Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . The present application is being examined under the pre-AIA  first to invent provisions. In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claim(s) 1-3, 6-9 and 13-14 is/are rejected under 35 U.S.C. 102(a)(1) as being anticipated by U.S. Pre-Grant Publication US 20200389499 A1 to Koval et al. (“Koval”).
As to claim 1, Koval disclose(s) system and control system of an electric power distribution system, the system and control system comprising: 
processing circuitry; and (Koval; Fig. 1; 150 CPU)
a memory (Koval; fig. 1; 118 Memory) comprising instructions that, when executed by the processing circuitry, are configured to cause the processing circuitry to perform operations comprising: 
receiving an indication of a profile; (Koval; configuration [0011]; receiving security configuration for the meter [0011]; sending notification [0014])
generating a connectivity association key (CAK) based on the profile; (Koval; generating a private and public key a meter [0032])
distributing a copy of the CAK to a device of the electric power distribution system; and (Koval; transmitting public key [0032])
establishing a connectivity association with the device in accordance with the profile based on a verification that the device possesses the copy of the CAK. (Koval; verifying signature [0033])
As to claim 2, Koval further disclose(s) the control system of claim 1, 
wherein the profile defines a set of variables, (Koval; profile settings [0093]; parameters [0116]; parameters [0017]) and the instructions, (Koval; instructions [0047]) 
when executed by the processing circuitry, are configured to cause the processing circuitry to adjust device settings (Koval; Fig. 1; CPU 100; 114, 180, 118) of a gateway of the electric power distribution system (Koval; electrical power distribution system [0027]) based on the profile to establish the connectivity association in accordance with the set of variables. (Koval; authentication, public, private key [0032]) 
As to claim 3, Koval disclose(s) the control system of claim 1, wherein the instructions, when executed by the processing circuitry, are configured to cause the processing circuitry to generate the CAK to include a connectivity association key name (CKN) indicative of the profile. (Koval; a connectivity association key name is broadly interpreted to include cited certificate, username, key; [0121]; [0122]; specific attributes of a CKN could be included in the claims to distinguish from the cited reference)
As to claim 6, Koval disclose(s) the control system of claim 1, wherein the instructions, when executed by the processing circuitry, are configured to cause the processing circuitry to perform operations comprising: 
distributing the copy of the CAK to the device via a previously established connectivity association with the device; and (Koval; update the security credentials; [0087])
establishing the connectivity association with the device in accordance with the profile to replace the previously established connectivity association. (Koval; update local security configuration [0090])
As to claim 7, Koval disclose(s) the control system of claim 1, wherein the instructions, when executed by the processing circuitry, are configured to cause the processing circuitry to receive the indication of the profile via a user input. (Koval; an administrator may perform configuration changes on the meter; [0087])
As to claim 8, Koval disclose(s) a system, comprising: 
an intelligent electronic device (IED); and (Koval; IED 100; Fig. 1; [0050])
a gateway configured to perform operations comprising: (Koval; security server 606; fig. 6)
receiving an indication of a profile, wherein the profile defines a set of variables; (Koval; configuration [0011]; receiving security configuration for the meter [0011]; sending notification [0014]) (Koval; profile settings [0093]; parameters [0116]; parameters [0017] teach variables)
generating a connectivity association key (CAK) based on the profile; (Koval; generating a private and public key a meter [0032])
distributing a copy of the CAK to the IED; and (Koval; transmitting public key [0032])
establishing a connectivity association with the IED based on the set of variables defined by the profile in response to a verification that the IED possesses the copy of the CAK. (Koval; verifying signature [0033])
As to claim 9, Koval disclose(s) the system of claim 8, wherein the IED is configured to perform operation comprising: 
receiving the copy of the CAK distributed by the gateway; (Koval; receiving security configuration at the meter [0014])
identifying the profile based on the CAK; and (Koval; device profile [0017])
establishing the connectivity association with the gateway based on the set of variables defined by the profile. (Koval; generate certificate; [0032])
As to claim 13, Koval disclose(s) the system of claim 8, wherein the set of variables comprises a property of the connectivity association, a property of a media access control security (MACsec) communication link established between the IED and the gateway based on the connectivity association, or both. (Koval; Security and non-security parameters [0017])
As to claim 14, Koval disclose(s) 14. The system of claim 8, wherein the gateway is configured to perform operations comprising: 
receiving an additional indication of an additional profile, wherein the additional profile defines an additional set of variables; (Koval; update the security credentials; [0087])
generating an additional CAK based on the additional profile; (Koval; generating a private and public key a meter [0032])
distributing a copy of the additional CAK to the IED; and (Koval; update local security configuration [0090])
establishing an additional connectivity association with the IED based on the additional set of variables defined by the additional profile in response to a verification that the IED possesses the copy of the additional CAK, wherein the additional connectivity association replaces the connectivity association. (Koval; verifying signature [0033])
Claim(s) 12 is/are rejected under 35 U.S.C. 103 as being unpatentable over Koval in view of U.S. Pre-Grant Publication US 20120173875 A1 to Mahidhara et al. (“Mahidhara”).
