Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Amendment
This Office Action has been issued in response to arguments filed 12/29/2025.
Response to Arguments
Applicant's arguments filed 12/29/2025 have been carefully and fully considered. With respect to applicant’s argument of the remarks on the USC 103 rejection which recites:
“None of Jundt, Chauvet, Jurisch, and Sadasivarao, alone or in combination, discloses “generating and storing a tag for uniquely identifying the physical or logical asset concatenated with at least a portion of a cryptographic key for the physical or logical asset, wherein communication with the physical or logical asset are encrypted using the cryptographic key for the physical or logical asset… Sadasivarao does not state that the SUDI (IDevID) backed secure device identifier certificate includes an asset tag of a physical or logical asset concatenated with at least a portion of a cryptographic key for the physical or logical asset. According to the Merriam-Webster Dictionary, the term “concatenate” means “to link together in a series or chain.” An example of the asset tag concatenated with at least a portion of a cryptographic key for the asset is shown in par. 373 of Applicant’s specification as “CTRL-VALVE-xg4t”
Examiner disagrees and pointed to Sadasivarao Fig. 6A 314 CERTA(IDevID) i.e. as shown in Fig. 6A 314 CERTA Is interpreted as the cryptographic key, and IDevID is interpreted as the asset tag and as shown in the figure concatenated as CERTA(IDevID) which by interpretation fits with to two words CERTA and IDevID link together.
“It would have not been obvious to combine Sadasivarao with Jundt, Chauvet, and Jurisch to arrive at the claimed invention, because Sadasivarao is non-analogous art”
Examiner disagrees, and in response to applicant's argument that Sadasivarao is nonanalogous art, it has been held that a prior art reference must either be in the field of the inventor’s endeavor or, if not, then be reasonably pertinent to the particular problem with which the inventor was concerned, in order to be relied upon as a basis for rejection of the claimed invention. See In re Oetiker, 977 F.2d 1443, 24 USPQ2d 1443 (Fed. Cir. 1992). In this case, the relevant field of the inventor’s endeavor is distributed software-defined discovery, configuration and integration of devices/ services, and Sadasivarao falls within the field of endeavor since it discloses the onboarding of new network elements (discovery).
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1-8 are rejected under 35 U.S.C. 103 as being unpatentable over Jundt et al. (WO2017066304A1, herein Jundt), in view of Chauvet et al. (US20180024537A1, herein Chauvet), in further view of Jurisch et al. (WO2007110006, herein Jurisch, note a machine translation is used for mapping), and in further view of Sadasivarao et al. (US20210258665, herein Sadasivarao)
Regarding claim 1, Jundt teaches A method for commissioning a software defined process control system (SDCS), the method comprising ([00260] when implemented in software, any of the applications, services, and engines described herein may be stored in any tangible, non-transitory computer readable memory… such system…it is contemplated that any or all of these hardware, software, and firmware components could be embodied exclusively in hardware, exclusively in software) : obtaining, via a service executing via a first container on a compute node within a software defined process control system (SDCS), an announcement indicative of a presence of a physical or logical asset ([0042] The processor 30 is configured to communicate with the field devices 15-22 and 40-46 and with other nodes communicatively connected to the controller 11, [00213] performs a discovery process through the I/O network by detecting a first device) of the process plant utilized during run-time of the process plant to control at least a portion of the industrial process ([00183] control modules, routines, applications, and programs 710B may be downloaded to and executed in various ones of the controllers, I/O devices, field devices, databases, user interface devices, servers, processing devices, etc., of the control system during runtime of the process plant, [0054] operate to control the process during run-time, [0014] Smart commissioning of process control systems and/or plants… process plant may be partially or even entirely commissioned); transmitting, to an input/output (1/0) server service…, a plurality of parameters of the physical or logical asset including identification information for the physical or logical asset and location information for accessing the physical or logical asset ([00214] The binding application 790 may then communicate with the field device, asking the field device to identify itself and provide information regarding its identity. In other cases, the binding application 790 may reach an I/O network device, such as a smart- or CHARM- I O network card, which may be able to provide information regarding each of the devices below that network card and the terminals or ports to which they are connected at the I O card to the application 790); and automatically commissioning, by the 1/0 server service…, the physical or logical asset based on the identification information and the location information ([0066] The centralized database 128 stores, inter alia, data and other information that specifically identifies and/or addresses the various devices or components and their interconnections that are planned for or desired to be implemented on the process plant floor or field environment 122) including generating and storing a tag for uniquely identifying the physical or logical asset within the SDCS ([00215] the system tag of the field device or for other identifying information of the field device associated with the configuration object or file) .
