DETAILED ACTION
This is a final Office action in response to communications received on 11/04/2022.  Claims 1, 7, 12 and 22 were amended.  Claims 8-10 were previously cancelled.  Claims 1-7 and 11-22 are pending and are examined.  The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 

Response to Arguments
Applicant’s amendment, filed 11/04/2022, of claim 7 removing the claim term “its” is sufficient to overcome the grammatical informalities in the claim.  Accordingly, the objection to claim 7 is withdrawn.
Applicant’s amendment, filed 11/04/2022, substituting the claim term “when” for “if” in claims 12 and 22 is sufficient to overcome the objection to aforementioned claims.  Accordingly, the objection to claims 12 and 22 are withdrawn.
The double patenting rejection is maintained as no terminal disclaimer has been filed.
Applicant’s Remarks, filed 11/04/2022, regarding 103 have been considered, but have not been found persuasive.
Applicant argues on pages 11-12 of the Remarks that Schultz fails to disclose the amended claim limitation “propagating disruption through the dependency graph based on the seed event until a threshold number of nodes is affected or a threshold loss magnitude aggregated for two or more affected assets of the plurality of assets is exceeded” because “any thresholds or controls placed on the propagation of events in the Schultz technique are based solely on time and processing limits aimed at increasing the efficiency of the model” while “the claimed invention uses a deterministic number – a threshold loss magnitude aggregated for two or more affected assets of the plurality of assets – as its threshold for when to halt propagation modeling”, however the Examiner respectfully disagrees.  Claim 1 does not disclose what actually happens after the threshold is reached or how the results of performing the Monte Carlo simulations are used for the steps that follow it (i.e. how are the results of the Monte Carlo simulations used to assess and aggregate loss).  Claim 1 does not disclose that no further disruptions are propagated through the Monte Carlo simulations after that point (i.e. was the determination of the point at which the threshold is exceeded a stopping point or just a number that is saved for consideration in future Monte Carlo simulations.  In summary, all that claim 1 currently requires is performing Monte Carlo simulations until a determination is made that a threshold loss magnitude for some of the assets is exceeded.  In addition, Schultz does not just disclose halting Monte Carlo simulations based on time and processing limitations.  Schultz explicitly discloses performing Monte Carlo procedures until a constraint is exceeded (paras. [0261], [0269]).  Schultz explicitly states that its methods are “not limited to financial-risk assessment” (para. [0080]) and discloses using a combination of Monte Carlo techniques and propagation of analytic distributions in order to create a model of the likelihood of loss in a computer network (para. [0088]), one output of which is the exceedance probability curve in which the likelihood of experiencing a loss of 10M is generated (para. [0084]).  Therefore, Schultz discloses propagating distributions through Monte Carlo simulations until a determination of when a likelihood greater than a certain amount (79% in this case) of reaching a certain amount of loss (10M in this case) will be reached.  Even if Schultz does not explicitly disclose the amount/constraint at which the Monte Carlo simulations would stop being performed, one of ordinary skill in the art would find it obvious that the constraint/number could be set to any number including a number set in relation to the exceedance probability curve.  Consequently, Schultz teaches the limitations for which it is cited.  
Applicant’s arguments filed 11/04/2022, with respect to the rejection of claims 1-7 and 11-22 under 35 USC § 103(a) have been fully considered but are moot because newly added claim limitations requiring “propagating disruption through the dependency graph based on the seed event until a threshold number of nodes is affected or a threshold loss magnitude aggregated for two or more affected assets of the plurality of assets is exceeded" require new grounds of rejection necessitated by amendments.
Any additional remaining arguments fail to comply with 37 C.F.R. 1.111(b) because they amount to a general allegation that the claims define a patentable invention without specifically pointing out how the language of the claims patentably distinguishes them from the references.
Consequently, the rejection of the claims under 35 U.S.C. 103 is sustained.

