Prosecution Insights
Last updated: April 18, 2026
Application No. 17/941,945

Firmware Integrity Check Using Silver Measurements

Final Rejection §103
Filed
Sep 09, 2022
Examiner
JOHNSON, CARLTON
Art Unit
2436
Tech Center
2400 — Computer Networks
Assignee
Absolute Software Corporation
OA Round
6 (Final)
58%
Grant Probability
Moderate
7-8
OA Rounds
4y 11m
To Grant
90%
With Interview

Examiner Intelligence

Grants 58% of resolved cases
58%
Career Allow Rate
205 granted / 352 resolved
At TC average
Strong +32% interview lift
Without
With
+32.1%
Interview Lift
resolved cases with interview
Typical timeline
4y 11m
Avg Prosecution
26 currently pending
Career history
378
Total Applications
across all art units

Statute-Specific Performance

§101
12.4%
-27.6% vs TC avg
§103
59.7%
+19.7% vs TC avg
§102
12.2%
-27.8% vs TC avg
§112
8.6%
-31.4% vs TC avg
Black line = Tech Center average estimate • Based on career data from 352 resolved cases

Office Action

§103
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . DETAILED ACTION Continued Examination Under 37 CFR 1.114 1. This action is in response to application amendments filed on 12-8-2025. 2. Claims 1 - 6, 8 - 19 are pending. Claim 1, 15, 18 have been amended. Claims 7, 20 have been canceled. Claims 1, 15, 18 are independent. The application papers filed on 9-9-2022. Response to Arguments 3. Applicant’s arguments, see Arguments/Remarks Made in an Amendment, filed 12-8-2025, with respect to the rejection(s) under Forrestal in view Brunet and further in view of Shivanna have been fully considered and are persuasive. Therefore, the rejection has been withdrawn. However, upon further consideration, a new ground(s) of rejection is made in view of Forrestal in view Brunet and further in view of Shivanna and Brossard. A. Applicant argues on page 8 of Remarks: ... "the firmware integrity measurements are of either: a BIOS (Basic Input/Output System), or a UEFI (Unified Extensible Firmware Interface). The Examiner respectfully disagrees. Brossard discloses a integrity check of the (utilizing a checksum for the BIOS firmware or the UEFI firmware). (see Brossard page 5: Beforehand, the BIOS or EFI or UEFI or the firmware of a device performs a checksum or "checksum" of the physical integrity of all the firmware present: BIOS or EFI or UEFI or the firmware of a device (cf TrustedComputing: the mechanism is the same).(checksum obtained of BIOS or UEFI firmware for an integrity check)) B. Applicant argues on page 9 of Remarks: ... the UEFI firmware measurement engine takes measurements of firmware of peripherals, not of the BIOS or UEFI itself, and only when such firmware is not accessible to firmware measurement engine 122. The Examiner respectfully disagrees. Brossard discloses a integrity check of the (utilizing a checksum for the BIOS firmware or the UEFI firmware). (see Brossard page 5: Beforehand, the BIOS or EFI or UEFI or the firmware of a device performs a checksum or "checksum" of the physical integrity of all the firmware present: BIOS or EFI or UEFI or the firmware of a device (cf TrustedComputing: the mechanism is the same).(checksum obtained of BIOS or UEFI firmware for an integrity check)) C. Applicant argues on page 9 of Remarks: ... claims 1, 15 and 18, as amended, are patentable over Forristal, Brunet and Shivanna ... . Responses to arguments against independent claim 1 also answer arguments against independent claims 15 and 18, which have similar limitations as independent claim 1. D. Applicant argues on page 9 of Remarks: ... Claims 2, 6, 9, 10, 14, 15, 17, 19 are submitted as being patentable over Forristal, Brunet and Shivanna at least by virtue of their dependencies, whether direct or indirect, on claims 1, 15 and 18. Responses to arguments against the independent claims also answer arguments against the associated dependent claims. E. Shivanna discloses receiving a firmware measurement. Shivanna discloses performing a validation process utilizing the firmware measurement. And, Shivanna discloses performing a boot processed based upon the results of the validation process (boot allowed or not allowed). (see Shivanna paragraph [0032]: UEFI firmware measurement engine 128 along with UEFI roots of trust 130 may securely read a firmware image of firmware component 102 and take measurements of the firmware image in an early phase of booting of system. ... , UEFI firmware measurement engine may read a measured hash of the booted firmware image, which may be computed during a verified boot of the firmware image with roots of trust engine 126 from either a secure storage accessible to UEFI firmware measurement engine or using secure in band commands.; paragraph [0030]: attestation service engine 126 may receive or retrieve a measurement of a firmware image from a virtual PCR in TPM emulator engine. Attestation service engine 126 may retrieve a pre-determined measurement of the firmware image from whitelisted database 140. Attestation service engine 126 may compare the measurement of the firmware image with the pre-determined measurement of the firmware image. In an example, the comparison may be performed prior to booting of system 100. In response to a