Jundt does not teach wherein the first container is an isolated executing environment within an operating system of the compute node on which the first container executes and the container includes software dependencies or software libraries for executing the first container on the compute node;… wherein the communications with the physical or logical asset are encrypted using the cryptographic key for the physical or logical asset.
Chauvet teaches wherein the first container is an isolated executing environment within an operating system of the compute node on which the first container executes ([0122] FIGS. 9C and 9D illustrate example components of compute nodes hosting containers…. Containers use a memory sandbox that is supported by the hardware of the host machine to provide a secure and isolated environment to run the application) and the container includes software dependencies or software libraries for executing the first container on the compute node (Fig. 9D Container 907-1, Libraries 914, [0124] FIG. 9D, some containers 907-1, . . . , 907-N can include the full operating system 916 (minus the kernel) for the guest application 912, init system 918, and libraries 914 but run within the sandboxed container space of the host)…
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Jundt’s teaching of a container communicating with field devices in a discovery process to detect devices with Chauvet’s teaching of a container being an isolated executing environment. The combined teaching provides an expected result of a container communicating with field devices in a discovery process to detect devices, where the container is an isolated executing environment. Therefore, one of ordinary skill in the art would be motivated improve the security of the network as shown by Chauvet [0122] “Use of a container provides some performance and size improvements”.
The combination of Jundt and Chauvet do not teach based on a combination of an asset tag of the physical or logical asset and a cryptographic key for the physical or logical asset, wherein communications with the physical or logical asset are encrypted using the cryptographic key for the physical or logical asset.
Jurisch teaches wherein communications with the physical or logical asset are encrypted using the cryptographic key for the physical or logical asset (Fig. 2 KB’, page 5 lines 4-44 the identification block KB is preferably already signed by the manufacturer with an electronic signature, for example by encrypting it using a first key of a first key pair; during encryption, the device identification number ID of the field device 10 is also used. The encrypted identifier block KB’ Is then stored in the main memory 30
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Jundt’s teaching of a system tag of the field device or for other identifying information of the field device with Jurisch’s teaching of a encrypted communication. The combined teaching provides an expected result of encrypted communications with a field device. Therefore, one of ordinary skill in the art would be motivated improve the security of the system.
The combination of Jundt, Chauvet, and Jurisch do not teach wherein the generated and stored tag includes an asset tag of the physical or logical asset concatenated with at least a portion of a cryptographic key for the physical or logical asset
Sadasivarao teaches wherein the generated and stored tag includes an asset tag of the physical or logical asset concatenated with at least a portion of a cryptographic key for the physical or logical asset (Fig. 6A 314 CERTA(IDevID), [0154] In step 314, the proxy autonomic optical network element 306 sends a SUDI (IDevID) backed secure device identifier certificate (such as a X.509 certificate) to the new card 302. In step 316 the new card 302 authenticates the proxy autonomic optical network element 306 using the SUDI (IDevID) backed X.509 certificate. In step 318, the new card 302 sends a SUDI (IDevID) backed secure device identifier certificate (such as a X.509 certificate) to the proxy autonomic optical network element 306. In step 320, the proxy autonomic optical network element 306 uses the SUDI (IDevID) backed X.509 certificate from the new card 302 to establish/verify the authenticity of the new card 302 (i.e., verify that both the new card 302 and the proxy autonomic network element 306 were manufactured by the same equipment vendor). In step 322, the proxy autonomic optical network element 306 forwards an enrollment request containing the SUDI (IDevID) backed X.509 certificate of the new card 302 to the registrar 106)/ (i.e. as shown in Fig. 6A 314 CERTA Is interpreted as the cryptographic key, and IDevID is interpreted as the asset tag and as shown in the figure concatenated as CERTA(IDevID) , [0114] The IDevID is generated during the equipment manufacturing and cannot be changed for the entire lifetime of the SUDI module. For purposes of electronic distribution and PKI, secure device identifier certificates, such as X.509 certificates, are generated which use the IDevID/LDevIDs as identifiers. The associated private keys of these certificates are stored within the SUDI modules 112 in a tamper proof manner)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Jundt’s teaching of a system tag of the field device or for other identifying information of the field device with Sadasivarao’s teaching of a concatenated device ID number and encryption for a field device. The combined teaching provides an expected result of a system tag of the field device based on an ID number and encryption for the field device. Therefore, one of ordinary skill in the art would be motivated improve the security of the system.