As to claim 12, Koval disclose(s) 12. The system of claim 8, wherein the gateway is configured to perform operations comprising: 
receiving an additional indication that a communication link is to be established between the IED and the gateway; (Koval; configuration [0011]; receiving security configuration for the meter [0011]; sending notification [0014])
generating an additional CAK in response to the receipt of the additional indication, wherein the profile defines an additional set of variables; (Koval; generating a private and public key a meter [0032])
distributing a copy of the additional CAK to the IED; and (Koval; transmitting public key [0032])
establishing an additional connectivity association with the IED based on the additional set of variables in response to a verification that the IED possesses the copy of the additional CAK. (Koval; verifying signature [0033])
Koval does not expressly disclose, wherein the additional indication is not associated with any profile and based on a default profile in response to the receipt of the additional indication. 
Mahidhara discloses wherein the additional indication is not associated with any profile and based on a default profile in response to the receipt of the additional indication. (Mahidhara; [0018])
At the time of invention, it would have been obvious to a person of ordinary skill in the art to select a default profile of Mahidhara with the profiles of Koval. One of ordinary skill in the art would have been motivated to combine the teachings as both concerned with secure connections. Using the default profile of Mahidhara would allow for the connection to be made without an explicit selection.
Accordingly, the prior art references teach all of the claimed elements.
Furthermore, it would have been obvious to combine the teachings as all the claimed elements were known in the prior art and one skilled in the art could have combined the elements as claimed by known methods with no change in their respective functions, and the combination would have yielded nothing more predictable results to one of ordinary skill in the art.

Claim(s) 4 and 5 is/are rejected under 35 U.S.C. 103 as being unpatentable over Koval in view of U.S. Pre-Grant Publication US 20190173860 A1 to Sankaran et al. (“Sankaran”).
As to claim 4, Koval disclose(s) the control system of claim 1, wherein the instructions, when executed by the processing circuitry, are configured to cause the processing circuitry to perform operations comprising: 
generating a security association key (SAK) for the connectivity association based on the CAK; and transmitting a copy of the SAK to the device via the connectivity association to establish a secure connection with the device. (Koval; a security association key name is broadly interpreted to include cited second certificate 803; [0121]; [0122])
Koval does not express disclose the secure connection being a media access control security (MACsec) communication link.
Sankaran discloses a MACsec secure connection. (Sankaran; [0020])
At the time of invention, it would have been obvious to a person of ordinary skill in the art to replace the secure connection of Koval with the MACsec secure connection of Sankaran. One of ordinary skill in the art would have been motivated to combine the teachings as both concerned with a secure connection. MACsec is a well-known protocol to those of ordinary skill in the art and using the MACsec connection of Sankaran would allow for the connection to be interoperable with other devices that use this protocol.
Accordingly, the prior art references teach all of the claimed elements.
Furthermore, it would have been obvious to combine the teachings as all the claimed elements were known in the prior art and one skilled in the art could have combined the elements as claimed by known methods with no change in their respective functions, and the combination would have yielded nothing more predictable results to one of ordinary skill in the art.
As to claim 5, Koval in view of Sankaran disclose(s) the control system of claim 4, wherein the instructions, when executed by the processing circuitry, are configured to cause the processing circuitry to use the SAK to encrypt data to be transmitted via the MACsec communication link, use the SAK to decrypt encrypted data received via the MACsec communication link, or both. (Koval; encrypted tunnel; [0124]; encrypted protocols IPSEC [0129])
Claim(s) 10, 11 and 15-19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Koval in view of U.S. Pre-Grant Publication US 20220263798 A1 to Saghir et al. (“Saghir”).
As to claim 10, Koval disclose(s) the system of claim 9, wherein the gateway is configured to store a plurality of profiles, each profile of the plurality of profiles defines a respective set of variables, and the gateway is configured to identify the profile from the plurality of profiles based on the CAK. (Koval; server stores configurations for plurality of meters [0011])
Koval does not expressly disclose the IED storing multiple profiles. 
Saghir disclose storing multiple security profiles and choosing one profile. (Saghir; [0025] store multiple security profiles associated with a given device)
At the time of invention, it would have been obvious to a person of ordinary skill in the art to replace the profiles of Koval with the device profiles of Saghir. One of ordinary skill in the art would have been motivated to combine the teachings as both concerned with connection profiles. Multiple profile connections of Saghir would allow for the devices to be used for multiple connections.
Accordingly, the prior art references teach all of the claimed elements.
Furthermore, it would have been obvious to combine the teachings as all the claimed elements were known in the prior art and one skilled in the art could have combined the elements as claimed by known methods with no change in their respective functions, and the combination would have yielded nothing more predictable results to one of ordinary skill in the art.
