DETAILED ACTION
The following claims are pending in this office action: 1-25
Claims 1, 6, 17 and 23 are independent claims.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Drawings
The drawings filed on 09/27/2022 are accepted.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claim 23 rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. Claim 23 recites at least one non-transitory machine-readable storage medium capable of storing instructions thereupon, which when executed by a computing system, cause the computing system ....cause a countermeasure at the operational layer. This limitation is unclear because any non-transitory machine - readable storage medium is inherently capable of storing instructions, and the claim does not clearly indicate whether instructions are actually stored on the medium.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1-25 are rejected under 35 U.S.C. §103 as being unpatentable over Venugopalan et al., “Detecting and Thwarting Hardware Trojan Attacks in Cyber-Physical Systems,” IEEE 2016 [hereinafter “Venugopalan”] in view of Schulz et al., “Boot Attestation: Secure Remote Reporting with Off-The-Shelf IoT Sensors,” ESORICS 2017, LNCS 10493, pp. 437–455 [hereinafter “Schulz”].
As per claim 1, Venugopalan discloses an apparatus, comprising: an interface to compute circuitry, the compute circuitry to operate with multiple layers of hardware and software, ([Venugopalan, Introduction]” Communication between the IP cores provide
considerable insight into their functionality and can be used to detect anomalies during system operation” and that “Cybersecurity encompasses software, hardware, and physical security. Modern System-On-Chip (SoC) platforms blur
the distinction between software and hardware boundaries. A CPS may use a mix of microcontrollers, ARM-based SoCs, and Field Programmable Gate Arrays (FPGAs). The SoCs and FPGAs may incorporate commercial off the shelf (COTS)and third-party intellectual property (IP) cores. Third-party cores are seldom trusted, and existing verification methods
cannot detect latent malicious behavior of complex IP cores in a timely manner. A hardware Root-of-Trust (RoT) serves as
the foundation for building trust within a CPS and designing countermeasures that can be effective in the presence of an attack”). Venugopalan further discloses programmable attack detection and response circuitry to: identify operational data from the compute circuitry, the operational data obtained from monitoring of an operational layer of the multiple layers; evaluate the operational data to identify an attack condition; ([Venugopalan, [section III (d)]” logs all IP core deviation in the presence of an attack and also saves the snapshots of the trust metric Qi of each IP core i embedded in the system. Figure 2 shows the TE-FIDES architecture with the components described above and highlights the communication flow from IP core to IP core and from IP core to I/O peripherals. Thus, TE-FIDES enforces trust in an embedded system in the following ways:
Detection and Prevention: Unauthorized communication of IP cores violating the predefined IP core policy Πi is prevented by the Trusted Wrapper Wi and the Trusted Anchor T A.”)
and provide a digital attack response to the compute circuitry, based on identification of the attack condition, the digital attack response to cause a countermeasure at the operational layer. ([Venugopalan, [section III (d)]”… Response and Diagnostics: In the event of an attack, the logging buffer B records the details of the attack, which can be accessed externally for further diagnostics” And that “Wi detects the anomaly between the specified and the issued duty cycle parameter. As a result, Wi prevents the output of the PWM module from issuing the corrupted duty cycle parameter, thus preserving the state of the inverter. In addition, the IP core deviation due to the presence of an attack is also logged in B”). Venugopalan does not explicitly disclose wherein trust of the compute circuitry is established based on attestation of a hardware root of trust (RoT) at a lower layer of the multiple layers. However, Schulz in the same field of endeavor discloses wherein trust of the compute circuitry is established based on attestation of a hardware root of trust (RoT) at a lower layer of the multiple layers.([ Schulz, ESORICS 2017, Section 3.2, pp. 442–443]” The prover hardware starts execution at the platform Root of Trust (RoT). This ‘stage 0’ has exclusive access to the root attestation key… Execution then continues at stage 1… The scheme continues through other boot stages … until the main application/runtime has launched”) The examiner interprets this as multiple layers of hardware and software with trust anchored in a lower-layer RoT”). It would have been obvious before the effective filing date of the claimed invention for one of ordinary skill in the art to modify Venugopalan apparatus, interface to compute circuitry to further include wherein trust of the compute circuitry is established based on attestation of a hardware root of trust (RoT) at a lower layer of the multiple layers as suggested by Schulz. One of ordinary skills in the art would have been motivated to do so because combining Schulz’s RoT-based attestation into Venugopalan’s detection approach represents a predictable use of known security mechanisms to enhance physical device trustworthiness by ensuring that anomaly detection is performed only after the underlying layers have been verified.