determination by attestation service engine that the measurement of the firmware image matches with the pre-determined measurement of the firmware image, system 100 may be allowed to boot. In response to a determination by attestation service engine 126 that the measurement of the firmware image is different from the pre-determined measurement of the firmware image, attestation service engine 126 may perform an action. In an example, the action may relate to firmware component 102, system 100, and/or the firmware image. In an example, the action may be defined in a user-defined policy. For example, a user-defined policy may specify disabling power on system 100 and booting to UEFI/OS if the measurement and the pre-determined measurement of the firmware image do not match.) And, Brunet discloses processing a set of computing system entities or electronic devices with the same or identical make, an identical model and a firmware with an identical version number which could be utilized for firmware measurements. (see Brunet paragraph [0010], lines 1-12: provides a method for creating a reference/standard device profile by gathering and analyzing profiles from multiple devices with the same make, model, OS and firmware version and then using this reference/standard device profile to optimize other devices of the same make, model with the same OS and firmware version) Claim Rejections - 35 USC § 103 4. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. 5. Claims 1, 2, 6, 9, 10, 14, 15, 17 - 19 are rejected under 35 U.S.C. 103 as being unpatentable over Forristal et al. (Patent No. WO 2013036223) in view of Brunet et al. (US PGPUB No. 20150161616) and further in view of Shivanna et al. (US PGPUB No. 20180330093) and Brossard et al. (Patent No. WO 2013150238 A1). Regarding Claims 1, 15, 18, Forristal discloses a method for protecting electronic devices and a system for protecting electronic devices and a non-transient computer-readable medium that stores instructions, which, when executed by a processor, cause the processor to perform operations, comprising: a) receiving, by a processor, an identically-performed firmware integrity measurement from each of a first threshold number electronic devices, an identically performed firmware measurement; (see Forristal col 3, lines 8-17: dedicated integrity verification logic of the device performs a measurement of the firmware; measurement can be a cryptographic measurement such as a hash of one or more images (e.g., device firmware and/or other controller code (instructions)) to be executed by one or more programmable controllers of the device; measurements stored in device storage; page 4, lines 7-14: determine whether measurement matches an entry in a whitelist for the device firmware; access a data structure having various entries (multiple measurements), each corresponding to a measured value for an authorized piece of code, such as firmware for various devices present in the computer system; (first threshold number of measurements)) b) determining, by the processor, that a second threshold number of said firmware integrity measurements are identical; (see Forristal col 3, lines 8-17: dedicated integrity verification logic of the device can perform a measurement of the firmware; measurement can be a cryptographic measurement such as a hash of one or more images (e.g., device firmware and/or other controller code) to be executed by one or more programmable controllers of the device; the measurement can be stored in device storage; page 4, lines 7-14: determined whether the measurement matches an entry in a whitelist for the device firmware; access a data structure having various entries (multiple measurements), each corresponding to a measured value for an authorized piece of code, such as firmware for various devices present in the computer system; (second threshold number of measurements)) c) defining, by the processor, a silver measurement to be one of said identical firmware integrity measurements; (see Forristal col 3, lines 8-17: dedicated integrity verification logic of the device performs a measurement of the firmware; measurement can be a cryptographic measurement such as a hash of one or more images (e.g., device firmware and/or other controller code) to be executed by one or more programmable controllers of the device; page 4, lines 7-14: determine whether the measurement matches an entry in a whitelist for the device firmware; access a data structure having various entries, each corresponding to a measured value for an authorized piece of code, such as the firmware for various devices present in the computer system; The whitelist can be supplied by a vendor, or it can be dynamically generated during runtime as a given device is executed for the first time; (determined baseline for measurement, gold or white)) and d) receiving a further identically-performed firmware integrity measurement from each of one or more further electronic devices. (see Forristal col 3, lines 8-17: responsive to the request, dedicated integrity verification logic of the device performs a measurement of the firmware; the measurement can be a cryptographic measurement such as a hash