As to claim 11, Koval in view of Saghir disclose(s) the system of claim 10, wherein the CAK comprises a connectivity association key name (CKN) indicative of an identifier of the profile, and the IED is configured to perform operations comprising: 
comparing the identifier of the profile with respective identifiers of the plurality of profiles; and (Saghir; selecting a security level [0033])
identifying the profile from the plurality of profiles based on the identifier of the profile matching with a respective identifier of one of the plurality of profiles. (Saghir; profile includes an indication of a level of security [0033]) 
See above similar motivation to combine.
As to claim 15, Koval disclose(s) an intelligent electronic device (IED) of an electric power distribution system, the IED comprising a tangible, non-transitory, computer-readable medium that comprises instructions, wherein the instructions, when executed by processing circuitry, are configured to cause the processing circuitry to perform operations comprising: 
receiving a first identifier of a profile; (Koval; configuration [0011]; receiving security configuration for the meter [0011]; sending notification [0014])
Koval does not expressly disclose a plurality of profiles.
Saghir disclose comparing the first identifier with respective identifiers of a plurality of profiles, wherein each profile of the plurality of profiles defines a respective set of variables; (Saghir; [0025] store multiple security profiles associated with a given device)
selecting a selected profile from the plurality of profiles based on a match between the first identifier of the profile and a second identifier of the selected profile; (Saghir; selecting a security level [0033])
and establishing a connectivity association based on a set of variables defined by the selected profile. (Saghir; profile includes an indication of a level of security [0033])
See above similar motivation to combine.
As to claim 16, Koval in view of Saghir discloses the IED of claim 15, wherein the instructions, when executed by the processing circuitry, are configured to cause the processing circuitry to block establishment of the connectivity association based on the set of variables defined by the selected profile in response to a mismatch between the first identifier of the profile and the respective identifiers of the plurality of profiles. (Koval discloses authentication, without permission connection would not be allowed; [0094])
As to claim 17, Koval in view of Saghir discloses the IED of claim 15, wherein the instructions, when executed by the processing circuitry, are configured to cause the processing circuitry to perform operations comprising: 
storing a plurality of files, wherein each file is representative of one of the plurality of profiles and defining values for the respective set of variables of the one of the plurality of profiles; (Saghir; [0025] store multiple security profiles associated with a given device)
selecting a file of the plurality of files based on the match between the first identifier of the profile and the second identifier of the selected profile, wherein the file is representative of the selected profile; and (Saghir; selecting a security level [0033])
establishing the connectivity association based on the values of the set of variables and defined by the file. (Saghir; profile includes an indication of a level of security [0033])
As to claim 18, Koval in view of Saghir discloses the IED of claim 15, wherein the instructions, when executed by the processing circuitry, are configured to cause the processing circuitry to adjust a device setting of the IED to establish the connectivity association based on the set of variables defined by the selected profile. (Koval; update configurations [0091])
As to claim 19, Koval in view of Saghir discloses the IED of claim 15, wherein the instructions, when executed by the processing circuitry, are configured to receive the first identifier of the profile from a connectivity association key (CAK) transmitted via an adoption link or a previously established connectivity association. (Koval; pre-shared credentials disclose(s) previously established association [0142])
Claim(s) 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Koval-Saghir in further view of Sankaran.
As to claim 20, Koval in view of Saghir discloses the IED of claim 15, wherein the instructions, when executed by the processing circuitry, are configured to cause the processing circuitry to perform operations comprising: 
But does not expressly disclose receiving a security association key (SAK) via the connectivity association to establish a media access control security (MACsec) communication link; and 
using the SAK to communicate data via the MACsec communication link.
Sankaran discloses a MACsec secure connection. (Sankaran; [0020])
receiving a security association key (SAK) via the connectivity association to establish a media access control security (MACsec) communication link; and (Sankaran encryption key; [0028])
using the SAK to communicate data via the MACsec communication link. (Sankaran; encrypting packets [0029])
At the time of invention, it would have been obvious to a person of ordinary skill in the art to replace the secure connection of Koval with the MACsec secure connection of Sankaran. One of ordinary skill in the art would have been motivated to combine the teachings as both concerned with a secure connection. MACsec is a well-known protocol to those of ordinary skill in the art and using the MACsec connection of Sankaran would allow for the connection to be interoperable with other devices that use this protocol.
Accordingly, the prior art references teach all of the claimed elements.
Furthermore, it would have been obvious to combine the teachings as all the claimed elements were known in the prior art and one skilled in the art could have combined the elements as claimed by known methods with no change in their respective functions, and the combination would have yielded nothing more predictable results to one of ordinary skill in the art.





Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
US 20180066860 A1 to Carlson et al. Carlson is useful background art in the area of remotely configuring electrical power systems. 
US 20190116183 A1 to HUSSAIN et al. Hussain pertains to the MACsec protocol to provide secure communications and teaches some aspects of the claimed invention used in combination with other relevant art. 
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRYAN LEE whose telephone number is (571)270-5606.  The examiner can normally be reached on Mon-Fri 9am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, OSCAR LOUIE can be reached on (571)270-1684.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/BRYAN LEE/Primary Examiner, Art Unit 2445