As per claim 2, the references as combined above disclose the apparatus of claim 1. Venugopalan further discloses communication circuitry to communicate the operational data to an attack management service operated by another computing system; ([Venugopalan, [section III ]]” Commercial state-of-the-art DSPs have dedicated hardware for vector control of three-phase systems [26] and therefore used in this example. Untrusted PWM blocks are instantiated in the PL. The Zynq receives system commands and parameters from a remote supervisory unit through the Ethernet controller, while the duty cycles for synthesizing the voltages are received through the SPI module from the DSP. The PWM module generates waveforms with the appropriate duty cycle to drive the three-phase inverter…. Response and Diagnostics: In the event of an attack, the logging buffer B records the details of the attack, which can be accessed externally for further diagnostics” The examiner interprets this as a remote analysis system). Venugopalan further discloses wherein the attack management service coordinates with the programmable attack detection and response circuitry to identify the attack condition and identify the countermeasure.([Venugopalan, [section III (d)]”… Response and Diagnostics: In the event of an attack, the logging buffer B records the details of the attack, which can be accessed externally for further diagnostics” And that “Wi detects the anomaly between the specified and the issued duty cycle parameter”). Therefore, it would have been obvious before the effective filing date of the claimed invention for one of ordinary skill in the art to use Venugopalan attack management service to coordinates with the programmable attack detection and response circuitry to identify the attack condition and identify the countermeasure as suggested by Venugopalan. One of ordinary skills in the art would have been motivated to do so because Venugopalan teaches that theses centralized attack management function are implemented by a separate computing system providing coordinated security management functionality to monitored components, which constitutes a management service that enforces centrally defined security rules and coordinates response actions once an attack condition is identified.
As per claim 3, the references as combined above disclose the apparatus of claim 1. Venugopalan further discloses at least one attack detection sensor, operable at the compute circuitry, to generate the operational data from monitoring of the operational layer of the multiple layers.( ([Venugopalan, [section III ]]” The DoS attack interrupts the communication between the sensors and the control system, and may also affect system integrity by modifying sensor data. In contrast, protecting control algorithm code does not also ensure trust in sensor and actuator communication that ultimately bridges the cyber and physical domains.”).Therefore, it would have been obvious before the effective filing date of the claimed invention for one of ordinary skill in the art to modify Venugopalan’s attack detection system to further include at least one attack detection sensor, operable at the compute circuitry, to generate the operational data from monitoring of the operational layer of the multiple layers. One of ordinary skills in the art would have been motivated to do so because Venugopalan teaches that inserting passive and active software sensors at the compute circuitry to monitor operational layers enables effective attack detection through instrumentation of monitored components, thereby improving system security and providing predictable monitoring of operational behavior.
As per claim 4, the references as combined above disclose the apparatus of claim 1. Venugopalan further discloses wherein the programmable attack detection and response circuitry comprises: a field programmable gate array (FPGA), an Application Specific Integrated Circuit (ASIC), or a Complex Programmable Logic Device (CPLD).([ Venugopalan, IV Figure 3]” shows the control interface for driving the three-phase inverter connected to a load. The interface is realized on a MicroZed development board containing a Xilinx Zynq-7020 possessing a dual-core ARM processor and an Artix FPGA with 85K logic cells. The Zynq platform is partitioned into processing system (PS) and programmable logic (PL) sections. The PS region includes peripheral controllers accessible to the ARM cores, whereas the PL region’s FPGA fabric can be used to implement custom computational and controller cores. The Ethernet and Serial Peripheral Interface (SPI) controller cores are trusted, fixed silicon cores implemented in the PS region.”).Therefore, it would have been obvious before the effective filing date of the claimed invention for one of ordinary skill in the art to modify Venugopalan response circuitry to further include wherein the programmable attack detection and response circuitry comprises: a field programmable gate array (FPGA), an Application Specific Integrated Circuit (ASIC), or a Complex Programmable Logic Device (CPLD). One of ordinary skills in the art would have been motivated to do so because Venugopalan teaches implementing security-critical control and detection functionality using programmable logic and fixed function hardware, thereby adding such programmable attack detection and response circuitry would have predictably enabled flexible, hardware-based security enforcement integrated with the compute circuitry.
As per claim 5, the references as combined disclose the apparatus of claim 1. Venugopalan further discloses wherein the compute circuitry includes at least one of: a central processing unit (CPU) processor, a graphics processing unit (GPU) processor, or a network processor. ([Venugopalan, ]”The interface is realized on a MicroZed development board containing a Xilinx Zynq-7020 possessing a dual-core ARM processor and an Artix FPGA with 85K logic cells. The Zynq platform is partitioned into processing system (PS) and programmable logic (PL) sections”).Claim 5 is rejected under the same rationale as claim 1 above.
As per claim 6, Venugopalan discloses a computing device, comprising: processing circuitry to perform compute operations, wherein the processing circuitry is to perform the compute operations with use of multiple layers of an IP block of the processing circuitry, wherein trust of the IP block is established based on attestation of a hardware root of trust (RoT) at a lower layer of the multiple layers of the IP block; ([Venugopalan, Introduction]” Communication between the IP cores provide considerable insight into their functionality and can be used to detect anomalies during system operation” and that “Cybersecurity encompasses software, hardware, and physical security. Modern System-On-Chip (SoC) platforms blur the distinction between software and hardware boundaries. A CPS may use a mix of microcontrollers, ARM-based SoCs, and Field Programmable Gate Arrays (FPGAs). The SoCs and FPGAs may incorporate commercial off the shelf (COTS)and third-party intellectual property (IP) cores. Third-party cores are seldom trusted, and existing verification methods cannot detect latent malicious behavior of complex IP cores in a timely manner. A hardware Root-of-Trust (RoT) serves as the foundation for building trust within a CPS and designing countermeasures that can be effective in the presence of an attack”) and attack detection and response circuitry to: identify operational data from the processing circuitry, the operational data obtained from monitoring of an operational layer of the multiple layers of the IP block; evaluate the operational data to identify an attack condition; ([Venugopalan, [section III (d)]” logs all IP core deviation in the presence of an attack and also saves the snapshots of the trust metric Qi of each IP core i embedded in the system. Figure 2 shows the TE-FIDES architecture with the components described above and highlights the communication flow from IP core to IP core and from IP core to I/O peripherals. Thus, TE-FIDES enforces trust in an embedded system in the following ways:
Detection and Prevention: Unauthorized communication of IP cores violating the predefined IP core policy Πi is prevented by the Trusted Wrapper Wi and the Trusted Anchor T A.”)