Regarding claim 2, the combination of Jundt, Chauvet, Jurisch, and Sadasivarao teach The method of claim 1, wherein the announcement indicative of the presence of the physical or logical asset is obtained via a discovery service (Jundt, [0042] The processor 30 is configured to communicate with the field devices 15-22 and 40-46 and with other nodes communicatively connected to the controller 11, [00213] performs a discovery process through the I/O network by detecting a first device).
Regarding claim 3, the combination of Jundt, Chauvet, Jurisch, and Sadasivarao teach The method of claim 1, wherein the plurality of parameters of the physical or logical asset include two or more of: the asset tag of the physical or logical asset (Jundt, [00215] the system tag of the field device or for other identifying information of the field device associated with the configuration object or file) , a media access control (MAC) address of the physical or logical asset, a network address of the physical or logical asset, the cryptographic key for the physical or logical asset, a serial number for the physical or logical asset ([0078] the long tag (LT) of a device 102 may be, for example, a model and serial number), or a name of a service or subsystem associated with the physical or logical asset.
Regarding claim 4, the combination of Jundt, Chauvet, Jurisch, and Sadasivarao teach The method of claim 3, wherein at least two of the plurality of physical or logical assets include a same serial number and tags are further generated for the at least two physical or logical assets based on a combination of the serial number … for the at least two physical or logical assets (Jundt, [0187] A DST object 732 may use the same device tag as the device tag of a device to which the device signal tag corresponds as a root tag, with additional or other information included therein, [00188] FIG. 4A above and, generally speaking, a device placeholder object 732 will be created for each of the same devices (and device signals where appropriate) as created in the field equipment environment 122 described above. Thus, the device placeholder objects 732 in the back-end environment 700 have the same format and the same types of information stored therein as described for the device placeholder objects 300 in the field equipment environment 122, [0078] tag of a device 102 may be, for example, a model and serial number, a bar code ).
Jundt does not teach and cryptographic keys
Jurisch teaches cryptographic keys (page 7 lines 1-3 the device identification number ID of the field device 70 is taken into account, so that an encrypted identifier block KB ‘is formed, which is suitable exclusively for a specific field device 70, page 6 lines 2-3 an encryption technique based on key pairs is preferably used)
Regarding claim 5, the combination of Jundt, Chauvet, and Jurisch teach The method of claim 1, wherein the location information includes a network address for communicating with the physical or logical asset (Jundt, [0066] The centralized database 128 stores, inter alia, data and other information that specifically identifies and/or addresses the various devices or components and their interconnections that are planned for or desired to be implemented on the process plant floor or field environment 122).
Regarding claim 6, the combination of Jundt, Chauvet, Jurisch, and Sadasivarao teach The method of claim 1, wherein the physical or logical asset is a field device (Jundt, [0042] The processor 30 is configured to communicate with the field devices 15-22 and 40-46 and with other nodes communicatively connected to the controller 11, [00213] performs a discovery process through the I/O network by detecting a first device).
Regarding claim 7, the combination of Jundt, Chauvet, Jurisch, and Sadasivarao teach The method of claim 1, wherein the physical or logical asset is a control service (Jundt, [0106] A device container or placeholder object includes a field or property for storing a device's I/O-allocation state).
Regarding claim 8, the combination of Jundt, Chauvet, Jurisch, and Sadasivarao teach The method of claim 1, wherein the physical or logical asset is a container, a microcontainer, a compute node, a service, or an input/output (1/O) asset (Jundt, [0042] The processor 30 is configured to communicate with the field devices 15-22 and 40-46 and with other nodes communicatively connected to the controller 11, [00213] performs a discovery process through the I/O network by detecting a first device, [0106] A device container or placeholder object includes a field or property for storing a device's I/O-allocation state).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant’s disclosure.
Hanis (US20180189528) discloses a tag successfully referenced to the ledge using two pieces of information including an assigned asset tag serial ID and a rotating identification key.
THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to YVONNE T FOLLANSBEE whose telephone number is (571)272-0634. The examiner can normally be reached on Monday - Friday 1pm - 9pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Robert Fennema can be reached on (571) 272-2748. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/YVONNE TRANG FOLLANSBEE/Examiner, Art Unit 2117
/ROBERT E FENNEMA/Supervisory Patent Examiner, Art Unit 2117