DETAILED ACTION
Response to Amendment
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This is in reply to papers filed on 2022-12-08. Claims 1-9, 11-22 are pending, following applicant's cancellation of claims 10-11 and addition of claims 21-22. Claims 1, 19, 20 is/are independent.
The objections to informalities in the claims are withdrawn in view of Applicant’s amendments.
The objections to the title are withdrawn in view of Applicant’s amendments.
The rejection(s) of claims under 35 U.S.C. § 112 are withdrawn in view of Applicant’s amendments except as specifically set forth below.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).

Response to Arguments
Applicant’s arguments have been fully considered but are moot in view of the new ground(s) of rejection.
With respect to claim(s) 18 (see page(s) 40-41 of Applicant’s Remarks), Applicant provides comments on the prior art of record (in particular, Heiner 2015 in view of Deng 2010 in view of Akritidis 2008) with respect to the claim limitations "perform a check to determine whether the address is within a predefined memory region demarcated by a set of guard memory words".  Applicant’s arguments have been fully considered but are moot in view of the new ground(s) of rejection.  To the extent that such arguments remain applicable to the new rejections below, nothing in Applicant's arguments demonstrates that it would not have been obvious to have modified DeHon '368 with the guard words of Akritidis 2008 to add enhanced bounds checking to DeHon '368.

Claim Objections
Claim(s) 8 is/are objected to because of the following informalities: The examiner suggests the following corrections:
Claim 8:
Amend the claim to read, in part, as follows "claim 1, wherein the tag"

Claim Interpretation - 35 U.S.C. § 112(f)
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked.
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function;
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and
(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function.
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function.
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function.
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder (e.g., "unit") that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier.  Such claim limitation(s) is/are:
Claim
Limitation
Function
1
logic execution unit 
to process data based on instructions
1
tag processing unit
to enforce specific restrictions with respect to at least execution of instructions, access to resources, and manipulation of data, selectively dependent on the accompanying tags
1
control transfer processing unit
to validate a branch instruction execution and an entry point instruction of each control transfer, selectively dependent on the respective accompanying tags
9
cryptographic processing unit
to perform cryptographic operations on information communicated through the communication interface unit, wherein the cryptographic unit employs a distinct cryptographic key selectively dependent on at least one of a respective tag and a respective thread of instruction execution
12
address translation unit
to map logical memory spaces to physical memory pages
18
communication interface unit 
to retrieve information from a memory according to an address, store the retrieved information in a cache, and to perform a confinement check to determine whether the address is within a predefined memory region, and
to selectively access a tag in dependence on whether the address is within the predefined memory region comprising a fenced memory region demarcating by a set of guard memory words defining a starting address of a string of memory locations containing the information to be retrieved
19
communication interface unit
to control a transfer to the secure processor, from an external memory, the instruction and the data, and a tag accompanying the respective instruction and data
19
tag processing unit
to enforce a specific restriction with respect to at least execution of the instruction, access to at least one resource, and manipulation of the data, selectively dependent on the accompanying tag
19
control transfer processing unit
to validate each control transfer instruction for branch execution and entry point, selectively dependent on the accompanying tag


Note that the limitation "logic execution unit" in claim 19 is not being interpreted under 35 U.S.C. § 112(f) because it recites recognized structure sufficient to perform the functions (viz., "instruction processing pipeline").
Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.

Claim Rejections - 35 U.S.C. § 112
Claim(s) 1-9, 11-18 is/are rejected under 35 U.S.C. § 112(b) or 35 U.S.C. § 112 ¶ 2 (pre-AIA ) as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
In claim 1 , the phrase "the cache comprising" makes the claims indefinite and unclear in that it lacks antecedent basis.
In claim 1 , the phrase "the cache comprising" makes the claims indefinite and unclear in that it lacks antecedent basis.
In claim 9 , the phrase "the communication interface unit" makes the claims indefinite and unclear in that it lacks antecedent basis.
In claim 15, the phrase "the associated tags" makes the claims indefinite and unclear in that it lacks antecedent basis.  This rejection could be overcome by amending the claim to read "the accompanying 
Dependent claims 2-9, 12-18 are rejected for the reasons presented above with respect to rejected claims 1 and in view of their dependence thereon.

Summary of Claim Rejections under 35 U.S.C. § 102 and § 103
The following table summarizes the rejections set forth in detail below of the claims over the prior art.