and provide a digital attack response to the processing circuitry, based on identification of the attack condition, the digital attack response to cause a countermeasure at the operational layer. ([Venugopalan, [section III (d)]”… Response and Diagnostics: In the event of an attack, the logging buffer B records the details of the attack, which can be accessed externally for further diagnostics” And that “Wi detects the anomaly between the specified and the issued duty cycle parameter. As a result, Wi prevents the output of the PWM module from issuing the corrupted duty cycle parameter, thus preserving the state of the inverter. In addition, the IP core deviation due to the presence of an attack is also logged in B”). Venugopalan does not explicitly disclose wherein trust of the IP block is established based on attestation of a hardware root of trust (RoT) at a lower layer of the multiple layers of the IP block.
However, Schulz discloses wherein trust of the IP block is established based on attestation of a hardware root of trust (RoT) at a lower layer of the multiple layers of the IP block; ([Schulz, Section 3.2, pp. 442–443] “the prover P builds its chain of trust from the Root of Trust to a possible stage 1 (bootloader) and stage 2 (application). Once booted, the prover may be challenged by V to report its firmware state by demonstrating possession of the implicitly authenticated measurement state AK2….The prover hardware starts execution at the platform Root of Trust (RoT)”). The examiner interprets this staged, compositional measurement process as corresponding to a DICE-style attestation architecture.”). Therefore, it would have been obvious before the effective filing date of the claimed invention for one of ordinary skill in the art to modify Venugopalan apparatus, interface to compute circuitry to further include wherein trust of the compute circuitry is established based on attestation of a hardware root of trust (RoT) at a lower layer of the multiple layers as suggested by Schulz. One of ordinary skills in the art would have been motivated to do so because combining Schulz’s RoT-based attestation into Venugopalan’s detection approach represents a predictable use of known security mechanisms to enhance physical device trustworthiness by ensuring that anomaly detection is performed only after the underlying layers have been verified.
As per claim 7, the references as combined above disclose the computing device of claim 6. Schulz further discloses wherein the attack detection and response circuitry is further to, prior to identification of the attack condition: perform attestation of the IP block of the processing circuitry, based on the attestation of the multiple layers including the operational layer of the IP block; ([ Schulz, ESORICS 2017, Section 3.2, pp. 442–443]” The prover hardware starts execution at the platform Root of Trust (RoT). This ‘stage 0’ has exclusive access to the root attestation key… Execution then continues at stage 1… The scheme continues through other boot stages … until the main application/runtime has launched”) and cause provisioning at the IP block of the processing circuitry to enable the countermeasure at the operational layer .([ Schulz, ESORICS 2017, Section 3.2, pp. 442–443]” The prover hardware starts execution at the platform Root of Trust (RoT). This ‘stage 0’ has exclusive access to the root attestation key… Execution then continues at stage 1… The scheme continues through other boot stages … until the main application/runtime has launched”) The examiner interprets this as multiple layers of hardware and software with trust anchored in a lower-layer RoT. Claim 7 is rejected under the same rationale as claim 6 above.
As per claim 8, the references as combined above disclose the computing device of claim 6. Schulz further discloses wherein the countermeasure at the operational layer is pre-provisioned to enable the countermeasure.([ Schulz, ESORICS 2017, Section 3.2, pp. 442–443]” The prover hardware starts execution at the platform Root of Trust (RoT). This ‘stage 0’ has exclusive access to the root attestation key… Execution then continues at stage 1… The scheme continues through other boot stages … until the main application/runtime has launched”). Therefore, it would have been obvious before the effective filing date of the claimed invention for one of ordinary skill in the art to modify Venugopalan’s countermeasure mechanism to include wherein the countermeasure at the operational layer is pre-provisioned to enable the countermeasure as suggested by Schulz. One of ordinary skill in the art would have been motivated to do so because Schulz teaches that establishing trust and system state during secure boot necessarily involves configuring and enabling security mechanisms in advance of runtime execution, thereby enabling immediate enforcement of countermeasures during system operation.