Claim Objections
Claim 1 is objected to the following reasons: the claim appears to disclose that Monte Carlo simulations are propagated through the graph until a determination that a threshold loss magnitude aggregated for two or more affected assets is exceeded is reached, but it is unclear from claim 1, the Specification and Figures how the results of that determination are used/related to the steps that follow and in what order the steps (including the amended step) are meant to proceed.  First, it is unclear what affected assets are and how they relate to the claim limitations as a whole.  The plurality of assets comprise assets that have at least one dependency, so are affected assets those assets with a dependency that is affected by a loss or assets that have suffered some minimum loss?  Second, the claimed step of propagating disruption through the dependency group until a threshold loss magnitude aggregated for two or more affected assets is exceeded appears to contradict the Specification and Figures.  Paragraph [0028] and Figure 1B disclose that the step of aggregating the losses only occurs if the threshold is NOT exceeded.  Otherwise, if the threshold is exceeded, “control returns to process 106 for one or more runs of the Monte Carlo simulation” (para. [0028]).  In addition, the step of assessing losses (step 110, Fig. 1B) appears to occur before the step of determining whether the threshold is met?  This would make more sense, because then it would explain how a determination could be made as to whether a threshold of loss had been reached (because losses had already been assessed!).  Third, it is unclear how the steps of performing the Monte Carlo simulations and determining when the threshold are reached relate to the steps that follow it because no details are provided in the claim about how the results of the Monte Carlo simulations are used in the steps that follow it.  Further clarification/correction is required.

Double Patenting
The non-statutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159.  See MPEP §§ 706.02(l)(1) - 706.02(l)(3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1-7 and 11-22 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of US Patent No. 10931705 (formerly co-pending application 16/795,056), claims 1-21 of U.S. Patent No. 10257219 (formerly co-pending application 15/918,286) and claims 1-21 of U.S. Patent No. 10594723 (formerly co-pending application 16/292,956). Although the claims at issue are not identical, they are not patentably distinct from each other because claim 1 of the current application has been amended to incorporate different dependent claims from the parent applications that have been allowed.
Instant Application
US Patent No.10,931,705
U.S. Patent No. 10,257,219
U.S. Patent No. 10,594,723
Claim 1, Claims 8-10
Claim 1, Claims 8-10
Claim 1, Claims 8-10
Claim 1, Claims 8-10
Claim 2
Claim 2
Claim 1
Claim 1
Claim 3
Claim 3
Claim 3
Claim 3
Claim 4
Claim 4
Claim 1
Claim 1
Claim 5
Claim 5
Claim 5
Claim 5
Claim 6
Claim 6
Claim 6
Claim 6
Claim 7
Claim 7
Claim 7
Claim 7
Claim 11
Claim 10
Claim 11
Claim 11
Claim 12
Claim 1
Claim 12
Claim 12
Claim 13
Claim 11
Claim 13
Claim 13
Claim 14
Claim 12
Claim 14
Claim 14
Claim 15
Claim 13
Claim 15
Claim 15
Claim 16
Claim 14
Claim 16
Claim 16
Claim 17
Claim 15
Claim 17
Claim 17
Claim 18
Claim 16
Claim 18
Claim 18
Claim 19
Claim 17
Claim 19
Claim 19
Claim 20
Claim 18
Claim 1
Claim 20
Claim 21
Claim 19
Claim 21
Claim 21
Claim 22
Claim 20
Claim 22
Claim 22


“A later patent claim is not patentably distinct from an earlier patent claim if the later claim is obvious over, or anticipated by, the earlier claim.  In re Longi, 759 F.2d at 896, 225 USPQ at 651 (affirming a holding of obviousness-type double patenting because the claims at issue were obvious over claims in four prior art patents); In re Berg, 140 F.3d at 1437, 46 USPQ2d at 1233 (Fed. Cir. 1998) (affirming a holding of obviousness-type double patenting where a patent application claim to a genus is anticipated by a patent claim to a species within that genus). “  ELI LILLY AND COMPANY v BARR LABORATORIES, INC., United States Court of Appeals for the Federal Circuit, ON PETITION FOR REHEARING EN BANC (DECIDED:  May 30, 2001). 

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


	The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1.	Determining the scope and contents of the prior art.
2.	Ascertaining the differences between the prior art and the claims at issue.
3.	Resolving the level of ordinary skill in the pertinent art.
4.	Considering objective evidence present in the application indicating obviousness or nonobviousness.