of one or more images (e.g., device firmware and/or other controller code) to be executed by one or more programmable controllers of the device; page 4, lines 7-14: determine whether the measurement matches an entry in a whitelist for the device firmware; access a data structure having various entries (multiple measurements), each corresponding to a measured value for an authorized piece of code, such as the firmware for various devices present in the computer system) and e) for those of the one or more further electronic devices providing firmware measurements that equal the silver measurement, the processor permitting unhindered use thereof; (see Forristal page 4, lines 7-14: determine whether the measurement matches an entry in a whitelist for the device firmware; access a data structure having various entries, each corresponding to a measured value for an authorized piece of code, such as the firmware for various devices present in the computer system; The whitelist can be supplied by a vendor, or it can be dynamically generated during runtime as a given device is executed for the first time; page 8, lines 23-25: If the external software determines a measured hash match, and determines that the execution status flags are proper, the external software can accept the integrity of the firmware executing on the hardware device) and f) for those of the one or more further electronic devices providing firmware integrity measurements that do not equal the silver measurement, the processor taking a security action therefor. (see Forristal col 4, lines 14-20: If it is determined that the measurement does not match, control passes directly to where an integrity failure report can be provided, e.g., to a user of the system, and/or remedial measures may be taken; such remedial measures may include shutting down the system, reloading the firmware in question or another operation such as signaling to other hardware or software entities that the system is in an untrusted state (security actions performed by system)) Forristal does not specifically disclose for a): said devices have an identical make, an identical model and a firmware with an identical version number, b): firmware measurements (i.e. characteristics) are identical, c): firmware measurements (i.e. characteristics) are identical, and d): electronic device having the identical make, identical model and a firmware with an identical version number and devices that have the identical make, model and firmware version number. However, Brunet discloses wherein for a): said devices have an identical make, an identical model and a firmware with an identical version number, b): firmware measurements are identical, c): identical firmware measurements, and d): electronic devices that have the identical make, identical model and a firmware with an identical version number and devices that have the identical make, model and firmware version number. (see Brunet paragraph [0010], lines 1-12: provides a method for creating a reference/standard device profile by gathering and analyzing profiles from multiple devices with the same make, model, OS and firmware version and then using this reference/standard device profile to optimize other devices of the same make, model with the same OS and firmware version) It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Forristal for a): said devices have an identical make, an identical model and a firmware with an identical version number, b): firmware measurements (i.e. characteristics) are identical, c): firmware measurements (i.e. characteristics) are identical, and d): electronic device having the identical make, identical model and a firmware with an identical version number and devices that have the identical make, model and firmware version number as taught by Brunet. One of ordinary skill in the art would have been motivated to employ the teachings of Brunet for the benefits achieved from a system that enables the processing of multiple types of firmware objects including objects with identical characteristics and firmware attributes. (see Brunet paragraph [0010], lines 1-12) Forrestal-Brunet does not specifically disclose a processor receives firmware integrity measurements from each further electronic devices upon boot of each further electronic devices. However, Shivanna discloses wherein the processor receives the further identically-performed firmware integrity measurement from each of one or more further electronic devices upon boot of the each of one or more further electronic devices. (see Shivanna paragraph [0032]: UEFI firmware measurement engine 128 along with UEFI roots of trust 130 may securely read a firmware image of firmware component 102 and take measurements of the firmware image in an early phase of booting of system. ... , UEFI firmware measurement engine may read a measured hash of the booted firmware image, which may be computed during a verified boot of the firmware image with roots of trust engine 126 from either a secure storage accessible to UEFI firmware measurement engine or using secure in band commands.; paragraph [0030]: attestation service engine 126 may receive or retrieve a measurement of