As per claim 9, the references as combined above disclose the computing device of claim 6. Schulz further discloses wherein the attack detection and response circuitry includes a plurality of operational layers, and wherein the attack detection and response circuitry is further to provide attestation of the plurality of operational layers .([ Schulz, ESORICS 2017, Section 3.2, pp. 442-443]” The scheme continues through other boot stages x ∈ {1,..., k} until the main application/runtime has launched in stage k. In each stage, a measurement mx+1 of the next firmware stage is taken and extended into the measurement state ...” to an attestation verifier service operated by another computing device.([ Schulz, ESORICS 2017, Section 2.3, pp. 440]” Remote Attestation is a security scheme where a verifier V wants to gain assurance that the firmware state of the prover P has not been subject to compromise”). Therefore, it would have been obvious before the effective filing date of the claimed invention for one of ordinary skill in the art to modify Venugopalan’s computing device to include wherein the attack detection and response circuitry is further to provide attestation of the plurality of operational layers to an attestation verifier service operated by another computing as suggested by Schulz. One of ordinary skill in the art would have been motivated to do so because Schulz teaches remote attestation of multiple operational layers to an external verifier to establish platform trust, thereby enabling a separate computing device to validate system integrity and security state during operation.
As per claim 10, the references as combined above disclose the computer device of claim 6. Venugopalan discloses wherein identification of the attack condition is based on at least one detection algorithm that analyzes the operational data obtained from the processing circuitry. ([Venugopalan, [section III ]]” Each core <Core>i will provide a suite of measurements based on its statistical properties such as memory utilization and latency. These properties will be monitored to detect behavior deviations in the presence of a HTT.”) .Therefore, it would have been obvious before the effective filing date of the claimed invention for one of ordinary skill in the art to modify Venugopalan’s computing device to include wherein identification of the attack condition is based on at least one detection algorithm that analyzes the operational data obtained from the processing circuitry, in view of Venugopalan’s teaching that anomaly detection is performed by statistical deviation in operational data. One of ordinary skill in the art would have been motivated to do so because Venugopalan teaches that identification of an attack condition is performed by analyzing operational data using one or more detection algorithms, and incorporating this detection algorithm into Venugopalan would have predictably enabled identification of an attack condition based on operational data obtained from processing circuitry.
As per claim 11, the references as combined above disclose the computer device of claim 6. Venugopalan further discloses wherein the attack detection and response circuitry is further to: communicate operational data to an attack management service operated by another computing device; ([Venugopalan, [section III ]]” Commercial state-of-the-art DSPs have dedicated hardware for vector control of three-phase systems [26] and therefore used in this example. Untrusted PWM blocks are instantiated in the PL. The Zynq receives system commands and parameters from a remote supervisory unit through the Ethernet controller, while the duty cycles for synthesizing the voltages are received through the SPI module from the DSP. The PWM module generates waveforms with the appropriate duty cycle to drive the three-phase inverter…. Response and Diagnostics: In the event of an attack, the logging buffer B records the details of the attack, which can be accessed externally for further diagnostics” The examiner interprets this as a remote analysis system).wherein the attack management service coordinates with the attack detection and response circuitry to identify the attack condition and identify the countermeasure. ([Venugopalan, [section III (d)]”… Response and Diagnostics: In the event of an attack, the logging buffer B records the details of the attack, which can be accessed externally for further diagnostics” And that “Wi detects the anomaly between the specified and the issued duty cycle parameter”). Therefore, it would have been obvious before the effective filing date of the claimed invention for one of ordinary skill in the art to use Venugopalan attack management service to coordinates with the programmable attack detection and response circuitry to identify the attack condition and identify the countermeasure as suggested by Venugopalan. One of ordinary skills in the art would have been motivated to do so because Venugopalan teaches that theses centralized attack management function are implemented by a separate computing system providing coordinated security management functionality to monitored components, which constitutes a management service that enforces centrally defined security rules and coordinates response actions once an attack condition is identified.
As per claim 12, the references as combined above disclose the computing device of claim 6. Venugopalan discloses wherein the operational data received from the processing circuitry includes an attack detect message generated by the processing circuitry, the attack detect message including data from at least one attack detection sensor at the processing circuitry. ([Venugopalan, [section III ]]” The Zynq receives system commands and parameters from a remote supervisory unit through the Ethernet controller, while the duty cycles for synthesizing the voltages are received through the SPI module from the DSP. The PWM module generates waveforms with the appropriate duty cycle to drive the three-phase inverter.”).Therefore, it would have been obvious before the effective filing date of the claimed invention for one of ordinary skill in the art to modify Venugopalan’s computing device to include wherein the operational data received from the processing circuitry includes an attack detect message generated by the processing circuitry, the attack detect message including data from at least one attack detection sensor at the processing circuitry as suggested .One of ordinary skill in the art would have been motivated to incorporating Venugopalan’s sensor-based anomaly measurements into Venugopalan’s PWM-based attack detection framework to reliably detect and report anomalous conditions as operational data.