This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
Claims 1-6 and 13-19 are rejected under 35 U.S.C. 103 as being unpatentable over Schultz et al. (U.S. Patent Application Publication 2015/0381649; hereafter “Schultz”) in view of Wiemer et al. (U.S. Patent Application Publication 2007/0067845; hereafter “Wiemer”).
Regarding claim 1, Schultz discloses the limitations substantially as follows:
A computer-implemented method for quantifying correlated risk in a network of a plurality of assets, having at least one dependency, each asset belonging to at least one entity (paras. [0033], [0040], [0042]-[0043], [0067], [0075]: quantifying and correlating risk in a network of attacks by an entity against tangible and intangible assets of an organization), the method comprising:
generating a dependency graph (para. [0165]: directed-acyclic graph (i.e. dependency graph));
wherein the dependency graph comprises (i) a plurality of edges and (ii) a plurality of nodes, wherein each edge has a conditional probability that the asset on a receiving node of a particular edge, of the plurality of edges, is compromised given that the providing node, of the plurality of nodes, is compromised (para. [0165], [0176]-[0179] of Schultz: the directed-acyclic graph comprises nodes and path segments with directed link points (i.e. edges), where each path segment with directed link points (i.e. edge) has a condition probability that the asset location/type of the node with directed link points (i.e. of a particular edge of edges) has been attacked/compromised given that the logical condition of the parent node is that it has been compromised/exploited (i.e. providing node is compromised));
executing a plurality of Monte Carlo simulations over the dependency graph by (para. [0088]: Monte Carlo simulations):
generating a seed event in the dependency graph (para. [0227]: events are fired down the graph), the seed event having a probability distribution (paras. [0088], [0191], probability distribution); and
propagating disruption through the dependency graph based on the seed event until a threshold number of nodes is affected or a threshold loss magnitude aggregated for two or more affected assets of the plurality of assets is exceeded (paras. [0064], [0082]-[0084], [0088], [0099], [0191], [0269]: events are propagated analytically by firing events through the graph to estimate loss until a determination is made of when a constraint or likelihood greater than a certain amount (i.e. such as an amount greater than 79%) (i.e. threshold loss magnitude exceeded) is reached indicating that a certain amount of loss (such as 10M) will be reached/exceeded as determined from an exceedance probability curve in which the total loss for targeted assets are aggregated (i.e. aggregated for two or more affected assets of the plurality of assets));
assessing loss for each asset of the plurality of assets (paras. [0082], [0296], Step X, asset loss estimates for assets for different sublevels/subsets); and
aggregating losses for two or more assets of the plurality of assets to determine correlated risk in the network (para. [0082], [0098], aggregating losses for assets for different sublevels; para. [0116], computes the asset damage 316, and inputs this information to the financial loss forecasting component 318, which computes the financial instrument loss as a function of time 320; paras. [0075], [0177], aggregate the results of the node to determine a correlated risk).
Schultz does not explicitly disclose the remaining limitations of claim 1 as follows:
generating a dependency graph based on relationships between the plurality of assets, the at least one dependency, and the at least one entity; 
wherein the dependency graph comprises (i) a plurality of edges representing relationships between the plurality of assets, the at least one dependency, and the at least one entity and (ii) a plurality of nodes representing the plurality of assets, the at least one dependency, and the at least one entity;
However, in the same field of endeavor Wiemer discloses the limitations of claim 1 as follows:
generating a dependency graph based on relationships among the plurality of assets, the at least one dependency, and the at least one entity (paras. [0054]-[0055], [0057]-[0058], Fig. 3B: generating a model showing assets and their dependencies (i.e. dependency graph) based on relationships between assets, dependencies and at least one network/sub-network of nodes from one vendor);
wherein the dependency graph comprises (i) a plurality of edges representing relationships between the plurality of assets, the at least one dependency, and the at least one entity and (ii) a plurality of nodes representing the plurality of assets, the at least one dependency, and the at least one entity(paras. [0054]-[0055], [0057], [0058]: Fig. 3B of Wiemer: model of assets as nodes physically connected with edges representing relationships between the assets/dependencies for a network/subnetwork of a vendor (i.e. entity));
Wiemer is combinable with Schultz because both are from the same field of endeavor of generating models to assess risk.  It would have been obvious to one of ordinary skill before the effective filing date of the claimed invention to integrate Wiemer’s method of a generating a dependency graph modeling at least one entity with the system of Schultz in order to increase the flexibility of the system by enabling generating of risk assessments for multiple different components/vendors and networks based upon the relationships between the different vendors and networks.   

