Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
This office action is in response to the communication filed on 5/12/2025.
Response to Amendment
Newly submitted claim 17-20 are directed to an invention that is independent or distinct from the invention originally claimed for the following reasons: The original claims are directed towards a system for determining security policy compliance based upon observing a particular power consumption profile/power signature of a compliant system, while the new claims determine compliance by comparing power consumption relative to a non-compliant CPU.
Since applicant has received an action on the merits for the originally presented invention, this invention has been constructively elected by original presentation for prosecution on the merits. Accordingly, claims 17-20 are withdrawn from consideration as being directed to a non-elected invention. See 37 CFR 1.142(b) and MPEP § 821.03.
To preserve a right to petition, the reply to this action must distinctly and specifically point out supposed errors in the restriction requirement. Otherwise, the election shall be treated as a final election without traverse. Traversal must be timely. Failure to timely traverse the requirement will result in the loss of right to petition under 37 CFR 1.144. If claims are subsequently added, applicant must indicate which of the subsequently added claims are readable upon the elected invention.
Should applicant traverse on the ground that the inventions are not patentably distinct, applicant should submit evidence or identify such evidence now of record showing the inventions to be obvious variants or clearly admit on the record that this is the case. In either instance, if the examiner finds one of the inventions unpatentable over the prior art, the evidence or admission may be used in a rejection under 35 U.S.C. 103 or pre-AIA 35 U.S.C. 103(a) of the other invention.
Response to Arguments
Applicant’s arguments have been considered and are not found persuasive.
The grounds of rejection has been changed as shown below.
As discussed during the interview held on 11/17/2025, the examiner believes that Grieco teaches both determination of compliance and determination of non-compliance. The fact that the system of Grieco allows the system to continue operation when non-compliance is not detected indicates that the system of Grieco considers this to be a determination of compliance. As such, the examiner does not find the applicants’ arguments persuasive.
For example, Grieco states in paragraph 0027 “a timer may be used to monitor observed power consumption within a particular phase of powering up a system, e.g., if an individual power profile specifies an increase in power consumption during the middle of a particular phase, the timer may be used to verify that the power increase did not occur during the beginning or end of the phase.” In other words, the timer is used to verify that the increase happened in the middle of the phase, which is a determination of compliance. Grieco determines that the increase occurs at the proper time, and if it does not it reacts accordingly.
This also shows that the applicants’ argument that Grieco considers increases in power consumption as indications of non-compliance is not entirely correct, as the system of Grieco does recognize increases in power consumption at the correct time are indications of compliance.
As such, the examiner has presented the rejections below in view of the teachings of Grieco.
All objections and rejections not set forth below have been withdrawn.
Claims 1-8, 11-14, 15 have been examined.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 1-8, 11-14 and 16 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Claims 1 and 13 recite “wherein a lack of compliance with the security policy does not comprise the power signature”. It is unclear, based upon the context of the remainder of the claim, how “a lack of compliance” can comprise or not comprise the power signature. Rather, as corresponds with the remainder of the claim, it is the power consumption profile of the CPU during a period of non-compliance that would not comprise the power signature. As such, the person having ordinary skill in the art would not be able to ascertain the scope of the claim language.
Claim 16 recites the acronym “CPU” which has not been defined in the claim.
All claims depending from any of the above rejected claims are also rejected by virtue of their dependence upon their respective rejected parent claim(s).
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.
Claims 1-3, 4, 11, 12, and 16 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Grieco et al. (US Patent Application Publication Number 2015/0113309) hereinafter referred to as Grieco.
Regarding claim 1, Grieco disclosed a method of determining whether a central processing unit is compliant with a security policy (Grieco Figs. 3A-3B and Paragraphs 0026-0032 for example), the method comprising:
obtaining first data indicative of a power consumption profile of the central processing unit for a first time period, the power consumption profile comprising a variation of power consumption with time (Grieco Paragraph 0027 for example); and
determining that the processing unit is compliant with the security policy during the first time period depending, at least in part, on the obtained first data (Grieco Paragraph 0027 for example),
wherein the central processing unit complying with the security policy gives rise to a power signature in the power consumption profile of the processing unit during a period of compliance (Grieco Paragraph 0027 for example), and [wherein the power consumption profile of the central processing unit during a period of non-compliance does not comprise the power signature] (Grieco Paragraph 0027 for example); and
wherein the power signature comprises:
a characteristic increased power consumption during the period of compliance of the central processing unit with the security policy (Grieco Paragraph 0027 for example);
a characteristic power spike or a plurality of characteristic power spikes during the period of compliance of the central processing unit with the security policy;
a characteristic reduced power consumption for at least one processing core of the central processing unit during the period of compliance of the central processing unit with the security policy; or
any combination thereof.
Regarding claim 2, Grieco disclosed that determining whether the central processing unit is compliant with the security policy depending, at least in part, on the obtained first data comprises determining, depending at least in part on the obtained first data, whether the power consumption profile comprises the power signature (Grieco Paragraph 0027 for example).
