DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-9 and 11-23 are pending.
The claim objections have been withdrawn in view of the claim amendment. 

Allowable Subject Matter
Claims 11, 12, and 23 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Response to Arguments
Applicant's arguments filed on 09/02/22 have been fully considered. Although there might be differences between Applicant’s invention and the cited prior art, the current claims have not successfully captured these differences to render the claims clearly distinguishable from the cited prior art as explained in more detail below.
In response to Applicant’s argument that Oncale, Lin and Zhu each fail to disclose or suggest a cryptographic processor that accesses a first non-volatile memory via an on-chip system fabric and accesses a firmware copy from a second non-volatile memory via a side channel (pages 7-8 of Remarks), Examiner acknowledged Applicant’s perspective but respectfully disagreed for the following reasons.
Firstly, it should be noted that the claims do not recite the specifics (e.g. the structure) of “system fabric”, this term broadly covers any type of structure for interconnecting elements.  In addition, the term “side channel” broadly covers any secondary path, route, or connection which allows communication to flow from one point to another. 
Secondly, in Oncale, a primary firmware ROM 126 and a secondary firmware ROM 128 are illustrated in fig. 1 as being physically separated from one another.  Oncale discloses a structure for interconnecting the physically separated primary firmware ROM 126 to management controller 112 (system fabric) for accessing the physically separated primary firmware ROM 126 from management controller 112 (e.g. fig. 1, ¶39).  Moreover, Oncale also discloses a secondary path, route or connection (side channel) to allow communication to the other physically separated secondary firmware ROM 128 including retrieving the secondary firmware image stored in the other physically separated secondary firmware ROM 128 upon detecting the primary firmware image failing verification (e.g. fig. 1, ¶34-35, 39).  
For at least the above reasons, the combined teachings of Oncale, Lin, and Zhu does disclose or suggest a cryptographic processor that accesses a first non-volatile memory via an on-chip system fabric and accesses a firmware copy from a second non-volatile memory via a side channel.

In response to Applicant’s argument that Kitagawa and Zhu each fail to disclose or suggest accessing a first non-volatile memory via an on-chip system fabric and accessing a firmware copy from a second non-volatile memory via a side channel (pages 8-9 of Remarks), Examiner acknowledged Applicant’s perspective but respectfully disagreed for the following reasons.
As mentioned above, the term “system fabric” broadly covers any type of structure for interconnecting elements and the term “side channel” broadly covers any secondary path, route, or connection which allows communication to flow from one point to another.
	Kitagawa discloses a first ROM 16-1 and a second ROM 16-2 each being physically separated from one another (e.g. fig. 1).  Kitagawa also discloses a structure for interconnecting the physically separated first ROM 16-1 to CPU 10 (system fabric) for accessing the physically separated first ROM 16-1 from CPU 10 (e.g. fig. 1, ¶28).  Furthermore, Kitigawa discloses a secondary path, route or connection (side channel) to allow communication to the physically separated second ROM 16-2 including retrieving a backup BIOS stored in the physically separated second ROM 16-2 (e.g. fig. 1, ¶ 36-40, 81, 86, 89). 
For at least the above reasons, the combined teachings of Kitagawa and Zhu does disclose or suggest a cryptographic processor that accesses a first non-volatile memory via an on-chip system fabric and accesses a firmware copy from a second non-volatile memory via a side channel.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

Claim 1 is rejected under 35 U.S.C. 103 as being unpatentable over Oncale (US 20210240831) in view of Lin (US 10997297) in view of Zhu (US 20200310774).


