. 2]; 
an evaluation calculation data table that relates security function requirements from the system structure specification table to layers comprising the system hierarchy structure [security functions requirement specific to each category, i.e. 104, 116, 110 are shown under each security function];

 a hierarchy generation unit configured to generate information regarding a plurality of system hierarchies in an evaluation subject system [collector (0100); Fig 1-10, 16, 24; and 0031]; 

an evaluation unit configured to, based on the information regarding the plurality of system hierarchies (0025) generated by the hierarchy generation unit, calculate a first evaluation value of protection effectiveness (individual KPIs; Fig. 1: 12, 20, 28, 30] based on a security function requirement included in the evaluation calculation data table and corresponding to each of the plurality of system hierarchies (Fig. 1: 18, 20), and calculate a second evaluation value of protection effectiveness based on a combination of the security function requirements [Fig. 1:34 and 0030; overall system KPI]; and 

a verification unit configured to verify whether each of the security function requirements in the evaluation subject system is in excess or insufficient, based on the first evaluation value calculated by the evaluation unit, the second evaluation value calculated by the evaluation unit (0037, 0039, Figs 4 and 5), and a target value (0062 and 0082) [KPI of each component in the hierarchy are scored according to ideal or expected level.   For some of the evaluation criteria, being in excess of ideal is risky and others being below ideal is risky].
As per claim 11, Macy teaches the server including: 
a security function requirement table that relates a plurality of layers comprising a system hierarchy to respective, corresponding security function requirements [Fig. 2 and 0031]; 
an evaluation calculation data table that relates the layers comprising the system hierarchy to security function requirements [security functions requirement specific to each category, i.e. 104, 116, and 110 are shown under each security function] by first evaluation values of protection effectiveness [0032];
a CPU; and a storage device where a program is stored, the CPU configured to execute the program stored in the storage device (0214);
 generate information specifying a plurality of layers comprising the system hierarchy in an evaluation subject system [collector (0100); Fig 1, elements 10, 16, 24; and 0031]; 
calculate a first evaluation value of protection effectiveness for each of a plurality of layers corresponding to a security function requirement [individual KPIs; Fig. 1, elements 12, 20, 28, 30] and calculate a second evaluation value of protection effectiveness based on a combination of the first evaluation values corresponding to the security function requirements based on the information specifying the plurality of layers of the system hierarchy generated [Fig. 1, element 34 and 0030; overall system KPI]; 
 verify whether each of the security function requirements in the evaluation subject system is in excess or insufficient, based on the first evaluation value calculated by the evaluation unit, the second evaluation value calculated (0037, 0039, Figs 4 and 5), and a security function target value (0062 and 0082) [KPI of each component in the hierarchy are scored according to ideal or expected level.   For some of the evaluation criteria, being in excess of ideal is risky and others being below ideal is risky].

As per claims 2 and 12, Macy teaches wherein the hierarchy generation unit generates the information regarding the plurality of system hierarchies, the plurality of system hierarchies including: a first system hierarchy related to functional safety (Fig. 2: 106); a second system hierarchy configured to transmit and receive data to and from the first system hierarchy (Fig. 2: 104, 104a); and an (n + 1)th system hierarchy configured to transmit and receive the data to and from the (n)th system hierarchy (Fig. 2, 102-1,2,…n), (n)th increased in a sequential order from the second hierarchy (n > 2).

As per claims 3 and 13, Macy teaches in the sequential order from the second system hierarchy to the (n)th system hierarchy, calculate the first evaluation value of the protection effectiveness in each of the system hierarchies based on the security function requirement included in each of the system hierarchies [KPI of each subset in 104; 0025 and 0026); and based on the first evaluation value of the protection effectiveness in each of the system hierarchies calculated, calculate the first evaluation value of overall protection effectiveness within a range from the first system hierarchy to the (n)th system hierarchy [overall KPI for Fig. 2-106; see also Fig. 1-14].

As per claim 4, Macy teaches the verification unit determines that each of the security function requirements is sufficient when a corresponding one of the second evaluation values calculated by the evaluation unit is equal to or more than the target value (0037; situation when low KPI value is risky).
As per claim 5, Macy teaches the verification unit determines that each of the security function requirements is insufficient when a corresponding one of the second evaluation values calculated by the evaluation unit is less than the target value. (0037; situation when high KPI value is risky).
As per claim 6, Macy teaches when each of the security function requirements is determined as sufficient, the verification unit specifies a maximum value of the first evaluation values (0039), based on which the corresponding one of the second evaluation values has been calculated and determined as sufficient (0026 and 0039).
As per claims 7 and 14, Macy teaches the hierarchy generation unit receives an input of a target value [hardened profile] of an item that concurrently satisfies a target value of a functional safety requirement and the target value of the security function requirement (0213), and the evaluation unit calculates the first evaluation value of the protection effectiveness in each of the system hierarchies in an item corresponding to the item including the target value received through the input [0213; KPI determined by counting violation to the set of hardened profile/rules].
As per claim 8, Macy teaches the first system hierarchy corresponds to a physical control layer (0058).
As per claim 9, Macy teaches the hierarchy generation unit receives a system specification [expected answers, and cyber security profiles], and generates the information regarding the plurality of system hierarchies based on a system type [examples listed throughout 0045-0096] included in the system specification received (0043, 0062, and 0082).
As per claim 10, Macy teaches the hierarchy generation unit receives an operation configured to specify each of the plurality of system hierarchies, and generates the information regarding the plurality of system hierarchies in accordance with the operation received (0097 and 0100).

Conclusion

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL R. VAUGHAN whose telephone number is (571)270-7316.  The examiner can normally be reached on Monday - Thursday, 7:30am - 5:00pm, EST. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached on (571) 272-2092.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/MICHAEL R VAUGHAN/
Primary Examiner, Art Unit 2431