Regarding claim 3, Grieco disclosed that the central processing unit is operable in each of a plurality of modes, each of said modes having a corresponding privilege level giving the central processing unit respective selected access rights to system resources in that mode (Grieco Paragraphs 0021-0025 for example).
Regarding claim 4, Grieco disclosed that the central processing unit being compliant with the security policy comprises the processing unit transitioning between a lower privilege mode and a greater privilege mode (Grieco Paragraphs 0021-0025 for example).
Regarding claim 11, Grieco disclosed that the plurality of modes comprises a secure mode or a plurality of secure modes, and wherein the security policy comprises invoking the secure mode or the plurality of secure modes (Grieco 0031 for example – powering down one or more components).
Regarding claim 12, Grieco disclosed that the power signature comprises any of: a characteristic increased power consumption during a period of compliance of the central processing unit with the security policy; a characteristic reduced power consumption for at least one processing core of the central processing unit during a period of compliance of the central processing unit with the security policy; a characteristic power spike or a plurality of characteristic power spikes during a period of compliance of the central processing unit with the security policy, said power spike or spikes corresponding to invoking the secure mode or the plurality of secure modes (Grieco Figs. 3A-3B and Paragraphs 0026-0032 for example).
Regarding claim 16, Grieco disclosed that the power consumption profile is a first power consumption profile and further comprising modelling an expected power consumption profile of the CPU during a period of compliance with the security policy to determine a power signature within the first power consumption profile (Grieco Fig. 7 and Paragraphs 0043-0049 for example).
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 13-14 are rejected under 35 U.S.C. 103 as being unpatentable over Grieco.
Regarding claims 13 and 14, see the rejection of claim 1 above. However, Grieco did not explicitly teach that the central processing unit (CPU) included a plurality of cores. However, it was well known in the art of computer processors for central processing units to have a plurality of cores. As such, it would have been obvious to the person having ordinary skill in the art before the effective filing date of the invention to have utilized a CPU with multiple cores. This would have been obvious because the person having ordinary skill would have been motivated to boost performance and efficiency of the processor.
Claims 5-8 are rejected under 35 U.S.C. 103 as being unpatentable over Masuoka et al. (US Patent Application Publication Number 2009/0172781) hereinafter referred to as Masuoka, and further in view of Grieco as applied to claims 1 and 3 above.
Regarding claim 5, Masuoka taught a security policy comprises executing, by the central processing unit, at least one operating system in a virtual machine, including verifying the processing unit prior to allowing launching of the virtual machine (Masuoka Paragraphs 0006 and 0044 for example). Masuoka did not teach that the verification included the claimed power consumption profiling.
As shown above, Grieco taught that devices can be verified as trusted based upon power consumption analysis of the CPU (Grieco Paragraphs 0013 and 0027 for example).
It would have been obvious to the person having ordinary skill in the art before the effective filing date of the invention to have employed the teachings of Grieco in the system of Masuoka by measuring and profiling the power consumption of the CPU of the monitored devices. This would have been obvious because the person having ordinary skill in the art would have been motivated to detect and flag illicit or rogue CPUs within the devices.
Regarding claim 6, Masuoka and Grieco taught that the virtual machine is implemented utilising a hypervisor (Masuoka Paragraph 0042 for example).
Regarding claim 7, Masuoka and Grieco taught that the power signature comprises a characteristic increased power consumption during a period of compliance of the central processing unit with the security policy (Grieco Paragraph 0027 for example).
It would have been obvious to the person having ordinary skill in the art before the effective filing date of the invention to have employed the teachings of Grieco in the security system of Masuoka by measuring and profiling the power consumption of the CPU of the monitored devices. This would have been obvious because the person having ordinary skill in the art would have been motivated to detect and flag illicit or rogue CPUs within the devices.
Regarding claim 8, Masuoka Grieco taught that the plurality of modes comprises a first virtualization mode and a second privilege mode, the first virtualization mode having a greater privilege level than the second privilege mode, and wherein the security policy comprises utilising the first virtualization mode to execute, by the central processing unit, an operating system in a virtual machine utilising a hypervisor (Masuoka Paragraphs 0042-0044 and Grieco Figs. 3A-3B and Paragraphs 0026-0032 for example).
It would have been obvious to the person having ordinary skill in the art before the effective filing date of the invention to have employed the teachings of Grieco in the system of Masuoka by utilizing the power consumption analysis to verify the trustworthiness of the host devices before allowing them to launch the dedicated virtual machine. This would have been obvious because the person having ordinary skill in the art would have been motivated to detect and flag illicit or rogue CPUs within the devices.
Conclusion
Claims 1-8, 11-14 and 16 have been rejected while claims 17-20 have been withdrawn.
US 2021/0018971 taught determining compliance with power limits based on unit specific power profiles which may include profiles for processing cores, multi-core processors, GPUs, and IPUs.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MATTHEW T HENNING whose telephone number is (571)272-3790. The examiner can normally be reached Monday-Friday 9AM-3PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, William Korzuch can be reached at (571)272-7589. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/MATTHEW T HENNING/ Primary Examiner, Art Unit 2491