a firmware image from a virtual PCR in TPM emulator engine. Attestation service engine 126 may retrieve a pre-determined measurement of the firmware image from whitelisted database 140. Attestation service engine 126 may compare the measurement of the firmware image with the pre-determined measurement of the firmware image. In an example, the comparison may be performed prior to booting of system 100. In response to a determination by attestation service engine that the measurement of the firmware image matches with the pre-determined measurement of the firmware image, system 100 may be allowed to boot. In response to a determination by attestation service engine 126 that the measurement of the firmware image is different from the pre-determined measurement of the firmware image, attestation service engine 126 may perform an action. In an example, the action may relate to firmware component 102, system 100, and/or the firmware image. In an example, the action may be defined in a user-defined policy. For example, a user-defined policy may specify disabling power on system 100 and booting to UEFI/OS if the measurement and the pre-determined measurement of the firmware image do not match.) It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Forristal-Brunet for a processor receives firmware integrity measurement from each further electronic devices upon boot of each further electronic devices as taught by Shivanna. One of ordinary skill in the art would have been motivated to employ the teachings of Shivanna for the benefits achieved from systems that enable the establishment of trusted systems based upon system firmware. (see Shivanna paragraph [0007], lines 10-12) Furthermore, Forristal-Brunet-Shivanna does not specifically disclose firmware measurements are of either: a BIOS (Basic Input/Output System), or a UEFI (Unified Extensible Firmware Interface). However, Brossard discloses wherein the firmware integrity measurements are of either: a BIOS (Basic Input/Output System), or a UEFI (Unified Extensible Firmware Interface). (see Brossard page 5: Beforehand, the BIOS or EFI or UEFI or the firmware of a device performs achecksum or "checksum" of the physical integrity of all the firmware present: BIOS or EFI or UEFI or the firmware of a device (cf TrustedComputing: the mechanism is the same).(checksum obtained of BIOS or UEFI firmware for an integrity check)) It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Forristal-Brunet for firmware measurements are of either: a BIOS (Basic Input/Output System), or a UEFI (Unified Extensible Firmware Interface) as taught by Brossard. One of ordinary skill in the art would have been motivated to employ the teachings of Brossard for the benefits achieved from systems that enable the establishment of trusted systems based upon boot procedure system firmware. (see Brossard page 5) Furthermore, for Claim 15, Forristal discloses wherein a server; a processor in the server; and a non-transient computer readable memory in the server that stores instructions, which, when executed by the processor, cause the server to perform operations. (see Forristal page 10, lines 30-32: embodiments may be implemented in code and may be stored on a non-transitory storage medium having stored thereon instructions which can be used to program a system to perform the instructions; page 3, lines 1-3: system may be any type of computer system such as server computer, desktop computer, laptop computer, tablet, netbook computer, mobile Internet device, smart phone, and etc. (server system comprises a processor for instruction execution)) Regarding Claim 2, Forristal-Brunet-Shivanna-Brossard discloses the method of claim 1, wherein the security action is a restriction of use. (see Forristal col 4, lines 14-20: If it is determined that the measurement does not match, control passes directly to where an integrity failure report can be provided, e.g., to a user of the system, and/or remedial measures may be taken; such remedial measures may include shutting down the system, reloading the firmware in question or another operation such as signaling to other hardware or software entities that the system is in an untrusted state (security actions performed by system; restriction of use, shutdown system)) Regarding Claim 6, Forristal-Brunet-Shivanna-Brossard discloses the method of claim 1. Forristal does not specifically disclose firmware measurements based on either: one or more volumes of firmware; the firmware version number and a date of the firmware; or a time of the firmware. However, Brunet discloses wherein the firmware integrity measurements are based on either: one or more volumes of firmware; the firmware version number and a date of the firmware; or a time of the firmware. (see Brunet paragraph [0010], lines 1-12: provides a method for creating a reference/standard device profile by gathering and analyzing profiles from multiple devices with the same make, model, OS and firmware version and then using this reference/standard device profile to optimize other devices of the same make, model with the same OS and firmware version; (selected: one or more volumes of firmware); paragraph [0054], lines 1-10: there could be a device attribute, a conditional operator (=, >, <, !