Claim 1, Oncale discloses An apparatus to facilitate firmware resiliency in a computer system platform, comprising: 
a system on a chip (SOC), including:
an on-chip system fabric; (e.g. fig. 1, ¶39)
a first non-volatile memory, coupled to the on-chip system fabric, to store primary firmware for a computer system platform; (e.g. fig. 1, ¶22, 34, 39: primary firmware image (e.g., stored in primary firmware ROM 126))
a processor, coupled to the first non-volatile memory via the on-chip system fabric, including resiliency hardware to restore the primary firmware stored in the first non-volatile memory with a firmware copy; (e.g. fig. 1, ¶39: If management controller 112 executes its secondary firmware image as a result of the primary firmware image failing verification, management controller 112 may execute a "normal" recovery process to recover its primary firmware image (e.g., overwrite the primary firmware image stored in primary firmware ROM 126 with the contents of the secondary firmware image).)
a second non-volatile memory coupled to the SOC via a side channel, wherein the resiliency hardware retrieves the firmware copy of the primary firmware from the second non-volatile memory via the side channel upon detecting. (e.g. fig. 1, ¶34-35, 39: retrieving the secondary firmware image (e.g., stored in secondary firmware ROM 128) upon detecting the primary firmware image failing verification)
Although Oncale discloses a processor, coupled to the first non-volatile memory via the on-chip system fabric, including resiliency hardware to restore the primary firmware stored in the first non-volatile memory with a firmware copy and a second non-volatile memory coupled to the SOC via a side channel, wherein the resiliency hardware retrieves the firmware copy of the primary firmware from the second non-volatile memory via the side channel upon detecting the primary image failing verification (see above), Oncale does not appear to explicitly disclose but Lin discloses a cryptographic processor (e.g. figs. 3, 6,  col. 14, ll. 13-17, col. 18, ll. 9-16, 58-67: cryptographic controller 600) including resiliency hardware to detect unauthorized access to the primary firmware (e.g. col. 12, ll. 22-32: the controller 600 determines or suspects that a current firmware image 320 is compromised) and retrieves the firmware copy of the primary firmware upon detecting the unauthorized access to the primary firmware (e.g. col. 12, ll. 22-32: and a restore firmware image 322 may be installed in another location. This restore firmware image 322 may available to be booted from in a safe mode, when the controller 600 determines or suspects that a current firmware image 320 is compromised. In one embodiment, the controller 600 may copy the restore firmware image 322 to the current firmware image 320 location to replace a potentially compromised firmware image).
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Lin into the invention of Oncale for the purpose of securely initiating a downloading of a firmware image update (Lin, col. 19, ll. 40-44) and enabling the compromised firmware to be replaced (Lin, col. 12, ll. 30-32).
Oncale-Lin does not appear to explicitly disclose but Zhu discloses the primary firmware comprises security firmware that provides a root of trust for verification of the computer system platform (e.g. ¶30: a security (SEC) phase 210…SEC 210 is the first phase of a UEFI boot process on the information handling system that operates to set up a pre-verifier 212 that handles all restart events on the information handling system, and temporarily allocates a portion of memory for use during the other boot phases. Pre-verifier 212 is executed out of the firmware resident on the information handling system, and so serves as a root of trust for the system).
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Zhu into the invention of Oncale-Lin for the purpose of handling all restart events on the information handling system, and temporarily allocating a portion of memory for use during the other boot phases (Zhu, ¶30).

Claim 2 is rejected under 35 U.S.C. 103 as being unpatentable over Oncale (US 20210240831) in view of Lin (US 10997297) in view of Zhu (US 20200310774) and further in view of Yau (US 10219135).

Claim 2, Oncale-Lin-Zhu discloses The apparatus of claim 1, further comprising an interface coupled between the SOC and the second non-volatile memory (Oncale, e.g. fig. 1, ¶22, 34-35, 39).  Same motivation as in claim 1 would apply. 
Although Oncale-Lin-Zhu discloses an interface coupled between the SOC and the second non-volatile memory (see above), the combination does not appear to explicitly disclose the interface is a radio frequency (RF) but Yau discloses a radio frequency (RF) interface (e.g. figs. 1, 7, 8, 15 col. 1, ll. 28-57, col. 2, ll. 22-37, col. 6, ll. 34-52, col. 7, ll. 15-20, 43-col. 8, ll. 14, col. 11, ll. 41-47, 59-63, col. 12, ll. 1-11, 28-34, col. 15, ll. 31-43: The technologies disclosed herein provide functionality for utilizing near field communication ("NFC") to improve the security, performance, configuration, and potentially safety, of various types of computing systems…An NFC reader in the server computer can read credentials from an NFC card or an NFC-equipped mobile device. The credentials can be provided to the EC, which can compare the received credentials to the credentials previously defined and stored in the NVRAM to determine if the credentials read from the NFC reader are permitted to power on the server computer. If so, the EC can provide a power on signal to a power controller in the server computer in order to power on the server computer. A similar mechanism can be utilized to securely power off the server computer utilizing NFC. This mechanism can be utilized to improve the security of an NFC-equipped server computer by enabling only authorized users to power on or power off the server computer…FIG. 7 is a block diagram showing aspects of a server computer 102 disclosed herein that can utilize NFC to initiate…recovery of a firmware 104 executing in the server computer 102…As shown in FIG. 7, the server computer 102 can read an NFC tag 702 from an NFC card 116 or an NFC-equipped mobile device 122 during booting of the server computer 102…The update application 706 is configured to…recover the firmware 104 of the NFC-equipped server computer 102 from a firmware image 708 stored…on the NFC card 116 or an NFC-equipped mobile device…Once the server computer 102 has been rebooted, the update application 706 can…recover the firmware using the firmware image 708. This can include copying the firmware image 708 to the non-volatile memory 106 to replace the existing firmware 104. As also discussed above, the firmware image 708 can be stored on…the NFC card 116, an NFC-equipped mobile device 122…the computer system 1500 shown in FIG. 15 can be utilized to implement the NFC-equipped server computer 102…The computer system 1500 shown in FIG. 15 can include a baseboard, or “motherboard,” which is a printed circuit board to which a multitude of components or devices can be connected by way of a system bus or other electrical communication path.).
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Yau into the invention of Oncale-Lin-Zhu for the purpose of utilizing near field communication to improve the security, performance, configuration, and potentially safety, of various types of computing systems and enabling only authorized users to power on and off the system (Yau, col. 1, ll. 28-31, 54-57).