As per claim 13, the references as combined above disclose the computing device of claim 12. Venugopalan discloses wherein the at least one attack detection sensor is operated for at least one of the multiple layers using at least one: tamper sensor; traffic monitoring sensor, or bus monitoring sensor.([Venugopalan, pp. 1-introduction, pp.4–6, Fig. 2] “In addition, the trust metric is implemented using a secure enclave approach for access and cannot be modified by the Trusted Anchor or external events ….TE-FIDES relies on tag-based information flow control to implement decentralized and safe flow of information between various elements in a system. During the initialization phase, each IP core <Core>i has its Trusted Wrapper
W
i
assigned a tag
τ
i
corresponding to the characteristics (
α
) of the information accessed/processed by…. facilitate legal communication between IP cores and peripherals”.”) The examiner interprets trusted wrapper and a secure enclave as a trusted environment for monitoring internal signals, bus activity as operation of tamper, traffic monitoring, and bus monitoring sensors during execution. Venugopalan does not disclose wherein the computing operations performed by the processing circuitry include execution of a workload in a trusted execution environment. However, Schulz discloses wherein the computing operations performed by the processing circuitry include execution of a workload in a trusted execution environment ([ Schulz, ESORICS 2017, Section 3.2, pp. 442–443]” The prover hardware starts execution at the platform Root of Trust (RoT). This ‘stage 0’ has exclusive access to the root attestation key… Execution then continues at stage 1… The scheme continues through other boot stages … until the main application/runtime has launched”). Therefore, it would have been obvious before the effective filing date of the claimed invention for one of ordinary skill in the art to modify Venugopalan’s attack detection sensor to further include wherein the computing operations performed by the processing circuitry include execution of a workload in a trusted execution environment, suggested by Schulz. One of ordinary skill in the art would have been motivated to do so because incorporating Schulz into computing device would have provided monitoring of internal signals and bus activity during execution.
As per claim 14, the references as combined above disclose the computing device of claim 6. Venugopalan discloses wherein the attack condition is identified as a cyber attack, a physical attack, or a side-channel attack, and wherein the countermeasure includes at least one of: erasing memory; disabling access; halting processor operations; sandboxing; data substitution; activation of a honeypot; or a cryptographic lockdown. ([Venugopalan, abstract, p.1, p.5 ] “Many of the cyber attacks are successful as they are designed to selectively target a specific hardware or software component in an embedded system and trigger its failure....Existing security measures also use attack vector models and isolate the malicious component as a countermeasure.” (Abstract, p.1) and “Wi prevents the output of the PWM module from issuing the corrupted duty cycle parameter, thus preserving the state of the inverter.” (p.5) ). Claim 14 is rejected under the same rationale as claim 6 above.
As per claim 15, the references as combined above disclose the computing device of claim 6. Venugopalan discloses wherein the attack detection and response circuitry is a configured field programmable gate array (IiPGA), Application Specific Integrated Circuit (ASIC), or Complex Programmable Logic Device (CPLD). ([ Venugopalan, IV Figure 3]” shows the control interface for driving the three-phase inverter connected to a load. The interface is realized on a MicroZed development board containing a Xilinx Zynq-7020 possessing a dual-core ARM processor and an Artix FPGA with 85K logic cells. The Zynq platform is partitioned into processing system (PS) and programmable logic (PL) sections. The PS region includes peripheral controllers accessible to the ARM cores, whereas the PL region’s FPGA fabric can be used to implement custom computational and controller cores. The Ethernet and Serial Peripheral Interface (SPI) controller cores are trusted, fixed silicon cores implemented in the PS region.”) Venugopalan does not explicitly disclose wherein the processing circuitry is a System-on-Chip device. However, Schulz in the same field of endeavor disclose wherein the processing circuitry is a System-on-Chip device, ([Schulz, Section 2.1, pp. 439]” Modern MCUs combine CPU, memory, basic peripherals, and selected communication interfaces on a single System on Chip (SoC), as illustrated in Fig. 1”). Therefore, it would have been obvious before the effective filing date of the claimed invention for one of ordinary skill in the art to modify Venugopalan’s configured system to further include wherein the processing circuitry is a System-on-Chip device as suggested by Schulz. One of ordinary skill in the art would have been motivated to do so because incorporating Schulz’s Chip system into Venugopalan’s IiPGA, ASIC, CPLD system would have enabled a configurable hardware implementation of the attack detection and response circuitry to achieve a dedicated hardware implementation.
As per claim 16, the references as combined above disclose the computing device of claim 6. Schulz further discloses wherein the multiple layers of the IP block are established according to a Device Identifier Composition Engine (DICE) attestation architecture, and wherein the attestation of the hardware RoT is based on attestation according to the DICE attestation architecture. ([Schulz, Section 3.2, pp. 442–443] “the prover P builds its chain of trust from the Root of Trust to a possible stage 1 (bootloader) and stage 2 (application). Once booted, the prover may be challenged by V to report its firmware state by demonstrating possession of the implicitly authenticated measurement state AK2….The prover hardware starts execution at the platform Root of Trust (RoT”). The examiner interprets this staged, compositional measurement process as corresponding to a DICE-style attestation architecture. Therefore, it would have been obvious before the effective filing date of the claimed invention for one of ordinary skill in the art to modify Venugopalan’s multiple IP blocks layers to further include wherein the multiple layers of the IP block are established according to a Device Identifier Composition Engine (DICE) attestation architecture, and wherein the attestation of the hardware RoT is based on attestation according to the DICE attestation architecture as suggested by Schulz. One of ordinary skill in the art would have been motivated to do so because Schulz teaches a staged, compositional attestation architecture functionally equivalent to the DICE model named a Root-of-Trust anchored execution process that produces implicitly authenticated measurement state across multiple boot stages based attestation architecture would have enabled staged, compositional measurement rooted at a hardware Root of Trust. Therefore, incorporating Schulz’s staged compositional measurement process across Venugopalan’s multiple IP block layers would predictably yield a DICE-style attestation architecture.