=, exists, not exists) and then a text box in which to enter static text, numeric, date-time value or another device attribute; (selected: a date of the firmware or a time of the firmware)) It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Forristal for a): said devices have an identical make, an identical model and a firmware with an identical version number, b): firmware measurements (i.e. characteristics) are identical, c): firmware measurements (i.e. characteristics) are identical, and d): electronic device having the identical make, identical model and a firmware with an identical version number as taught by Brunet. One of ordinary skill in the art would have been motivated to employ the teachings of Brunet for the benefits achieved from a system that enables the processing of multiple types of firmware objects including objects with identical characteristics and firmware attributes. (see Brunet paragraph [0010], lines 1-12) Regarding Claim 9, Forristal-Brunet-Shivanna-Brossard discloses the method of claim 1, wherein the first threshold number is equal to the second threshold number. (see Forristal col 3, lines 8-17: dedicated integrity verification logic of the device performs a measurement of the firmware; the measurement can be a cryptographic measurement such as a hash of one or more images (e.g., device firmware and/or other controller code (instructions)) to be executed by one or more programmable controllers of the device; measurements stored in device storage; page 4, lines 7-14: determine whether measurement matches an entry in a whitelist for the device firmware; access a data structure having various entries (multiple measurements), each corresponding to a measured value for an authorized piece of code, such as the firmware for various devices present in the computer system; (first, second threshold number of measurements); (same number of tests completed for first and second measurement determinations)) Regarding Claim 10, Forristal-Brunet-Shivanna-Brossard discloses the method of claim 1, wherein the first threshold number is greater than the second threshold number, the method further comprising: a) permitting, by the processor, continued unhindered use of those of the electronic devices that have a firmware integrity measurement equal to the silver measurement; (see Forristal page 8, lines 23-25: If the external software determines a measured hash match, and determines that the execution status flags are proper, the external software can accept the integrity of the firmware executing on the hardware device; (continued execution of firmware)) and b) taking, by the processor, another security action, with respect to those of the electronic devices that have a firmware integrity measurement different from the silver measurement. (see Forristal col 4, lines 14-20: If it is determined that the measurement does not match, control passes directly to where an integrity failure report can be provided, e.g., to a user of the system, and/or remedial measures may be taken; such remedial measures may include shutting down the system, reloading the firmware in question or another operation such as signaling to other hardware or software entities that the system is in an untrusted state (multiple security actions can be performed by system; first action: shutdown system; another action: reload firmware)) Regarding Claim 14, Forristal-Brunet-Shivanna-Brossard discloses the method of claim 1, wherein all said firmware integrity measurements are hashes of firmware instructions and not of firmware data or firmware settings. (see Forristal col 3, lines 8-17: dedicated integrity verification logic of the device performs a measurement of the firmware; the measurement can be a cryptographic measurement such as a hash of one or more images (e.g., device firmware and/or other controller code (instructions)) to be executed by one or more programmable controllers of the device; measurements stored in device storage; page 4, lines 7-14: determine whether measurement matches an entry in a whitelist for the device firmware; access a data structure having various entries (multiple measurements), each corresponding to a measured value for an authorized piece of code, such as the firmware for various devices present in the computer system; (first threshold number of measurements)) Regarding Claim 17, Forristal-Brunet-Shivanna-Brossard discloses the system of claim 15, wherein all said firmware integrity measurements are hashes of firmware instructions and not of firmware data or firmware settings. (see Forristal col 3, lines 8-17: dedicated integrity verification logic of the device performs a measurement of the firmware; the measurement can be a cryptographic measurement such as a hash of one or more images (e.g., device firmware and/or other controller code (instructions)) to be executed by one or more programmable controllers of the device; measurements stored in device storage; page 4, lines 7-14: determine whether measurement matches an entry in a whitelist for the device firmware; access a data structure having various entries (multiple measurements), each corresponding to a measured value for an authorized piece of code, such as the firmware for various devices present in the computer system; (first threshold number of measurements)) Regarding Claim 19, Forristal-Brunet-Shivanna-Brossard discloses the non-transient computer-readable medium of claim 18, wherein all said firmware integrity measurements are hashes of firmware instructions and not of firmware data or firmware settings. (see Forristal col 3, lines 8-17: dedicated integrity verification logic of the device performs a measurement of the firmware; the measurement can be a cryptographic measurement such as a hash of one or more images (e.g., device firmware and/or other controller code (instructions)) to be executed by one or more programmable controllers of the device; measurements stored in device storage; page 4, lines 7-14: determine whether measurement matches an entry in a whitelist for the device firmware; access a data structure having various entries (multiple measurements), each corresponding to a measured value for an authorized piece of code, such as the firmware for various devices present in the computer system; (first threshold number of measurements)) 6. Claims 3 - 5, 8, 11 - 13, 16 are rejected under 35 U.S.C. 103 as being unpatentable over Forristal in view of Brunet and further in view of Shivanna and Brossard and Boone et al. (US PGPUB No. 20140109076). Regarding Claim 3, Forristal-Brunet-Shivanna-Brossard discloses the method of claim 1. Forristal-Brunet-Shivanna-Brossard does not specifically disclose determining, for electronic devices providing firmware measurements, that it has firmware that is out of date. However, Boone discloses wherein further comprising, for one of the further electronic devices providing firmware integrity measurements that equal the silver measurement: determining, by the processor, that it has firmware that is out of date. (see Boone paragraph [0011], lines 12-16: configured to cause transition to downloaded newer version (up-to-date version) of firmware, shutting down a previous version (out of date version) of firmware) It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Forristal-Brunet-Shivanna-Brossard for determining, for electronic devices providing firmware measurements, that it has firmware that is out of date as taught by Boone. One of ordinary skill in the art would have been motivated to employ the teachings of Boone for the benefits achieved from a system that enables verification of latest versions of firmware for data processing within a network environment. (see Boone paragraph [0011], lines 12-16) Regarding Claim 4, Forristal-Brunet-Shivanna-Brossard discloses the method of claim 1, further comprising: a) receiving, by the processor, a different firmware version number from another electronic device that has the identical make and model. (see Forristal col 3, lines 8-17: dedicated integrity verification logic of the device can perform a measurement of the firmware; the measurement can be a cryptographic measurement such as a hash of one or more images (e.g., device firmware and/or other controller code) to be executed by one or more programmable controllers of the device; the measurement can be stored in device storage; page 4, lines 7-14: determined whether the measurement matches an entry in a whitelist for the device firmware; access a data structure having various entries, each corresponding to a measured value for an authorized piece of code, such as the firmware for various devices present in the computer system; (if match same version number, if no match different version numbers)) Forristal-Brunet-Shivanna-Brossard does not specifically disclose a different version number is earlier than the version number. However, Boone discloses: b) determining, by the processor, that the different firmware version number is earlier than the identical version number; and c) generating, by the processor, a security alert indicating that a firmware of the other electronic device has been rolled back. (see Boone paragraph [0011], lines 12-16: configured to cause transition to downloaded newer version (up-to-date version, earlier version) of firmware, shutting down a previous version of firmware; displaying an alert screen (security alert)) It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Forristal-Brunet-Shivanna-Brossard for a different version number is earlier than the version number as taught by Boone. One of ordinary skill in the art would have been motivated to employ the teachings of Boone for the benefits achieved from a system that enables verification of latest versions of firmware for data processing within a network environment. (see Boone paragraph [0011], lines 12-16) Regarding Claim 5, Forristal-Brunet-Shivanna-Brossard discloses the method of claim 1. Forristal-Brunet-Shivanna-Brossard does not specifically disclose determining that memory in which firmware is stored is not properly locked. However, Boone discloses wherein further comprising, for one of the one or more further electronic devices providing firmware integrity measurements that do not equal the silver measurement: determining, by the processor, that a non-volatile memory in which firmware of said one further electronic device is stored is not properly locked. (see Boone paragraph [0014], lines 1-15: managing transition to newer versions of firmware includes restricting deployment of newer versions or override of one or more corresponding versions (not locked) of firmware in accordance with a policy; (policy restrictions are not properly applied during processing of firmware)) It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Forristal-Brunet-Shivanna-Brossard for determining that memory in which firmware is stored is not properly locked as taught by Boone. One of ordinary skill in the art would have been motivated to employ the teachings of Boone for the benefits achieved from a system that enables verification of latest versions of firmware for data processing within a network environment. (see Boone paragraph [0011], lines 12-16) Regarding Claim 8, Forristal-Brunet-Shivanna-Brossard discloses the method of claim 1. Forristal-Brunet-Shivanna-Brossard does not specifically disclose storing all said firmware measurements in a database. However, Boone discloses wherein further comprising storing, by the processor, all said firmware integrity measurements in a database. (see Boone paragraph [0008], lines 16-19: digital certificate and other verification mechanism stored in SOC and used by base loader and caching loaders to ensure that only legitimate packages from firmware server are accepted by device; (intermediary results stored and processed)) It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Forristal-Brunet-Shivanna-Brossard for storing all said firmware measurements in a database as taught by Boone. One of ordinary skill in the art would have been motivated to employ the teachings of Boone for the benefits achieved from a system that enables verification of latest versions of firmware for data processing within a network environment. (see Boone paragraph [0011], lines 12-16) Regarding Claim 11, Forristal-Brunet-Shivanna-Brossard discloses the method of claim 1. Forristal-Brunet-Shivanna-Brossard does not specifically disclose firmware measurements performed by an application running in volatile memory in an electronic device. However, Boone discloses wherein each of all said firmware integrity measurements is performed by an application running in volatile memory in either one of the electronic devices or one of the further electronic devices. (see Boone paragraph [0035], lines 1-3: thin clients as well as servers include volatile computer storage media; (application stored/executed in volatile storage)) It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Forristal-Brunet-Shivanna-Brossard for firmware measurements performed by an application running in volatile memory in an electronic device as taught by Boone. One of ordinary skill in the art would have been motivated to employ the teachings of Boone for the benefits achieved from a system that enables verification of latest versions of firmware for data processing within a network environment. (see Boone paragraph [0011], lines 12-16) Regarding Claim 12, Forristal-Brunet-Shivanna-Brossard-Boone discloses the method of claim 11. Forristal-Brunet-Brossard-Boone does not specifically disclose each application present and functional by an operating system agent running under an operating system. However, Shivanna discloses wherein each application is maintained to be present and functional by an operating system agent running under an operating system of the respective electronic device or further electronic device. (see Shivanna paragraph [0024], lines 5-8: UEFI is a specification that defines a software interface between an operating system and platform firmware; UEFI framework includes modules, drivers, protocols and applications; (allow execution of system agents, application) It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Forristal-Brunet-Brossard-Boone for each application present and functional by an operating system agent running under an operating system as taught by Shivanna. One of ordinary skill in the art would have been motivated to employ the teachings of Shivanna for the benefits achieved from systems that enable the establishment of trusted systems based upon system firmware. (see Shivanna paragraph [0007], lines 10-12) Regarding Claim 13, Forristal-Brunet-Shivanna-Brossard-Boone discloses the method of claim 12. Forristal-Brunet-Brossard-Boone does not specifically disclose each operating system agent maintained to be present and functional by an agent present in non-volatile memory. However, Shivanna discloses wherein each operating system agent is maintained to be present and functional by a persistent agent present in non-volatile memory of the respective electronic device or further electronic device. (see Shivanna paragraph [0024], lines 5-8: UEFI is a specification that defines a software interface between an operating system and platform firmware; UEFI framework includes modules, drivers, protocols and applications; (allow execution of system agents, application)) It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Forristal-Brunet-Brossard-Boone