Claim 3 is rejected under 35 U.S.C. 103 as being unpatentable over Oncale (US 20210240831) in view of Lin (US 10997297) in view of Zhu (US 20200310774) in view of Yau (US 10219135) and further in view of Montero (US 20200201714).

Claim 3, Oncale-Lin-Zhu-Yau discloses The apparatus of claim 2, wherein the resiliency hardware is coupled to the first non-volatile memory via a system fabric and coupled to the second non-volatile memory via a side channel (Oncale, e.g. fig. 1, ¶34-35, 39) and does not appear to explicitly disclose but Montero discloses an out of band side channel.  (e.g. ¶47-49, 56) 
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Montero into the invention of Oncale-Lin-Zhu-Yau for the purpose of enabling firmware recovery before the CPU is fully up and running (Montero, ¶56).

Claims 4-9 are rejected under 35 U.S.C. 103 as being unpatentable over Oncale (US 20210240831) in view of Lin (US 10997297) in view of Zhu (US 20200310774) in view of Yau (US 10219135) in view of Montero (US 20200201714) and further in view of Samuel (US 20200097658).

Claim 4, Oncale-Lin-Zhu-Yau-Montero discloses The apparatus of claim 3, wherein the resiliency hardware detects the unauthorized access to the primary firmware (Lin, e.g. col. 12, ll. 22-32).  Same motivation as in claim 1 would apply.
Oncale-Lin-Zhu-Yau-Montero does not appear to explicitly disclose but Samuel discloses during a boot process. (e.g. fig. 6, ¶59, 62)
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Samuel into the invention of Oncale-Lin-Zhu-Yau-Montero for the purpose of stopping the boot process or preventing the computing device from booting (Samuel, ¶62).

Claim 5, Oncale-Lin-Zhu-Yau-Montero-Samuel discloses The apparatus of claim 4, wherein the resiliency hardware initiates a recovery of the primary firmware upon detecting the unauthorized access to the primary firmware. (Lin, e.g. col. 12, ll. 22-32).  Same motivation as in claim 1 would apply.

Claim 6, Oncale-Lin-Zhu-Yau-Montero-Samuel discloses The apparatus of claim 5, wherein the resiliency hardware performs the recovery of the primary firmware by retrieving the firmware copy from the second non-volatile memory via the side channel. (Oncale, e.g. fig. 1, ¶39).
Although Oncale-Lin-Zhu-Yau-Samuel discloses a side channel (see above), the combination does not appear to explicitly disclose but Montero discloses an out of band side channel (Montero, e.g. ¶47-49, 56).  Same motivation as in claim 3 would apply.