As per claim 17, Venugopalan discloses a method for implementing attack detection and response in a computing system, comprising operations performed by an attack detection and response engine of the computing system, the method comprising: identifying operational data from processing circuitry of the computing system, wherein the processing circuitry is to perform computing operations with use of multiple layers of the processing circuitry, ([Venugopalan, Introduction]” Communication between the IP cores provide considerable insight into their functionality and can be used to detect anomalies during system operation” and that “Cybersecurity encompasses software, hardware, and physical security. Modern System-On-Chip (SoC) platforms blur the distinction between software and hardware boundaries. A CPS may use a mix of microcontrollers, ARM-based SoCs, and Field Programmable Gate Arrays (FPGAs). The SoCs and FPGAs may incorporate commercial off the shelf (COTS)and third-party intellectual property (IP) cores. Third-party cores are seldom trusted, and existing verification methods cannot detect latent malicious behavior of complex IP cores in a timely manner. A hardware Root-of-Trust (RoT) serves as the foundation for building trust within a CPS and designing countermeasures that can be effective in the presence of an attack”)
evaluating the operational data to identify an attack condition at the processing circuitry, wherein the operational data is obtained from monitoring of an operational layer of the multiple layers; ([Venugopalan, [section III (d)]” logs all IP core deviation in the presence of an attack and also saves the snapshots of the trust metric Qi of each IP core i embedded in the system. Figure 2 shows the TE-FIDES architecture with the components described above and highlights the communication flow from IP core to IP core and from IP core to I/O peripherals. Thus, TE-FIDES enforces trust in an embedded system in the following ways:
Detection and Prevention: Unauthorized communication of IP cores violating the predefined IP core policy Πi is prevented by the Trusted Wrapper Wi and the Trusted Anchor T A.”)
and providing a digital attack response to the processing circuitry, based on identifying the attack condition, the digital attack response to cause a countermeasure at the operational layer. ([Venugopalan, [section III (d)]”… Response and Diagnostics: In the event of an attack, the logging buffer B records the details of the attack, which can be accessed externally for further diagnostics” And that “Wi detects the anomaly between the specified and the issued duty cycle parameter. As a result, Wi prevents the output of the PWM module from issuing the corrupted duty cycle parameter, thus preserving the state of the inverter. In addition, the IP core deviation due to the presence of an attack is also logged in B”). Venugopalan does not disclose wherein trust of the processing circuitry established based on attestation of a hardware root of trust (RoT) at a lower layer of the multiple layers. However, Schulz teaches wherein trust of the processing circuitry established based on attestation of a hardware root of trust (RoT) at a lower layer of the multiple layers ([Schulz, Section 3.2, pp. 442–443] “the prover P builds its chain of trust from the Root of Trust to a possible stage 1 (bootloader) and stage 2 (application). Once booted, the prover may be challenged by V to report its firmware state by demonstrating possession of the implicitly authenticated measurement state AK2….The prover hardware starts execution at the platform Root of Trust (RoT)”). The examiner interprets this staged, compositional measurement process as corresponding to a DICE-style attestation architecture.”).Therefore, It would have been obvious before the effective filing date of the claimed invention for one of ordinary skill in the art to modify Venugopalan’s method for implementing attack detection to further include wherein trust of the processing circuitry established based on attestation of a hardware root of trust (RoT) at a lower layer of the multiple layers as suggested by Schulz’s. One of ordinary skill in the art would have been motivated to do so because Venugopalan teaches that applying runtime countermeasures at the IP-core level preserves correct system operation in the presence of attacks, and integrating such operational-layer mitigation into the security architectures of Schulz, represents a predictable improvement in protecting cyber-physical and embedded computing systems from active attacks.
As per claim 18, the references as combined above disclose the method of claim 17. Schulz further discloses wherein the processing circuitry implements the multiple layers in at least one IP block, and wherein the method further comprises, prior to identification of the attack condition: performing attestation of the at least one IP block of the processing circuitry, based on the attestation of the multiple layers including the operational layer; ([ Schulz, ESORICS 2017, Section 3.2, pp. 442–443]” The prover hardware starts execution at the platform Root of Trust (RoT). This ‘stage 0’ has exclusive access to the root attestation key… Execution then continues at stage 1… The scheme continues through other boot stages … until the main application/runtime has launched”) and causing provisioning at the at least one IP block of the processing circuitry to enable the countermeasure at the operational layer. .([ Schulz, ESORICS 2017, Section 3.2, pp. 442–443]” The prover hardware starts execution at the platform Root of Trust (RoT). This ‘stage 0’ has exclusive access to the root attestation key… Execution then continues at stage 1… The scheme continues through other boot stages … until the main application/runtime has launched”) The examiner interprets this as multiple layers of hardware and software with trust anchored in a lower-layer RoT. Therefore, it would have been obvious before the effective filing date of the claimed invention for one of ordinary skill in the art to modify Venugopalan’s layered detection to include performing attestation of the at least one IP block of the processing circuitry, based on the attestation of the multiple layers including the operational layer; and causing provisioning at the at least one IP block of the processing circuitry to enable the countermeasure at the operational layer as suggested by Schulz. One of ordinary skill in the art would have been motivated to do so because incorporate Schulz ‘s staged RoT-based attestation into Venugopalan’s layered detection system will secure provisioning of operational-layer countermeasures.