Claim No.
DeHon '368 
DeHon '368 in view of Akritidis 2008 
1
[Wingdings font/0xFC]

2
[Wingdings font/0xFC]

3
[Wingdings font/0xFC]

4
[Wingdings font/0xFC]

5
[Wingdings font/0xFC]

6
[Wingdings font/0xFC]

7
[Wingdings font/0xFC]

8
[Wingdings font/0xFC]

9
[Wingdings font/0xFC]

12
[Wingdings font/0xFC]

13
[Wingdings font/0xFC]

14
[Wingdings font/0xFC]

15
[Wingdings font/0xFC]

16
[Wingdings font/0xFC]

17
[Wingdings font/0xFC]

18

[Wingdings font/0xFC]
19
[Wingdings font/0xFC]

20
[Wingdings font/0xFC]

21
[Wingdings font/0xFC]

22
[Wingdings font/0xFC]



Claim Rejections - 35 U.S.C. § 102
The following is a quotation of the appropriate paragraphs of AIA  35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claim(s) 1-9, 12-17, 19-22 is/are rejected under 35 U.S.C. § 102 as being anticipated by U.S. Publication 20170177368 to DeHon et al. (hereinafter "DeHon '368").  DeHon '368 is prior art to the claims under 35 U.S.C. § 102(a)(1) and 35 U.S.C. § 102(a)(2).
Per claim 1 (independent):
DeHon '368 discloses a secure microprocessor (modified RISC processor 12 [DeHon '368 ¶ 0089])
DeHon '368 discloses a logic execution unit configured to process data based on instructions, subject to interaction with a tag processing unit to enforce execution restrictions and a control transfer processing unit to enforce control transfer restrictions (execution unit 18 is subject to policies embodied in tags [DeHon '368 ¶ 0095-0096, 0082]; programmable unit for metadata processing (PUMP) processes tags [DeHon '368 ¶ 0081]; enforces control flow integrity policies [DeHon '368 ¶ 0261, 0149, 0096, 0082]; current instruction (CI) tags are used to enforce execution policies [DeHon '368 ¶ 0096, 0082])
DeHon '368 discloses the cache comprising a cache line having memory locations for storing instructions, and memory locations for storing tags accompanying the respective instructions, the cache being configured to receive the instructions and tags from a memory external to the secure microprocessor (cache, memory are made wider to hold tags [DeHon '368 ¶ 0094]; instruction tags, data tags [DeHon '368 ¶ 0096])
DeHon '368 discloses the tag processing unit, configured to enforce the execution restrictions with respect to execution of instructions from the cache line, access to resources, and manipulation of data, selectively dependent on the accompanying tags from the cache line, and interacting with the logic execution unit dependent on the execution restrictions (execution unit 18 is subject to policies embodied in tags [DeHon '368 ¶ 0095-0096, 0082]; programmable unit for metadata processing (PUMP) processes tags [DeHon '368 ¶ 0081]; enforces control flow integrity policies [DeHon '368 ¶ 0261, 0149, 0096, 0082]; current instruction (CI) tags are used to enforce execution policies [DeHon '368 ¶ 0096, 0082])
DeHon '368 discloses the control transfer processing unit, configured to enforce the control transfer restrictions based on a validity of instructions comprising a branch execution and an entry point instruction of each control transfer, selectively dependent on the respective accompanying tags from the cache line, and interacting with the logic execution unit dependent on the control transfer restrictions (enforces control flow integrity policies [DeHon '368 ¶ 0261, 0149, 0096, 0082]; cache, memory are made wider to hold tags [DeHon '368 ¶ 0094]; execution unit 18 is subject to policies embodied in tags [DeHon '368 ¶ 0095-0096, 0082])
Per claim 2 (dependent on claim 1):
DeHon '368 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference
DeHon '368 discloses each of the tag processing unit, the cache, the logic execution unit, and the control transfer processing unit comprises a distinct dedicated hardware component (programmable unit for metadata processing (PUMP) processes tags [DeHon '368 ¶ 0081]; caches [DeHon '368 ¶ 0109-0112]; execution unit 18 is subject to policies embodied in tags [DeHon '368 ¶ 0095-0096, 0082]; PUMP for processing control flow tags implemented as separate component [DeHon '368 ¶ 0088, 0092])
Per claim 3 (dependent on claim 1):
DeHon '368 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference
DeHon '368 discloses the tag processing unit is further configured to ensure compliance with at least one rule, selected from the group consisting of data type rules, memory access rules, context-specific data usage rules, source-dependent data usage rules, data modification rules, source-dependent instruction execution rules, context- dependent instruction execution rules, instruction sequence modification rules, control transfer instruction rules, and metadata tag modification rules, and control transfer instruction rules (programmable unit for metadata processing (PUMP) processes tags [DeHon '368 ¶ 0081]; enforces control flow integrity policies [DeHon '368 ¶ 0261, 0149, 0096, 0082]; current instruction (CI) tags are used to enforce execution policies [DeHon '368 ¶ 0096, 0082])