Claim 7, Oncale-Lin-Zhu-Yau-Montero-Samuel discloses The apparatus of claim 6, wherein the resiliency hardware further performs the recovery of the primary firmware by overwriting the primary firmware with the firmware copy via the system fabric.  (Oncale, e.g. ¶39)

Claims 8-9 are rejected under 35 U.S.C. 103 as being unpatentable over Oncale (US 20210240831) in view of Lin (US 10997297) in view of Zhu (US 20200310774) in view of Yau (US 10219135) in view of Montero (US 20200201714) in view of Samuel (US 20200097658) and further in view of Montero55 (US 20210034355).

Claim 8, Oncale-Lin-Zhu-Yau-Montero-Samuel discloses The apparatus of claim 7, wherein the resiliency hardware further performs the recovery of the primary firmware by overwriting the primary firmware. (Oncale, e.g. ¶37, 39)
Although Oncale-Lin-Zhu-Yau-Montero-Samuel discloses authenticating the firmware copy and the resiliency hardware further performs the recovery of the primary firmware by overwriting the primary firmware (see above), the combination does not appear to explicitly disclose but Montero55 discloses performing the recovery by authenticating the firmware copy prior to overwriting the primary firmware (e.g. ¶40, 48, 53-54)   
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Montero55 into the invention of Oncale-Lin-Zhu-Yau-Montero-Samuel for the purpose of ensuring that the secondary firmware image is not corrupted or damaged before using it for a recovery process.

Claim 9, Oncale-Lin-Zhu-Yau-Montero-Samuel-Montero55 discloses The apparatus of claim 8, wherein the firmware copy is repaired upon not being able to authenticate the firmware copy. (Oncale, e.g. ¶37, 39)

Claims 13 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Kitagawa (US 20180039553) in view of Zhu (US 20200310774) and further in view of Montero55 (US 20210034355).

Claim 13, Kitagawa discloses At least one non-transitory computer readable medium having instructions stored thereon, which when executed by one or more processors, cause the one or more processors to: 
authenticate primary firmware stored in a first non-volatile memory via an on-chip system fabric in a computer system platform to determine whether the primary firmware has been corrupted, (e.g. fig. 1, ¶28, 37, 44-45, 57, 65, 74-75: performing diagnosis for a first BIOS stored in a BIOS flash ROM 16-1 (a first storage device) to determine whether the first BIOS has been corrupted) wherein the primary firmware comprises security firmware that includes a code region and a data region; detect a corruption of the primary firmware, including: (e.g. ¶66-71, 74-75, 125: The diagnosis unit 101 performs diagnosis for the BIOS flash ROM 16 in a step-wise manner (three phases) in the order of (a1) flash operation area, (a2) CAR operation area, and (a3) memory operation area depending on the operation location of the BIOS described above. The (a1) flash operation area is an area in which data (BIOS data, BIOS program, and modules) to be read in the EFI phase is stored in the BIOS flash ROM 16. Hereinafter, the flash operation area may be referred to as a first area. In the BIOS flash ROM 16, the area in which the BIOS data to be executed by the CPU 10 in the above-described first period is stored corresponds to the first area. The (a2) CAR operation area is an area in which data (BIOS program, modules) to be read is stored until the memory 14 becomes available after the CAR is enabled. Hereinafter, the CAR operation area may be referred to as a second area. In the BIOS flash ROM 16, the area in which the BIOS data to be executed by the CPU 10 in the above-described second period is stored corresponds to the second area. The (a3) memory operation area is an area, in the BIOS flash ROM 16, in which data (BIOS program, modules) to be read after the memory 14 becomes available is stored. In the BIOS flash ROM 16, the area in which the BIOS data to be executed by the CPU 10 in the above-described third period is stored corresponds to the third area.)
initiate a recovery of the primary firmware upon detecting the corruption of the primary firmware, including: retrieving a firmware copy of the primary firmware from a second non-volatile memory in the computer system platform via a side channel; and restoring the primary firmware with the firmware copy; (e.g. figs. 1-2, ¶81, 83, 85-90: The recovery unit 103 restores (recovers) the data of the BIOS flash ROM 16 (hereinafter, referred to as an abnormal BIOS flash ROM 16 or a BIOS flash ROM 16 to be restored) in which an abnormality is detected by the diagnosis unit 101…Specifically, the recovery unit 103 identifies an address (abnormality-occurred address) of a point (abnormality-occurred point) where an abnormality is detected by the diagnosis unit 101 in the abnormal BIOS flash ROM 16…The recovery unit 103 determines a predetermined address range including the abnormality-occurred address as a restoration target range. The recovery unit 103 extracts the BIOS data from the portion corresponding to the restoration range of the abnormal BIOS flash ROM 16, in the other BIOS flash ROM 16 where no abnormality is detected. As described above, in the present embodiment, the BIOS flash ROM 16-1 and the BIOS flash ROM 16-2 are provided with the same data structure, and the same BIOS data is stored at the same address position. Therefore, the recovery unit 103 extracts data (BIOS data) in the same address range as the restoration target range determined as described above as restoration data from the other BIOS flash ROM 16 where no abnormality is detected. Then, the recovery unit 103 overwrites the data of the restoration target range including the abnormality-occurred point in the abnormal BIOS flash ROM 16 with the data (restoration data) extracted from the other BIOS flash ROM 16. In other words, in a plurality of redundant BIOS flash ROMs 16, the recovery unit 103 overwrites and updates the data of the restoration target range including the abnormality-occurred point in one BIOS flash ROM 16 with the data (restoration data) read from the same address range of the other BIOS flash ROM 16 where no abnormality is detected.)
Although Kitagawa discloses security firmware including a code region and a data region (see above), Kitagawa does not appear to explicitly disclose but Zhu discloses security firmware that provides a root of trust for verification for the computer system platform (e.g. ¶30: a security (SEC) phase 210…SEC 210 is the first phase of a UEFI boot process on the information handling system that operates to set up a pre-verifier 212 that handles all restart events on the information handling system, and temporarily allocates a portion of memory for use during the other boot phases. Pre-verifier 212 is executed out of the firmware resident on the information handling system, and so serves as a root of trust for the system).
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Zhu into the invention of Kitgawa for the purpose of handling all restart events on the information handling system, and temporarily allocating a portion of memory for use during the other boot phases (Zhu, ¶30).
Although Kitigawa-Zhu discloses authenticating the firmware copy (e.g.¶77, 86, 89) and initiating a recovery of the primary firmware (see above), the combination does not appear to explicitly disclose but Montero55 discloses initiating a recovery of the primary firmware including authenticating the firmware copy (e.g. ¶40, 48, 53-54)   
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Montero55 into the invention of Kigitawa-Zhu for the purpose of ensuring that the secondary firmware image is not corrupted or damaged before using it for a recovery process.