As per claim 19, the references as combined above disclose the method of claim 17. Schulz further discloses wherein the countermeasure at the operational layer is pre-provisioned to enable the countermeasure.([ Schulz, ESORICS 2017, Section 3.2, pp. 442–443]” The prover hardware starts execution at the platform Root of Trust (RoT). This ‘stage 0’ has exclusive access to the root attestation key… Execution then continues at stage 1… The scheme continues through other boot stages … until the main application/runtime has launched”) The examiner interprets the isolation mechanism as a pre-provisioned operational-layer countermeasure invoked upon detection of an attack condition. Therefore, it would have been obvious before the effective filing date of the claimed invention for one of ordinary skill in the art to modify Venugopalan’s countermeasure mechanism to include wherein the countermeasure at the operational layer is pre-provisioned to enable the countermeasure as suggested by Schulz. One of ordinary skill in the art would have been motivated to do so because Schulz teaches that establishing trust and system state during secure boot necessarily involves configuring and enabling security mechanisms in advance of runtime execution, thereby enabling immediate enforcement of countermeasures during system operation.
As per claim 20, the references as combined above disclose the method of claim 17. Venugopalan further discloses wherein identifying the attack condition is based on at least one detection algorithm that analyzes the operational data obtained from the processing circuitry. ([Venugopalan, [section III ]]” Each core <Core>i will provide a suite of measurements based on its statistical properties such as memory utilization and latency. These properties will be monitored to detect behavior deviations in the presence of a HTT.”) Claim 20 is rejected under the same rationale as claim 17 above.
As per claim 21, the references as combined above disclose the method of claim 17. Venugopalan further discloses communicating the operational data to an attack management service operated by another computing system; wherein the attack management service coordinates with the attack detection and response engine to identify the attack condition and identify the countermeasure. ([Venugopalan, [section III ]]” Commercial state-of-the-art DSPs have dedicated hardware for vector control of three-phase systems [26] and therefore used in this example. Untrusted PWM blocks are instantiated in the PL. The Zynq receives system commands and parameters from a remote supervisory unit through the Ethernet controller, while the duty cycles for synthesizing the voltages are received through the SPI module from the DSP. The PWM module generates waveforms with the appropriate duty cycle to drive the three-phase inverter.” The examiner interprets this as a remote analysis system). Claim 21 is rejected under the same rationale as claim 17 above.
As per claim 22, the references as combined above disclose the method of claim 17. Venugopalan discloses wherein the attack condition is identified as a cyber attack, a physical attack, or a side-channel attack, and wherein the countermeasure includes at least one of: erasing memory; disabling access; halting processor operations; sandboxing; data substitution; activation of a honeypot; or a cryptographic lockdown. ([Venugopalan, abstract, p.1, p.5 ] “Many of the cyber attacks are successful as they are designed to selectively target a specific hardware or software component in an embedded system and trigger its failure....Existing security measures also use attack vector models and isolate the malicious component as a countermeasure.” (Abstract, p.1) and “Wi prevents the output of the PWM module from issuing the corrupted duty cycle parameter, thus preserving the state of the inverter.”(p.5) ). The examiner interprets such isolation and prevention of corrupted outputs as including disabling access, halting processor operations, or enforcing cryptographic lockdown of affected components in response to detected anomalous behavior. Claim 22 is rejected under the same rationale as claim 17 above.
As per claim 23, the references as combined above disclose at least one non-transitory machine-readable storage medium capable of storing instructions thereupon, which when executed by a computing system, cause the computing system to perform operations comprising: identifying operational data from processing circuitry of the computing system, wherein the processing circuitry is to perform computing operations with use of multiple layers of the processing circuitry, ([Venugopalan, Introduction]” Communication between the IP cores provide considerable insight into their functionality and can be used to detect anomalies during system operation” and that “Cybersecurity encompasses software, hardware, and physical security. Modern System-On-Chip (SoC) platforms blur the distinction between software and hardware boundaries. A CPS may use a mix of microcontrollers, ARM-based SoCs, and Field Programmable Gate Arrays (FPGAs). The SoCs and FPGAs may incorporate commercial off the shelf (COTS)and third-party intellectual property (IP) cores. Third-party cores are seldom trusted, and existing verification methods cannot detect latent malicious behavior of complex IP cores in a timely manner. A hardware Root-of-Trust (RoT) serves as the foundation for building trust within a CPS and designing countermeasures that can be effective in the presence of an attack”)
evaluating the operational data to identify an attack condition at the processing circuitry, wherein the operational data is obtained from monitoring of an operational layer of the multiple layers; ([Venugopalan, [section III (d)]” logs all IP core deviation in the presence of an attack and also saves the snapshots of the trust metric Qi of each IP core i embedded in the system. Figure 2 shows the TE-FIDES architecture with the components described above and highlights the communication flow from IP core to IP core and from IP core to I/O peripherals. Thus, TE-FIDES enforces trust in an embedded system in the following ways:
Detection and Prevention: Unauthorized communication of IP cores violating the predefined IP core policy Πi is prevented by the Trusted Wrapper Wi and the Trusted Anchor T A.”)