Per claim 4 (dependent on claim 1):
DeHon '368 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference
DeHon '368 discloses the cache is further configured to store data in the cache line, and tag processing unit is further configured to enforce a restriction on use of data, selected from the group consisting of use of data as an address within a memory space, as a return address for a subroutine call, as a target address of an indirect branch, and as a pointer (programmable unit for metadata processing (PUMP) processes tags [DeHon '368 ¶ 0081]; caches [DeHon '368 ¶ 0109-0112, 0125]; enforces control flow integrity policies [DeHon '368 ¶ 0261, 0149, 0096, 0082]; current instruction (CI) tags are used to enforce execution policies [DeHon '368 ¶ 0096, 0082])
Per claim 5 (dependent on claim 1):
DeHon '368 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference
DeHon '368 discloses the tag processing unit is configured to enforce a restriction on use of an instruction, selected from the group consisting of use of an instruction to control flow to a legal path, to call a function, to return from a function call, to access a protected domain or module, to perform a legal operation based on the source data type, and to bound access to a fenced memory region (programmable unit for metadata processing (PUMP) processes tags [DeHon '368 ¶ 0081]; caches [DeHon '368 ¶ 0109-0112, 0125]; enforces control flow integrity policies [DeHon '368 ¶ 0261, 0149, 0096, 0082]; current instruction (CI) tags are used to enforce execution policies [DeHon '368 ¶ 0096, 0082])
Per claim 6 (dependent on claim 1):
DeHon '368 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference
DeHon '368 discloses the cache is configured to concurrently store a respective instruction, data associated with the instruction, and a respective accompanying tag (cache, memory are made wider to hold tags [DeHon '368 ¶ 0094]; instruction tags, data tags [DeHon '368 ¶ 0096]; caches [DeHon '368 ¶ 0109-0112, 0125])
Per claim 7 (dependent on claim 1):
DeHon '368 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference
DeHon '368 discloses the tag processing unit is further configured to respond to an accompanying tag having a plurality of privilege levels, to respectively restrict access by the logic execution unit dependent on a respective privilege level corresponding to the accompanying tag (privilege levels [DeHon '368 ¶ 0199-0202]; programmable unit for metadata processing (PUMP) processes tags [DeHon '368 ¶ 0081]; current instruction (CI) tags are used to enforce execution policies [DeHon '368 ¶ 0096, 0082])
Per claim 8 (dependent on claim 1):
DeHon '368 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference
DeHon '368 discloses the tag processing unit is further configured to determine that at least one tag indicates tainted instructions or data, wherein the tag processing unit requires validation of the tainted instructions or data, and require validation of the tainted instructions or data prior to use by the logic execution unit (taint tracking, validation [DeHon '368 ¶ 0371])
Per claim 9 (dependent on claim 1):
DeHon '368 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference
DeHon '368 discloses a cryptographic processing unit, configured to perform cryptographic operations on information communicated through the communication interface unit, wherein the cryptographic unit employs a distinct cryptographic key selectively dependent on at least one of a respective tag and a respective thread of instruction execution (encrypted data, cryptographic key [DeHon '368 ¶ 0378-0380])
Per claim 12 (dependent on claim 1):
DeHon '368 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference
DeHon '368 discloses an address translation unit is further configured to retrieve memory pages of tags together with associated memory pages of instructions or data for storage in a common cache (maps logical to physical memory pages [DeHon '368 ¶ 0286-0288])
Per claim 13 (dependent on claim 12):
DeHon '368 discloses the elements detailed in the rejection of claim 12 above, incorporated herein by reference
DeHon '368 discloses the address translation unit is further configured to map logical memory spaces to physical memory pages of the memory external to the secure microprocessor, and retrieve the physical memory pages for storage in the cache (privilege levels [DeHon '368 ¶ 0199-0202]; programmable unit for metadata processing (PUMP) processes tags [DeHon '368 ¶ 0081]; current instruction (CI) tags are used to enforce execution policies [DeHon '368 ¶ 0096, 0082]; restricts accesses by untrusted hardware [DeHon '368 ¶ 0382-0390, 0523-0524, 0533-0537])
Per claim 14 (dependent on claim 1):
DeHon '368 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference
DeHon '368 discloses a set of instructions comprises a code segment is accompanied by an accompanying tag comprising metadata indicating at least one of a security level or a privilege level of the code segment, wherein the tag processing unit is further configured to compare the security level or the privilege level of the code segment with a security level or a privilege level indicated by the accompanying tag of a calling instruction of the code segment (privilege levels [DeHon '368 ¶ 0199-0202]; programmable unit for metadata processing (PUMP) processes tags [DeHon '368 ¶ 0081]; current instruction (CI) tags are used to enforce execution policies [DeHon '368 ¶ 0096, 0082])
Per claim 15 (dependent on claim 1):
DeHon '368 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference
DeHon '368 discloses the logic execution unit and the tag processing unit are synchronized in processing of the instructions and enforcement of the restrictions dependent on the associated tags (synchronized architecture [DeHon '368 ¶ 0089, 0098, 0110-0112, Fig. 1]; execution unit 18 is subject to policies embodied in tags [DeHon '368 ¶ 0095-0096, 0082]; programmable unit for metadata processing (PUMP) processes tags [DeHon '368 ¶ 0081]; enforces control flow integrity policies [DeHon '368 ¶ 0261, 0149, 0096, 0082]; current instruction (CI) tags are used to enforce execution policies [DeHon '368 ¶ 0096, 0082])
Per claim 16 (dependent on claim 1):
DeHon '368 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference
DeHon '368 discloses the logic execution unit further comprises a logic execution pipeline, and the tag processing unit further comprises a tag processing pipeline, the logic execution pipeline and tag processing pipeline providing coordinated processing of respective instructions and accompanying tags from the cache line (execution and tag processing pipelines [DeHon '368 ¶ 0089, 0098, 0110-0112, Fig. 1])
DeHon '368 discloses at least one of: the tag processing pipeline has a tag processing stage which relies on information provided by at least one stage of the logic execution pipeline; the logic execution pipeline selectively processes instructions in dependence on signal generated by stages of the tag processing pipeline; the tag processing pipeline is dependent on information received from the logic execution pipeline dependent on the instructions, and the logic execution pipeline is dependent on information received from the tag processing pipeline dependent on the accompanying tags (execution and tag processing pipelines [DeHon '368 ¶ 0089, 0098, 0110-0112, Fig. 1])
Per claim 17 (dependent on claim 1):
DeHon '368 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference
DeHon '368 discloses the cache is further configured to receive a respective instruction based on a respective instruction address of the memory external to the secure microprocessor, and to receive the accompanying tag based on the respective instruction address (cache, memory are made wider to hold tags [DeHon '368 ¶ 0094]; instruction tags, data tags [DeHon '368 ¶ 0096]; caches [DeHon '368 ¶ 0109-0112, 0125])
Per claim 19 (independent):
DeHon '368 discloses a secure processor comprising a logic execution unit configured to receive an instruction, decode the instruction, receive data, and to process the data based on the instruction in an instruction processing pipeline (modified RISC processor 12 [DeHon '368 ¶ 0089]; execution and tag processing pipelines [DeHon '368 ¶ 0089, 0098, 0110-0112, Fig. 1])
The remaining limitations of the claim(s) correspond(s) to features of claim(s) 1 and the claim(s) is/are rejected for the reasons detailed with respect to those claims.
Per claim 20 (independent):
The remaining limitations of the claim(s) correspond(s) to features of claim(s) 1 and the claim(s) is/are rejected for the reasons detailed with respect to those claims.
Per claim 21 (dependent on claim 20):
DeHon '368 discloses the elements detailed in the rejection of claim 20 above, incorporated herein by reference
DeHon '368 discloses the cache stores data in the cache line, and tag processing unit enforces a restriction on use of the data, selected from the group comprising use of the data as an address within a memory space, as a return address for a subroutine call, as a target address of an indirect branch, and as a pointer (programmable unit for metadata processing (PUMP) processes tags [DeHon '368 ¶ 0081]; caches [DeHon '368 ¶ 0109-0112, 0125]; enforces control flow integrity policies [DeHon '368 ¶ 0261, 0149, 0096, 0082]; current instruction (CI) tags are used to enforce execution policies [DeHon '368 ¶ 0096, 0082])
Per claim 22 (dependent on claim 19):
The remaining limitations of the claim(s) correspond(s) to features of claim(s) 21 and the claim(s) is/are rejected for the reasons detailed with respect to those claims.