Claim 18, this claim is rejected for similar reasons as in claim 13.

Claims 14 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Kitagawa (US 20180039553) in view of Zhu (US 20200310774) in view of Montero55 (US 20210034355) and further in view of Lambert (US 20180039546).

Claim 14, Kitagawa-Zhu-Montero55 discloses The computer readable medium of claim 13, (see above) and does not appear to explicitly disclose but Lambert discloses wherein the second non-volatile memory is not accessible during a platform boot process. (e.g. fig. 1, ¶22-23, 26, 34).
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Lambert into the invention of Kitgawa-Zhu-Montero55 for the purpose of providing the security benefit of preventing host access to recovery ROM such that recovery BIOS image may not be comprised by host system during normal mode (Lambert, ¶34).

Claim 19, this claim is rejected for similar reasons as in claim 14.

Claims 15-17 and 20-22 are rejected under 35 U.S.C. 103 as being unpatentable over Kitagawa (US 20180039553) in view of Zhu (US 20200310774) in view of Montero55 (US 20210034355) in view of Lambert (US 20180039546) and further in view of Montero (US 20200201714).

Claim 15, Kitagawa-Zhu-Montero55-Lambert discloses The computer readable medium of claim 14, wherein the recovery of the primary firmware further comprises retrieving the firmware copy from the second non-volatile memory via a side channel (Kitagawa, e.g. fig. 1, ¶81, 86-87, 89) and does not appear to explicitly disclose but Montero discloses an out of band side channel. (e.g. fig. 1, ¶15-16, 47-49, 56).
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Montero into the invention of Kitagawa-Zhu-Montero55-Lambert for the purpose of enabling firmware recovery before the CPU is fully up and running (Montero, ¶56).

Claim 16, Kitagawa-Zhu-Montero55-Lambert-Montero discloses The computer readable medium of claim 15, wherein the recovery of the primary firmware further comprises overwriting the primary firmware with the firmware copy via a system fabric. (Kitagawa, e.g. fig. 1, ¶89).