	Regarding claim 2, Schultz and Wiemer teach the limitations of claim 1.
Schultz teaches the limitations of claim 2 as follows:
	The method of claim 1, wherein:
each of the plurality of assets is selected from the group consisting of: Internet Protocol (IP) address, domain name, and server system (paras. [0040], [0042]-[0043]: assets include tangible assets such as servers and intangible assets such as domain names); 
each of the at least one entity is selected from the group consisting of: a company and an organization (paras. [0070], [0072], [0075]: companies and organizations); 
and each of the at least one dependency is selected from the group consisting of: hosting provider and software version (paras. [0045], [0070], [0102]: dependent upon organization characteristics and valued assets such as servers, cloud services, web sites, hosting on cloud data center provider (i.e. hosting providers)).

	Regarding claim 3, Schultz and Wiemer teach the limitations of claim 1
Wiemer discloses the limitations of claim 3 as follows:
The method of claim 1, further comprising:
receiving information indicative of the relationships between the plurality of assets, the at least one dependency, and the at least one entity (paras. [0019], [0042] and [0054]-[0055], [0057], [0058]: model receives node and link information for displaying assets physically linked through relationships/dependencies illustrated for one network/sub-network of a vendor (i.e. for one entity)).
The same motivation to combine utilized in claim 1 is equally applicable in the instant claim.

Regarding claim 4, Schultz and Wiemer teach the limitations of claims 1 and 3
Schultz discloses the limitations of claim 4 as follows:
The method of claim 3, further comprising: 
storing information indicative of the relationships between the plurality of assets, the at least one dependency, and the at least one entity in a database, wherein the information is at least one of the group consisting of domain name system (DNS) record, server banner, traffic data, malware infection, and software version (para. [0048], [0055], [0085], [0108], [0114]-[0115], [0146], [0155], [0161], [0165], [0274], [0282]: storing information generated from the risk correlations and probability distributions including system state information indicating the degree of compromise from malware attack/infection and attacker/malware attributes (i.e. information consists of malware infection information).

Regarding claim 6, Schultz and Wiemer teach the limitations of claims 1 and 3. 
Schultz discloses the limitations of claim 6 as follows:
The method of claim 3, wherein the information indicative of the relationships includes inter-business payment data (paras. [0045], [0084]: payment information).

	Regarding claim 13, Schultz, Wiemer and Flores teach the limitations of claim 1
Schultz discloses the limitations of claim 13 as follows:
The method of claim 1, further comprising: storing information related to the aggregated losses for the two or more assets of the plurality of assets in a database (para. [0108], [0114]-[0115], [0165], [0274], [0282]: storing probability distributions related to computing aggregated losses of assets in a database/data storage).

Regarding claim 14, Schultz and Wiemer teach the limitations of claim 1
Weimer discloses the limitations of claim 14 as follows:
The method of claim 1, wherein the at least one entity comprises at least two entities, and a first asset of the two or more assets belongs to a first entity of the at least two entities and a second asset of the two or more assets belongs to a second entity of the at least two entities (para. [0057] of Wiemer, Apache WWW and Oracle DB).
The same motivation to combine utilized in claim 1 is equally applicable in the instant claim.

Regarding claim 15, Schultz and Wiemer teach the limitations of claims 1 and 14.
Weimer discloses the limitations of claim 15 as follows:
The method of claim 14, wherein at least one of the first and second assets belongs to another entity of the at least two entities (para. [0057] of Wiemer, Apache WWW and Oracle DB).
The same motivation to combine utilized in claim 1 is equally applicable in the instant claim.