Claim Rejections - 35 U.S.C. § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of AIA  35 U.S.C. 103 that forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. § 103(a) are summarized as follows:
1.	Determining the scope and contents of the prior art.
2.	Ascertaining the differences between the prior art and the claims at issue.
3.	Resolving the level of ordinary skill in the pertinent art.
4.	Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claim(s) 18 is/are rejected under 35 U.S.C. § 103 as being unpatentable over DeHon '368  in view of P. Akritidis, C. Cadar, C. Raiciu, M. Costa and M. Castro, "Preventing Memory Error Exploits with WIT," 2008 IEEE Symposium on Security and Privacy, pp. 263-277 (IEEE 2008) (hereinafter "Akritidis 2008").  Akritidis 2008 is prior art to the claims under 35 U.S.C. § 102(a)(1).
Per claim 18 (dependent on claim 1):
DeHon '368 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference
DeHon '368 does not disclose a communication interface unit is configured to determine an address of instructions to be retrieved and perform a check to determine whether the address is within a predefined memory region demarcated by a set of guard memory words, the predefined memory region having a starting address of a string of memory locations containing the instructions to be retrieved
DeHon '368 discloses retrieve instructions and the accompanying tag from the memory external to the secure microprocessor according to the address, and store the retrieved instructions and the accompanying tag in the cache (cache, memory are made wider to hold tags [DeHon '368 ¶ 0094]; instruction tags, data tags [DeHon '368 ¶ 0096])
Further:
Akritidis 2008 discloses a communication interface unit is configured to determine an address of instructions to be retrieved and perform a check to determine whether the address is within a predefined memory region demarcated by a set of guard memory words, the predefined memory region having a starting address of a string of memory locations containing the instructions to be retrieved (guard words for confinement checking [Akritidis 2008 p. 264, 267-268])
It would have been obvious to a person having ordinary skill in the art (1) before the effective filing date of the claimed invention and (2) before the invention was made to have modified DeHon '368  with the guard words of Akritidis 2008 to arrive at an apparatus, method, and product including:
a communication interface unit is configured to determine an address of instructions to be retrieved and perform a check to determine whether the address is within a predefined memory region demarcated by a set of guard memory words, the predefined memory region having a starting address of a string of memory locations containing the instructions to be retrieved
A person having ordinary skill in the art would have been motivated to combine them at least because guard words would improve the reliability of bounds checking, e.g. by ensuring padding between one memory range and another.  A person having ordinary skill in the art would have been further motivated to combine them at least because Akritidis 2008 teaches [Akritidis 2008 p. 264, 267-268] modifying a secure processor [DeHon '368 ¶ 0089, 0081] such as that of DeHon '368  to arrive at the claimed invention; because doing so constitutes use of a known technique (guard words [Akritidis 2008 p. 264, 267-268]) to improve similar devices and/or methods (secure processor [DeHon '368 ¶ 0089, 0081]) in the same way; because doing so constitutes applying a known technique (guard words [Akritidis 2008 p. 264, 267-268])to known devices and/or methods (secure processor [DeHon '368 ¶ 0089, 0081]) ready for improvement to yield predictable results; and because the modification amounts to combining prior art elements according to known methods to yield predictable results.  Here, (1) the prior art included each element (as detailed above); (2) one of ordinary skill in the art could have combined the elements as claimed by known methods, and in this combination, each element merely performs the same function as it does separately (secure processor [DeHon '368 ¶ 0089, 0081] performs bounds checking on memory regions using guard words [Akritidis 2008 p. 143]); (3) one of ordinary skill in the art would have recognized that the results of the combination were predictable; and (4) other considerations do not overcome this conclusion.

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to THEODORE C PARSONS whose telephone number is (571)270-1475.  The examiner can normally be reached on MTWRF 7:30-4:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jung Kim can be reached on (571) 272-3804.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


	/THEODORE C PARSONS/               Primary Examiner, Art Unit 2494