Claim 17, Kitagawa-Zhu-Montero55-Lambert-Montero discloses The computer readable medium of claim 16, (see above), Kitigawa discloses wherein the recovery of the primary firmware further comprises overwriting the primary firmware. (Kitagawa, e.g. ¶77, 86, 89)
Although Kitigawa discloses authenticating the firmware copy and the recovery of the primary firmware further comprises overwriting the primary firmware (see above), Kitigawa does not appear to explicitly disclose but Montero55 discloses the recovery comprises authenticating the firmware copy prior to overwriting the primary firmware (e.g. ¶40, 48, 53-54)   
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the features described by Montero55 into the invention of Kitagawa-Zhu-Montero55-Lambert-Montero for the purpose of ensuring that the secondary firmware image is not corrupted or damaged before using it for a recovery process.

Claim 20, this claim is rejected for similar reasons as in claim 15.

Claim 21, this claim is rejected for similar reasons as in claim 16.

Claim 22, this claim is rejected for similar reasons as in claim 17.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure: 

US 20160055068 discloses a cryptographic controller 102 that accesses a primary non-volatile memory 104 storing system firmware 107 over a shared bus 120 (system fabric) and accesses a redundant copy 114 of the system firmware 107 from a secondary non-volatile memory 116 via a channel that is separate from the shared bus 120 (side channel) where the cryptographic controller 102 determines whether the system firmware 107 retrieved from the primary non-volatile memory 104 over the shared bus 107 is compromised by cryptographically validating the system firmware 107 and in response to determining that the system firmware 107 is compromised, retrieves the redundant copy 114 of the system firmware 107 from the secondary non-volatile memory 116 via the channel separate from the shared bus 120 and replaces the compromised system firmware 107 in the primary non-volatile memory 104 (e.g. abstract, figs. 1-3 and associated descriptions).


US 20220179960 discloses the computing system 100 may be part of a system-on-chip (SoC)…The computing system 100 of FIG. 1 includes an application processor 102, storage 104, memory 106, and a security processor 108.

US 20190236277 discloses FIG. 1 is a block diagram of a computer device 100 that includes an example automatic firmware image recovery system. The computer device 100 includes a central processing unit (CPU) 110 and a baseboard management controller (BMC) 112. The automatic recovery system in this example is operated by a control integrated circuit 120…A firmware image is stored in a permanent, non-volatile memory, such as an EEPROM 130. The control circuit 120 is coupled to a storage device 134. The storage device 134 may be a permanent storage device such as flash memory or a hard disk drive. In this example, the storage device 134 may store a copy of the firmware image stored in the EEPROM 130. 

US 20210218710 discloses FIG. 2 is a schematic depicting possible functional components of a generic client device 10. It will be appreciated by those skilled in the art that network-enabled client devices suitable for use in the system described herein can range from small, single-purpose devices, such as a thermometer or humidity sensor, to complex machines with multiple sensor and control systems, such as an automobile…a device 10 includes a processing unit, such as a microprocessor 105. Preferably, for enhanced security, the processing unit 105 includes a trusted zone providing a trusted execution environment for sensitive code, such as code for generating a unique identifier (UID), discussed in further detail below, or cryptographic algorithms (encryption, decryption, key generation)…The client device also includes…non-volatile memory, in this example non-erasable memory 120, secure non-volatile memory 125 (this may form part of the trusted zone), and non-secure volatile memory 130…The non-secure memory 130 may store the device firmware, including cryptographic algorithms…A signature or cryptographic hash of the firmware may be stored in the secure non-volatile memory 125 for verification purposes. Additionally, a backup copy of firmware may also be stored in non-volatile memory.

US 20190042229 discloses systems, apparatuses and methods may provide for technology that assumes, by a root of trust located in a trusted region of a system on chip (SOC), control over a reset of the SOC and conducting, by the root of trust, an authentication of an update package in response to an update condition. The root of trust technology may also apply the update package to firmware located in non-volatile memory (NVM) associated with a microcontroller of the SOC if the authentication is successful.

Applicant’s amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to TRONG NGUYEN whose telephone number is (571)270-7312.  The examiner can normally be reached on Monday through Thursday 9:30 AM - 5:00 PM EST.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, GELAGAY SHEWAYE can be reached on (571)272-4219.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/TRONG H NGUYEN/Primary Examiner, Art Unit 2436