Regarding claim 16, Schultz and Wiemer teach the limitations of claims 1 and 14.
Shultz discloses the limitations of claim 16 as follows:
The method of claim 14, further comprising:
aggregating losses for two or more entities of the at least two entities to determine correlated risk in the network (paras. [0070], [0075], [0139]-[0141]: aggregating losses for two organizations that are interdependent to determine correlated risk for the network).

Regarding claim 17, Schultz and Wiemer teach the limitations of claims 1, 14 and 16.
Shultz discloses the limitations of claim 17 as follows:
The method of claim 16, further comprising:
storing information related to the aggregated losses for the two or more entities of the at least two entities in a database (paras. [0108], [0114]-[0115], [0165], [0274], [0282]: storing probability distributions (i.e. information) related to aggregating losses for organizations in a database).

Regarding claim 18, Schultz and Wiemer teach the limitations of claims 1 and 14.
Shultz discloses the limitations of claim 18 as follows:
The method of claim 14, wherein each of the at least two entities is assigned to at least one portfolio, and wherein the method further comprises:
aggregating losses for two or more portfolios of the at least one portfolio to determine correlated risk in the network (paras. [0070]-[0071], [0075], [0172]: organizations have financial portfolios and aggregating losses for portfolios to correlate risk for the network)).

Regarding claim 19, Schultz and Wiemer teach the limitations of claims 1, 14 and 18.
Shultz discloses the limitations of claim 19 as follows:
The method of claim 18, further comprising: storing information related to the aggregated losses for the two or more entities of the at least two entities in a database (paras. [0108], [0114]-[0115], [0165], [0274], [0282]: computation values are stored).

Claims 11-12 and 21-22 are rejected under 35 U.S.C. 103 as being unpatentable over Schultz et al. (U.S. Patent Application Publication 2015/0381649; hereafter “Schultz”) and Wiemer et al. (U.S. Patent Application Publication 2007/0067845; hereafter “Wiemer”), as applied to claim 1, further in view of Flores et al. (U.S. Patent Application Publication 2013/0347116; hereafter “Flores”).
Regarding claim 11, Schultz and Weimer teach the limitations of claim 1.
Schultz teaches the limitations of claim 11 as follows:
The method of claim 1, wherein the seed event is a breach or failure (paras. [0034]-[0035], [0121]: breach or failure of organization for attacks).
Neither Schultz or Weimer discloses the limitations of claim 11 as follows:
of the at least one dependency
However, in the same field of endeavor, Flores discloses the limitations of claim 11 as follows:
of the at least one dependency (paras. [0046], [0153] of Flores: particular criminal or threatening groups target specific entities).
Flores is combinable with Wiemer and Schultz because all three are from the same field of endeavor of generating models to assess risk.  It would have been obvious to one of ordinary skill before the effective filing date of the claimed invention to integrate Flores’ method of generating a probability distribution for the likelihood that an asset will become unavailable with the system of Schultz and Wiemer in order to enable the system to determine when the losses sustained by an asset are so great that the asset is unusable to enable the system to predict when to provision alternate assets to replace assets rendered unavailable.  

Regarding claim 12, Schultz and Weimer disclose the limitations of claim 1.
Neither Schultz or Weimer discloses the limitations of claim 12 as follows:
The method of claim 1, wherein the probability distribution is a probability that the asset will become unavailable [[if]] when a related dependency fails.
However, in the same field of endeavor, Flores discloses the limitations of claim 12 as follows:
The method of claim 1, wherein the probability distribution is a probability that the asset will become unavailable [[if]] when a related dependency fails (paras. [0082], [0153], [0158], [0238]: probability distribution describing possibility/likelihood that the malware breaks the system causing it to be unusable (i.e. unavailable) if the system/anti-virus fails to detect the malware (i.e. related dependency fails)); (see also Schultz, paras. [0040], [0068], [0070], [0080], [0085]: probabilistic determination represents likelihood that an attack will cause loss of/to an asset if the attack causes a failure/breach upon the organization to which the asset belongs (i.e. related dependency fails));
Flores is combinable with Wiemer and Schultz because all three are from the same field of endeavor of generating models to assess risk.  It would have been obvious to one of ordinary skill before the effective filing date of the claimed invention to integrate Flores’ method of generating a probability distribution for the likelihood that an asset will become unavailable with the system of Schultz and Wiemer in order to enable the system to determine when the losses sustained by an asset are so great that the asset is unusable to enable the system to predict when to provision alternate assets to replace assets rendered unavailable.  

