DETAILED ACTION
This Office Action is with regard to the most recent papers filed 7/10/2025.
Response to Arguments
Applicant's arguments filed 7/10/2025 have been fully considered are deemed not persuasive.
Applicant argues that the prior art does not teach the “automatically partitioning” functionality and “based on the determining, connecting, by the one or more processors at least one wireless interface…to a Centralized service…”
Applicant proceeds to address each reference individually and in isolation of other references to argue how the references do not disclose the subject matter. However, it is noted that one cannot show nonobviousness by attacking references individually where the rejections are based on combinations of references. See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986). Accordingly, the response here will focus on the teachings of Joshi for the partitioning functionality and Feuillebois for the based on the connecting functionality.
With regard to the automatically partitioning, Applicant does not address the rationale provided in the Office action in the arguments with regard to Joshi on pages 11-12. As addressed before, there is no detail of how the partitioning occurs, when the partitioning occurs, etc. In Joshi, the functions are separately provided for in separate layers, with no detail that of undue communications occurring between the layers that would render the intended use of “to prevent a potential security attack from accessing the edge node module” from occurring, where the security and encryption module would clearly be provided to provide security for the different components. Further, the amended term “automatically” fails to provide any level of detail of how such is performed, where simply having the computer perform the function would serve to be “automatically.” As a note, the prior art does not need to use the same terminology as presented in the instant claim, but would only need to reasonably convey that one of ordinary skill in the art would have arrived at the invention in as much detail as required by the instant claim. If Applicant intends for the partitioning to be performed in a specific manner, the claim should be amended to reflect this using specific language.
With regard to the connecting functionality, Feuillebois is addressed on pages 13-14 of Appliacnt’s arguments. Applicant broadly asserts that Feuillebois fails to determine that the aircraft is on the ground and that at least one engine is powered down to initiate a connection between the aircraft’s wireless interface and a centralized cloud-based service. It appears that Applicant is arguing that Feuillebois does not disclose the step in its entirety, including the centralized cloud based system. However, as above, one cannot show nonobviousness by attacking references individually where the rejections are based on combinations of references. See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986). Accordingly, the response here will focus on the teachings of Joshi for the partitioning functionality and Feuillebois for the based on the connecting functionality. In this case, Feuillebois only makes the connection when the engines are off and the aircraft is on the ground, while the connection is addressed in the combination of references.
Accordingly, as Applicant has not addressed the combination of references or provided details beyond stating that the claim language is not disclosed by cited text of each reference, the rejection of the instant claims has been maintained.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over US 11,377,229 (Li) in view of US 2019/0123959 (Joshi), US 2020/0120136 (Gadhe), US 2009/0234517 (Feuillebois), and US 2022/0245238 (Dasen).
With regard to claim 1, Li discloses a computer-implemented method for monitoring and modifying security modules for identifying cyber-security threats, the method comprising:
recording, by the one or more processors using the edge node module, aircraft data corresponding to the aircraft, the aircraft data including log data and associated information (Li: Column 4, lines 38-56 and Column 6, lines 41-45. Information may be received and then stored in a database. As the information is stored and reported (logged), such information would constitute log data, where the entity performing such functionality would be an “edge node module.” If Applicant intends for the log data to be received from a log (as opposed to being data to be logged/stored), the instant claim should be amended to specify such.);
sending, by the one or more processors, the aircraft data to the Centralized Service (Li: Column 4, lines 38-56).
Li fails to disclose, but Joshi teaches:
Automatically partitioning, by one or more processors, an edge node of an aircraft into an edge node module and a cyber-security module, the edge node module configured to perform an edge node functionality, the cyber-security module configured to monitor for one or more security threats (Joshi: Figure 5 and P. Lacking detail as to how the functions are partitioned, the providing of at least separate software functionalities for the different functions would constitute some partitioning. If Applicant intends for the partitioning to have specific requirements, the instant claim should be amended to reflect this. With regard to the term “automatically,” the layers are maintained by the computer system, where the separation of functions into the different portions does not appear to be performed manually.).
Accordingly, it would have been obvious to one of ordinary skill in the art at the time of filing to partition the different functions to simplify the maintenance and design of the system, where such partitioning would provide clear bounds for the functions, where a function would be able to be updated without impacting the other functions as long as the same input and outputs are maintained.
Li fails to teach, but Gadhe teaches:
connecting, by the one or more processors at least one wireless interface of the edge node of the aircraft to a Centralized Service hosted on a cloud platform; analyzing, by the Centralized Service, the aircraft data to identify at least one security threat, identifying, by the Centralized Service, at least one current cyber-security module to prevent against the at least one security threat, receiving, by the one or more processors, the at least one current cyber-security module identified by the Centralized Service; and automatically modifying, by the one or more processors, via the at least one wireless interface, the cyber-security module based on the received at least one current cyber-security module (Gadhe: Paragraphs [0050] and [0064]. The system can be updated over time, which when applied to Li, would provide some periodic updates to the system. This updating is performed by identifying cyber-security threats and learning about such threats such that updates can occur over time to address the newly identified threats.).