for each operating system agent maintained to be present and functional by an agent present in non-volatile memory as taught by Shivanna. One of ordinary skill in the art would have been motivated to employ the teachings of Shivanna for the benefits achieved from systems that enable the establishment of trusted systems based upon system firmware. (see Shivanna paragraph [0007], lines 10-12) Regarding Claim 16, Forristal-Brunet-Shivanna-Brossard discloses the system of claim 15. Forristal-Brunet-Shivanna-Brossard does not specifically disclose for a) firmware measurement application running in volatile memory. However, Boone discloses: a) wherein in each of the electronic devices and each of the further electronic devices: a firmware integrity measurement application running in volatile memory. (see Boone paragraph [0035], lines 1-3: thin clients as well as servers include volatile computer storage media; (application stored in volatile storage)) It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Forristal-Brunet-Shivanns-Brossard for a) firmware measurement application running in volatile memory as taught by Boone. One of ordinary skill in the art would have been motivated to employ the teachings of Boone for the benefits achieved from a system that enables verification of latest versions of firmware for data processing within a network environment. (see Boone paragraph [0011], lines 12-16) Forristal-Brunet-Brossard-Boone does not specifically disclose for b) operating system agent running under an operating system and configured to maintain firmware measurement application, and for c) agent in non-volatile memory configured to maintain operating system agent. However, Shivanna discloses: b) an operating system agent running under an operating system and configured to maintain the firmware integrity measurement application present and functional; (see Shivanna paragraph [0024], lines 5-8: UEFI is a specification that defines a software interface between an operating system and platform firmware; UEFI framework includes modules, drivers, protocols and applications; (allow execution of system agents) and c) a persistent agent in non-volatile memory configured to maintain the operating system agent present and functional. (see Shivanna paragraph [0024], lines 5-8: UEFI is a specification that defines a software interface between an operating system and platform firmware; UEFI framework includes modules, drivers, protocols and applications; (allow execution of system agents)) It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Forristal-Brunet-Brossard-Boone for b) operating system agent running under an operating system and configured to maintain firmware measurement application, and for c) agent in non-volatile memory configured to maintain operating system agent as taught by Shivanna. One of ordinary skill in the art would have been motivated to employ the teachings of Shivanna for the benefits achieved from systems that enable the establishment of trusted systems based upon system firmware. (see Shivanna paragraph [0007], lines 10-12) Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to CARLTON JOHNSON whose telephone number is (571)270-1032. The examiner can normally be reached Work: 12-9PM (most days). Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on 571-272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /CJ/ March 9, 2026 /KHOI V LE/Primary Examiner, Art Unit 2436
Read full office action

Prosecution Timeline

Sep 09, 2022
Application Filed
Feb 11, 2023
Non-Final Rejection — §103
Aug 22, 2023
Response Filed
Sep 29, 2023
Final Rejection — §103
Apr 05, 2024
Request for Continued Examination
Apr 09, 2024
Response after Non-Final Action
Jun 07, 2024
Non-Final Rejection — §103
Oct 17, 2024
Response Filed
Jan 24, 2025
Final Rejection — §103
Aug 01, 2025
Request for Continued Examination
Aug 12, 2025
Response after Non-Final Action
Aug 20, 2025
Non-Final Rejection — §103
Dec 08, 2025
Response Filed
Mar 22, 2026
Final Rejection — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12604197
METHODS AND SYSTEMS FOR ALLOWING DEVICE TO SEND AND RECEIVE DATA
2y 5m to grant Granted Apr 14, 2026
Patent 12526638
METHODS AND SYSTEMS FOR ALLOWING DEVICE TO SEND AND RECEIVE DATA
2y 5m to grant Granted Jan 13, 2026
Patent 12515614
ELECTRONIC CONTROL UNIT AND COMMUNICATION SYSTEM
2y 5m to grant Granted Jan 06, 2026
Patent 12518656
SECRET SIGMOID FUNCTION CALCULATION SYSTEM, SECRET LOGISTIC REGRESSION CALCULATION SYSTEM, SECRET SIGMOID FUNCTION CALCULATION APPARATUS, SECRET LOGISTIC REGRESSION CALCULATION APPARATUS, SECRET SIGMOID FUNCTION CALCULATION METHOD, SECRET LOGISTIC REGRESSION CALCULATION METHOD AND PROGRAM
2y 5m to grant Granted Jan 06, 2026
Patent 12452239
METHODS AND SYSTEMS FOR ALLOWING DEVICE TO SEND AND RECEIVE DATA
2y 5m to grant Granted Oct 21, 2025
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

7-8
Expected OA Rounds
58%
Grant Probability
90%
With Interview (+32.1%)
4y 11m
Median Time to Grant
High
PTA Risk
Based on 352 resolved cases by this examiner. Grant probability derived from career allow rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month