Regarding claim 21, Schultz and Weimer teach the limitations of claim 1.
Neither Shultz or Weimer discloses the limitations of claim 21 as follows:
The method of claim 1, wherein a number of the plurality of Monte Carlo simulations is selected to reduce a statistical variance of the plurality of Monte Carlo simulations.
However, in the same field of endeavor, Flores teaches the limitations of claim 21 as follows:
The method of claim 1, wherein a number of the plurality of Monte Carlo simulations is selected to reduce a statistical variance of the plurality of Monte Carlo simulations (paras. [0082], [0097] of Flores: number of Monte Carlo trials is selected to be sufficiently large to guarantee draws from each probability distribution).
Flores is combinable with Wiemer and Schultz because all three are from the same field of endeavor of generating models to assess risk.  It would have been obvious to one of ordinary skill before the effective filing date of the claimed invention the simulation to integrate Flores’ method of selecting the number of Monte Carlo trials with the system of Schultz and Wiemer in order to ensure that the number of trials is large enough to adequately sample from each of the probability distributions (Flores, para. [0097]).

Regarding claim 22, Schultz and Weimer teach the limitations of claim 1.
Neither Schultz or Weimer discloses the limitations of claim 22 as follows:
The method of claim 1, wherein executing a plurality of Monte Carlo simulations over the dependency graph further comprises:
comparing to a threshold; and
terminating the plurality of Monte Carlo simulations [[if]] when the statistical variance is equal to or less than the threshold
Flores teaches the limitations of claim 22 as follows:
The method of claim 1, wherein executing a plurality of Monte Carlo simulations over the dependency graph further comprises:
comparing to a threshold (para. [0097] of Flores: determining if the number of Monte Carlo trials is large enough to ensure that the random draws of the probability distributions are adequately sampled (i.e. determining that the variance among the probability distributions meets threshold)); and
terminating the plurality of Monte Carlo simulations [[if]] when the statistical variance is equal to or less than the threshold (para. [0097] of Flores: not doing more Monte Carlo trials than is needed to ensure that the random draws are adequate (i.e. terminating performance of the Monte Carlo trials upon reaching number large enough to be adequate (i.e. once statistical variation reaches threshold)).
Flores is combinable with Wiemer and Schultz because all three are from the same field of endeavor of generating models to assess risk.  It would have been obvious to one of ordinary skill before the effective filing date of the claimed invention the simulation to integrate Flores’ method of selecting the number of Monte Carlo trials with the system of Schultz and Wiemer in order to ensure that the number of trials is large enough to adequately sample from each of the probability distributions (Flores, para. [0097]).

Claim 20 is rejected under 35 U.S.C. 103 as being unpatentable over Schultz et al. (U.S. Patent Application Publication 2015/0381649; hereafter “Schultz”) and Wiemer et al. (U.S. Patent Application Publication 2007/0067845; hereafter “Wiemer”), as applied to claim 1, further in view of Howes et al. (U.S. Patent Application Publication 2013/0091574; hereafter “Howes”).
Regarding claim 20, Schultz, Weimer and Flores teach the limitations of claim 1.
Schultz teaches the limitations of claim 20 as follows:
The method of claim 1, wherein the aggregating losses for two or more assets of the plurality of assets to determine correlated risk in the network level further comprises: 
aggregating losses in a nonlinear (see also Schultz, para. [0068]: quantifying linear and nonlinear damages to network dependent assets (i.e. for two or more assets of the plurality of assets).
Neither Schultz, Weimer or Flores teach the limitations of claim 20 as follows:
aggregating losses in a nonlinear sum for the two or more assets of the plurality of assets. 
However, in the same field of endeavor Howes teaches the limitations of claim 20 as follows:
aggregating losses in a nonlinear sum for the two or more assets of the plurality of assets (paras. [0088]-[0096]: summarizing losses in a nonlinear format for assets) 
Howes is combinable with Schultz and Wiemer because all three are from the same field of endeavor of detecting relationships and threats with assets of a network.  It would have been obvious to one of ordinary skill before the effective filing date of the claimed invention to integrate the nonlinear summation of aggregated loss of Howes with the combination of Schultz and Wiemer because it would be important to factor in the marginal loss of assets as a function of time since the marginal loss over time can vary for an asset due to the impact on each of confidentiality, integrity and availability (Howes, paras. [0055]-[0058]).