Accordingly, it would have been obvious to one of ordinary skill in the art to connect and download an updated cyber-security module to ensure that the system can learn about new threats (Gadhe: Paragraph [0050]).
Li fails to teach, but Feuillebois teaches:
determining, by the one or more processors, based on the aircraft data, that the aircraft has a ground location and that at least one engine of the aircraft is powered off on the ground location, and that the connecting is based on the determining and receiving of the current cyber-security module is based on the aircraft data (Feuillebois: Paragraph [0190]. Functions can be performed when the aircraft is on the ground with the engines off, with any subsequent receipt of information is based on the aircraft status (grounded with engines off).).
Accordingly, it would have been obvious to one of ordinary skill in the art at the time of filing to connect to the network after the aircraft is grounded and engines are off to avoid any disturbances that may be harmful to the operation of the aircraft (Feuillebois: Paragraph [0190]).
Li fails to teach, but Dasen teaches wherein aircraft data stored in the edge node module is isolated from the cyber-security module to prevent a potential security attack from accessing the edge node module (Dasen: Paragraph [0028]. Dasen teaches the isolation of different modules, where such would achieve the same intended use as in the instant claim to prevent a potential security attack from accessing the edge node module.). Accordingly, it would have been obvious to one of ordinary skill in the art at the time of filing to have the cyber-security module and edge node module isolated to provide a more secure system where attacks between components are prevented.
With regard to claim 2, Li fails to teach, but knowledge possessed by one of ordinary skill in the art at the time of filing teaches that the Centralized Service selects the at least one current cyber-security module in response to determining a health level of the cyber-security module based on the aircraft data (more specifically, Gadhe teaches the keeping of the security up-to-date, where Official Notice is taken that the use of some version or time information to determine if a file is up-to-date prior to performing an update was well-known in the art at the time of filing.). Accordingly, it would have been obvious to one of ordinary skill in the art at the time of filing to have the selecting being in response to determining the health (whether the module is up-to-date or not) to ensure that the security module is up-to-date without wasting resources downloading an updated security module when it is not needed.
With regard to claim 3, Li in view of knowledge possessed by one of ordinary skill in the art teaches that the health level indicates that the cyber-security module is out of date (See above for the rationale with regard to claim 2, where the health corresponds to if the file is up-to-date or not.).
With regard to claim 4, Li in view of Joshi teaches that the cyber-security module is isolated from the edge node module (Joshi: Figure 5. How the modules are isolated is not completely claimed, where the rejection is based on the use of separate software modules, which would thus be isolated from each other in some fashion.).
With regard to claim 5, Li fails to teach, but knowledge possessed by one of ordinary skill in the art at the time of filing teaches determining, by the one or more processors, that the modifying the cyber-security module failed; and reinstating, by the one or more processors, the cyber-security module to a state corresponding to the cyber-security module before the modifying (More specifically, Official Notice is taken that the monitoring of an update process and rolling-back in case of a failed update was well-known to one of ordinary skill in the art.). Accordingly, it would have been obvious to one of ordinary skill in the art at the time of filing to provide for the rolling-back of a failed update to ensure that an operational security module is provided, where without a roll-back feature, a failed update would either provide for no or limited security or would disable the entire system, both of which are worse than having an out-of-date security module.
With regard to claim 6, Li in view of Joshi teaches the edge node includes a device with at least one embedded module (Joshi: Figure 5. The device would at least be embedded with the software module.).
With regard to claim 7, Li in view of Joshi, Gadhe, and Feuillebois teaches that the teaches that the Centralized Service is configured to analyze the aircraft data to determine the at least one security threat (Gadhe: Paragraph [0064] and Abstract. The updates of Gadhe are to allow for the scanning of devices to identify threats.).
With regard to claim 8, Li in view of Gadhe teachest hat the at least one current cyber-security module corresponds to the at least one security threat (Gadhe: Paragraphs [0050] and [0064]).
With regard to claim 9, Li teaches that the aircraft data includes line-replaceable unit (LRU) data or line-replaceable module (LRM) data (Li: Column 3, lines 13-25).
With regard to claims 10-20, the instant claims are similar to claims 1-9, and are rejected for similar reasons.
Conclusion
Conclusion
THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SCOTT B CHRISTENSEN whose telephone number is (571)270-1144. The examiner can normally be reached Monday through Friday, 6AM to 2PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, John Follansbee can be reached at (571) 272-3964. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
SCOTT B. CHRISTENSEN
Examiner
Art Unit 2444
/SCOTT B CHRISTENSEN/Primary Examiner, Art Unit 2444