and providing a digital attack response to the processing circuitry, based on identifying the attack condition, the digital attack response to cause a countermeasure at the operational layer. ([Venugopalan, [section III (d)]”… Response and Diagnostics: In the event of an attack, the logging buffer B records the details of the attack, which can be accessed externally for further diagnostics” And that “Wi detects the anomaly between the specified and the issued duty cycle parameter. As a result, Wi prevents the output of the PWM module from issuing the corrupted duty cycle parameter, thus preserving the state of the inverter. In addition, the IP core deviation due to the presence of an attack is also logged in B”). Venugopalan does not disclose wherein trust of the processing circuitry is established based on attestation of a hardware root of trust (RoT) at a lower layer of the multiple layers. However, Schulz discloses wherein trust of the processing circuitry is established based on attestation of a hardware root of trust (RoT) at a lower layer of the multiple layers. ([Schulz, Section 3.2, pp. 442–443] “the prover P builds its chain of trust from the Root of Trust to a possible stage 1 (bootloader) and stage 2 (application). Once booted, the prover may be challenged by V to report its firmware state by demonstrating possession of the implicitly authenticated measurement state AK2….The prover hardware starts execution at the platform Root of Trust (RoT)”). The examiner interprets this staged, compositional measurement process as corresponding to a DICE-style attestation architecture.”). Therefore, it would have been obvious before the effective filing date of the claimed invention for one of ordinary skill in the art to modify Venugopalan non-transitory machine-readable storage medium capable of storing instructions thereupon to further include wherein trust of the processing circuitry is established based on attestation of a hardware root of trust (RoT) at a lower layer of the multiple layers and wherein the operational data is obtained from monitoring of an operational layer of the multiple layers as suggested Schulz. One of ordinary skills in the art would have been motivated to do so because Schulz teaches that multi-layer attestation improves platform trustworthiness and the combination of these known techniques with Venugopalan’s authentication system represents a predictable improvement in securing cyber-physical and embedded computing systems.
As per claim 24, the references as combined above disclose the at least one non-transitory machine-readable storage medium of
claim 23. Schulz further discloses wherein the processing circuitry of the computing system implements the multiple layers in at least one IP block, and wherein the operations further comprise, prior to identification of the attack condition: performing attestation of the at least one IP block, based on the attestation of the multiple layers including the operational layer; and causing provisioning at the at least one IP block to enable the countermeasure at the operational layer. ([Schulz, Section 3.2, pp. 442–443]” Execution then continues at stage 1 using the intermediate attestation key AK1 and measurement
log
(
H
1
,
N
B
)
. The scheme continues through other boot stages x ∈ {1, . . . , k} until the main application/runtime has launched in stage k. In each stage, a measurement
m
x
+
1
”). The examiner interprets the disclosed operations as instructions stored on a machine-readable medium causing the computing system to perform layered attestation and operational-layer provisioning. Therefore, it would have been obvious before the effective filing date of the claimed invention for one of ordinary skill in the art to modify Venugopalan attack detection and countermeasure framework to further implement one non-transitory machine-readable storage medium wherein trust of the compute circuitry is established based on attestation of a hardware root of trust (RoT) at a lower layer of the multiple layers as suggested by Schulz. One of ordinary skills in the art would have been motivated to do so because combining Schulz’s RoT-based attestation into Venugopalan’s detection approach represents a predictable use of known security mechanisms to enhance physical device trustworthiness by ensuring that anomaly detection is performed only after the underlying layers have been verified.
As per claim 25 the references as combined above disclose at least one non-transitory machine-readable storage medium of claim 23. Venugopalan discloses the operations further comprising: communicating the operational data to an attack management service operated by another computing system; wherein the attack management service provides data to identify the attack condition and identify the countermeasure. ([Venugopalan, [section III ]]” Commercial state-of-the-art DSPs have dedicated hardware for vector control of three-phase systems [26] and therefore used in this example. Untrusted PWM blocks are instantiated in the PL. The Zynq receives system commands and parameters from a remote supervisory unit through the Ethernet controller, while the duty cycles for synthesizing the voltages are received through the SPI module from the DSP. The PWM module generates waveforms with the appropriate duty cycle to drive the three-phase inverter.” The examiner interprets this as a remote analysis system) Claim 25 is rejected under the same rationale as claim 23 above.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant’s disclosure:
Abbaszadeh et al, (US 20200089874 A1) discloses local and global fusion for Cyber-Physical system abnormal detection.
Cambou et al, (US10454691 B2) discloses Systems implementing hierarchical levels of security.
Rieger et al, (US 20200175171 A1) discloses system and methods for control system security.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Komi N. AMEVIGBE whose telephone number is (571)272-3381. The examiner can normally be reached Monday-Friday 2pm-10pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached at (571) 272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/K.N.A./Examiner, Art Unit 2493
/CARL G COLIN/Supervisory Patent Examiner, Art Unit 2493