Claim 5 is rejected under 35 U.S.C. 103 as being unpatentable over Schultz et al. (U.S. Patent Application Publication 2015/0381649; hereafter “Schultz”) and Wiemer et al. (U.S. Patent Application Publication 2007/0067845; hereafter “Wiemer”), as applied to claim 1 above, further in view of Bahl et al. (U.S. Patent Application Publication 2008/0222287; hereafter “Bahl”).
Regarding claim 5, Schultz and Wiemer teach the limitations of claims 1 and 3.
Neither Schultz or Weimer teach the limitations of claim 5 as follows:
The method of claim 3, further comprising: observing traffic to and from a particular one of the plurality of assets in the network to identify at least one of (i) an entity and (ii) a dependency related to the particular asset.
However, in the same field of endeavor, Bahl teaches the limitations of claim 5 as follows:
The method of claim 3, further comprising: observing traffic to and from a particular one of the plurality of assets in the network to identify at least one of (i) an entity and (ii) a dependency related to the particular asset (para. [0036]: network dependencies are inferred by monitoring messages between endhosts).
Schultz and Wiemer are combinable with Bahl because all three are from the same field of endeavor of determining dependencies between components of a network.  It would have been obvious to one of ordinary skill before the effective filing date of the claimed invention to integrate Bahl’s method of identifying network dependencies by monitoring packets with the system of Schultz and Wiemer in order to enable the system to have additional means of detecting new dependencies in the network based on monitoring packets.

Claim 7 is rejected under 35 U.S.C. 103 as being unpatentable over Schultz et al. (U.S. Patent Application Publication 2015/0381649; hereafter “Schultz”) and Wiemer et al. (U.S. Patent Application Publication 2007/0067845; hereafter “Wiemer”), as applied to claim 1 above, further in view of Gonzalez Granadillo et al. (U.S. Patent Application Publication 2017/0324766; hereafter “Gonzalez”).
Regarding claim 7, Schultz and Wiemer teach the limitations of claim 1.
Neither Schultz and Weimer teach the limitations of claim 7 as follows:
The method of claim 1, wherein each of the plurality of assets is weighted according to its importance to the at least one entity having the asset.
However, in the same field of endeavor Gonzalez teaches the remaining limitations of claim 7 as follows:
The method of claim 1, wherein each of the plurality of assets is weighted according to [[its]] an importance of each respective asset to the at least one entity having the asset (para. [0094]: a weighting factor is assigned to each element type based on priority/importance to the system).
Schultz and Wiemer are combinable with Gonzalez because all three are from the same field of endeavor of generating risk assessments.  It would have been obvious to one of ordinary skill before the effective filing date of the claimed invention the weighting factor of Gonzalez with the system of Schultz and Wiemer because it would improve the simulation to weight assets based on priorities (para. [0050] of Gonzalez).

Primary Art Relied Upon But Not Cited
	1. Dirnstorfer (US 2011/0145168) disclosing modeling a monte carlo distribution for a path where the buyer is limited to a maximum number of assets with a timeframe, where the modeled path is a probability distribution (paras. [0031]-[0032], [0058], [0061]).

Conclusion
For the above-stated reasons, claims 1-7 and 11-22 are rejected.
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHARON S LYNCH whose telephone number is (571)272-4583.  The examiner can normally be reached on 10AM-6PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi T Arani can be reached on 571-272-3787.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SHARON S LYNCH/Primary Examiner, Art Unit 2438