SECURITY ASSESSMENT APPARATUS AND METHOD FOR PROCESSOR

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Continued Examination Under 37 CFR 1.114 A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on December 31, 2025 has been entered. Response to arguments Claims 1, 9 and 16 have been amended. No claim has been added or cancelled. Therefore, claims 1-19 are pending. Claims 1- 19 are rejected under over over CONTI EP 1843250 A1 in view of in view of BOEHM, CN 114830084 in further view of Koeberl, US pat. No 20150032996 in further view of Lee, US 20100281273 A1 in further view of Villatel, WO 2021080601. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1, 2, 7, 9, 14 are rejected under 35 U.S.C 103 as being unpatentable over CONTI EP 1843250 A1 (IDS Submitted, 05/13/2024) in view of BOEHM, CN 114830084 A in further view of Lee, US 20100281273 A1. 1. CONTI discloses a security assessment apparatus, (See CONTI, [0005]; systems and methods for checking the integrity of executing computer code.) comprising: a processor, configured to run instructions in a memory; (See CONTI, [0012]; the core 110 may be any processor suitable for integration into a system on a chip (SoC), such as the ARM 1136 series of processors) the processor tracker, (See CONTI, [0016]; the system 100 also includes software integrity checking ("SIC") logic 200 coupled to the MPU 104 and the DMA controller 122 by way of the L3 interconnect 116.) configured to obtain first address information of a first instruction in the instructions in the memory, (See CONTI, [0033]; the address LFSR 210 also receives physical instruction addresses from the instruction bus 242. The ETM LFSR 212 receives execution state signals from the ETM 240 after each instruction fetched from these physical locations is executed. In some embodiments, the address LFSR 210 and the ETM LFSR 212 are LFSRs in a Galois configuration. The address LFSR 210 and the ETM LFSR 212 each generate signatures representative of the physical instruction address sequence (i.e., address fetch signatures) and the execution states resulting from the execution of the instructions in the sequence (i.e., execution state signatures), respectively, for the currently executing software. At each clock cycle, the outputs of the LFSRs 210, 212 are written to shadow buffers (not specifically shown) ) and to store the first address information in the first storage area; (See CONTI, [0029] and [0048]; the SIC logic 200 also uses secure channels of DMA 122 to store model address fetch and execution state signatures in secure memory (e.g., secure RAM 118) when in record mode, and to read the model signatures from secure RAM 118 when in play mode. If the SIC logic 200 is in record mode, the signature handling logic 406 causes the contents of the address signature and ETM signature shadow buffers to be provided to the address signature record router logic 428 and the ETM signature record router logic 430, respectively. The signature handling logic 406 also signals the DMA request generation logic 218 to write the contents of the address signature output buffers 422 and the ETM signature output buffers 426 to memory. ) and a security protection system, configured to obtain the first address information from the first storage area, and to assess security of the first instruction based on the first address information. (See CONTI, [0049]; If the SIC logic 200 is in play mode, the signature handling logic 406 signals the address signature comparison logic 414 and the ETM signal comparison logic 416 to compare the signatures generated by the address LFSR 210 and the ETM LFSR 212 to the model signatures in the signature input buffers 420, 424. The address signature comparison logic 414 and the ETM signature comparison logic 416 compare signatures generated by the address LFSR 210 and the ETM LFSR 212, respectively, to pre-computed model signatures in the signature input buffers 220, 224. If the address signature comparison logic 414 determines that the address fetch signature generated by the address LFSR 210 does not match any of the model address fetch signatures in the address signature input buffers 420, it send a security violation notification to the violation generation logic 208.) CONTI does not explicitly disclose an access controller, configured to provide access authentication to enable a processor tracker to access a first storage area in the memory, wherein the access controller prohibits the processor from accessing the first storage area. However, BOEHM discloses an access controller, configured to provide access authentication to enable a processor tracker to access a first storage area in the memory, wherein the access controller prohibits the processor from accessing the first storage area. (See BOEHM, Section Description: FIG. 2 shows a first embodiment of the proposed SoC without ROM. The SoC 100 includes a processor 10, a non-volatile memory 11, a connection 12 configured to connect the processor 10 and at least a non-volatile memory 11, and a monitoring component 13. The processor 10 is configured to receive a reset signal SR, and to perform at least one read access to the non-volatile memory 11 through the connection 12. The monitoring component 13 is configured to monitor the connection 12 between the processor 10 and the non-volatile memory 11. In detail, when the first read access of the processor 10 to the non-volatile memory 11, the monitoring component 13 is configured to detect whether the data value returned by the first read access of the connection 12 is in accordance with the preset value. If the returned data value is different from the preset value, the monitoring component 13 is configured to stop the operation of the processor 10....After receiving the reset signal from the outside of the SoC, the processor performs the first read access to the non-volatile memory by using the connection. monitoring component monitors the connection, and detecting the first read access. After it checks whether the data value returned by the first access is matched with the preset value. if it determines that the returned value is different from the preset value, the monitoring component stops the processor operation.) CONTI and BOEHM are analogous art because they are from the same field of endeavor which is access control. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of CONTI with the teaching of BOEHM to include the monitoring component because it would have allowed to detect unauthorized access. The combination of CONTI and BOEHM does not appear to explicitly disclose wherein the security protection system comprises one of: a second processor executing instructions to create the security protection system; a hash acceleration engine generated by either the processor or the second processor; a security assessment module generated by either the processor or the second processor; or wherein the second processor is a part of a system on a chip or is a separate processor; and wherein the processor obtains the first address information stored in the first storage area and executes instruction associated with the first address information based on the security assessment. However, Lee discloses wherein the security protection system comprises one of: a second processor executing instructions to create the security protection system; a hash acceleration engine generated by either the processor or the second processor; a security assessment module generated by either the processor or the second processor; or wherein the second processor is a part of a system on a chip or is a separate processor; (See Lee, [0039]; an unprotected hypervisor starts executing on the processor, until in step 50, the secure_launch instruction of the present invention is executed to create a secure volatile memory area for the execution of the hypervisor, and to determine whether the hypervisor loaded into main memory should be given access to the secure disk area currently protected by the processor chip 18. See [0016]; and a hypervisor program executed by the processor, the hypervisor program instructing the processor to execute the at least one on-chip instruction to create a secure memory area for a software module, the processor encrypting data written to, and decrypting data read from, the external memory using the at least one encryption key and the verifying data read from the external memory using the at least one hash value. ) and wherein the processor obtains the first address information stored in the first storage area and executes instruction associated with the first address information based on the security assessment. (See Lee, [0040-0044]; in step 56, the hash is stored in an on-chip register of the processor of the present invention, the "hypervisor hash" register. In step 58, the value stored in the hypervisor hash register is compared to a second hash value stored in another register of the processor referred to as the "secure_storage_hash" register. This register stores a hash value which corresponds to the identity of a hypervisor that created the secure storage area currently protected by the processor chip. By making this comparison, the present invention can determine whether a given hypervisor loaded into main memory should be given access to the said secure storage area. If a positive determination is made in step 58, step 60 occurs, wherein the hypervisor is given access to the two processor registers (discussed below in greater detail) containing the cryptographic hash and cryptographic encryption key protecting the hypervisor's secure storage area on disk, thereby unlocking this area for the hypervisor. In step 82, the hypervisor computes a module identity value. [0043] In block 83, the present invention also uses on-chip (CPU) cryptography engines to encrypt information for software modules and/or hypervisors that have requested (by way of the secure_launch hypercall or instruction) secure memory areas in which to execute. The functionality of these engines is now described in connection with steps 84-88. [0044] It is noted that, if an untrusted loader skips secure_launch or loads a corrupted hypervisor, the hypervisor_hash value will be different, or will not get computed at all. In such circumstances, the hypervisor's secure storage area then remains locked, since it is tied to the good hypervisor_hash value. This ensures that no other software can read or modify the information in the hypervisor's secure storage. Additionally, it is noted that information provided to the processor of the present invention is first decrypted if a corresponding cache line is marked as "secure," and the branch of the memory integrity tree is validated to check that what is retrieved from memory is exactly what was legitimately written.) CONTI, BOEHM and Lee are analogous art because they are from the same field of endeavor which is access control. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of CONTI and BOEHM with the teaching of Lee to include the hash value because it would have allowed the verifying data read from the external memory using the at least one hash value. (See Lee, [0016]) 2. The combination of CONTI, BOEHM and Lee discloses the apparatus according to claim 1, wherein the security protection system, the processor, the processor tracker, and the access controller are located in a system on chip (SoC). (See CONTI, [0012]; the core 110 may be any processor suitable for integration into a system on a chip (SoC)) 7. The combination of CONTI, BOEHM and Lee discloses the apparatus according to claim 1, wherein the memory further comprises a second storage area configured to store image information of the processor, and the image information comprises the instructions; (See CONTI, [0029]; The SIC 200 has two operating modes, play and record. The SIC logic 200 uses instruction addresses received from the instruction bus 242 and state signals received from the ETM port 240 to compute address fetch and execution state signatures, respectively, in both operating modes. The SIC logic 200 also uses secure channels of DMA 122 to store model address fetch and execution state signatures in secure memory (e.g., secure RAM 118) when in record mode, and to read the model signatures from secure RAM 118 when in play mode.) and the security protection system is further configured to obtain the image information from the second storage area, and assess integrity of the image information. (See CONTI, [0016]) 9. As to claim 9, the claim is rejected under the same rationale as claim 1. See the rejection of claim 1 above. 14. As to claim 14, the claim is rejected under the same rationale as claim 7. See the rejection of claim 7 above. Claims 3-4, 10-11 are rejected under 35 U.S.C 103 as being unpatentable over CONTI EP 1843250 A1 (IDS Submitted, 05/13/2024) in view of BOEHM, CN 114830084 in further view of Lee, US 20100281273 A1 in further view of Koeberl, US pat. No 20150032996 (IDS Submitted, 05/13/2024) 3. The combination of CONTI, BOEHM, Lee and Villatel does not appear to explicitly disclose the apparatus according to claim 1, wherein the security protection system is further configured to: when the first address information falls within a valid address range, determine that the first instruction is secure; or when the first address information falls outside the valid address range, determine that the first instruction is insecure. However, Koeberl discloses wherein the security protection system is further configured to: when the first address information falls within a valid address range, determine that the first instruction is secure; or when the first address information falls outside the valid address range, determine that the first instruction is insecure. (See Koeberl, [0049]) CONTI, BOEHM, Lee and Koeberl are analogous art because they are from the same field of endeavor which is access control. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of CONTI, BOEHM, Lee and Villatel with the teaching of Koeberl to include the secure memory range because it would have allowed to determine whether data has been tampered with. 4. The combination of CONTI, BOEHM, Lee and Koeberl discloses the apparatus according to claim 1, wherein the security protection system is further configured to: when the first address information falls within a valid address range, and the first instruction is consistent with a second instruction within the valid address range, determine that the first instruction is secure; or when the first address information falls outside the valid address range, or the first instruction is inconsistent with a second instruction within the valid address range, determine that the first instruction is insecure. (See Koeberl, [0049]) CONTI, BOEHM and Koeberl, Lee are analogous art because they are from the same field of endeavor which is access control. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of CONTI, BOEHM and Lee with the teaching of Koeberl to include the secure memory range because it would have allowed to determine whether data has been tampered with. 10. The combination of CONTI, BOEHM and Lee does not appear to explicitly disclose the method according to claim 9, wherein the assessing security of the first instruction based on the first address information comprises: when the first address information falls within a valid address range, determining that the first instruction is secure; or when the first address information falls outside the valid address range, determining that the first instruction is insecure. However, Koeberl discloses wherein the assessing security of the first instruction based on the first address information comprises: when the first address information falls within a valid address range, determining that the first instruction is secure; or when the first address information falls outside the valid address range, determining that the first instruction is insecure. (See Koeberl, [0049]) CONTI, BOEHM, Lee and Koeberl are analogous art because they are from the same field of endeavor which is access control. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of CONTI, BOEHM and Lee with the teaching of Koeberl to include the secure memory range because it would have allowed to determine whether data has been tampered with. 11. The combination of CONTI, BOEHM, Lee and Koeberl discloses the method according to claim 9, wherein the assessing security of the first instruction based on the first address information comprises: when the first address information falls within a valid address range, and the first instruction is consistent with a second instruction within the valid address range, determining that the first instruction is secure; or when the first address information falls outside the valid address range, or the first instruction is inconsistent with a second instruction within the valid address range, determining that the first instruction is insecure. (See Koeberl, [0049]) CONTI, BOEHM, Lee and Koeberl are analogous art because they are from the same field of endeavor which is access control. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of CONTI, BOEHM and Lee with the teaching of Koeberl to include the secure memory range because it would have allowed to determine whether data has been tampered with. Claims 5-6, 12-13 are rejected under 35 U.S.C 103 as being unpatentable over CONTI EP 1843250 A1 (IDS Submitted, 05/13/2024) in view of BOEHM, CN 114830084 in further view of Lee, US 20100281273 A1 in further view of LeMay, US pat. No 20190050566 (IDS Submitted, 05/13/2024). 5. The combination of CONTI, BOEHM and Lee discloses the apparatus according to claim 1, and the processor tracker is further configured to store the first address information in the first storage area based on the triggering of the monitoring thread; (See CONTI, [0029] and [0048]; the SIC logic 200 also uses secure channels of DMA 122 to store model address fetch and execution state signatures in secure memory (e.g., secure RAM 118) when in record mode, and to read the model signatures from secure RAM 118 when in play mode. If the SIC logic 200 is in record mode, the signature handling logic 406 causes the contents of the address signature and ETM signature shadow buffers to be provided to the address signature record router logic 428 and the ETM signature record router logic 430, respectively. The signature handling logic 406 also signals the DMA request generation logic 218 to write the contents of the address signature output buffers 422 and the ETM signature output buffers 426 to memory.) The combination of CONTI, BOEHM and Lee does not appear to explicitly disclose wherein the first instruction comprises an instruction of a monitoring thread; the security protection system is further configured to send interrupt information to the processor, wherein the interrupt information indicates the processor to start the monitoring thread; the processor is further configured to: when receiving the interrupt information, start the instruction of the monitoring thread, and trigger the processor tracker by using the monitoring thread; However, LeMay discloses wherein the first instruction comprises an instruction of a monitoring thread; the security protection system is further configured to send interrupt information to the processor, wherein the interrupt information indicates the processor to start the monitoring thread; (See LeMay, [0030]) the processor is further configured to: when receiving the interrupt information, start the instruction of the monitoring thread, and trigger the processor tracker by using the monitoring thread; (See LeMay, [0030]; ) CONTI, BOEHM, Lee and LeMay are analogous art because they are from the same field of endeavor which is access control. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of CONTI, BOEHM and Lee with the teaching of LeMay to include the interrupt/thread because it would have allowed to synchronize monitoring with malicious action. 6. The combination of CONTI, BOEHM, Lee and LeMAY the apparatus according to claim 5, wherein the processor is further configured to: perform a security check on running status information of the processor by using the monitoring thread, to obtain a check result, (See CONTI, [0049]; If the SIC logic 200 is in play mode, the signature handling logic 406 signals the address signature comparison logic 414 and the ETM signal comparison logic 416 to compare the signatures generated by the address LFSR 210 and the ETM LFSR 212 to the model signatures in the signature input buffers 420, 424. The address signature comparison logic 414 and the ETM signature comparison logic 416 compare signatures generated by the address LFSR 210 and the ETM LFSR 212, respectively, to pre-computed model signatures in the signature input buffers 220, 224. If the address signature comparison logic 414 determines that the address fetch signature generated by the address LFSR 210 does not match any of the model address fetch signatures in the address signature input buffers 420, it send a security violation notification to the violation generation logic 208.) and send the check result to the security protection system. (See LeMay, [0031]) CONTI, BOEHM, Lee and LeMay are analogous art because they are from the same field of endeavor which is access control. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of CONTI, BOEHM and Lee with the teaching of LeMay to include the interrupt/thread because it would have allowed to synchronize monitoring with malicious action. 12. As to claim 12, the claim is rejected under the same rationale as claim 5. See the rejection of claim 5 above. 13. As to claim 13, the claim is rejected under the same rationale as claim 6. See the rejection of claim 6 above. Claims 8 and 15 are rejected under 35 U.S.C 103 as being unpatentable over CONTI EP 1843250 A1 (IDS Submitted, 05/13/2024) in view of BOEHM, CN 114830084 A in further view of Lee, US 20100281273 A1 in further view of Villatel, WO 2021080601. 8. The combination of CONTI, BOEHM and Lee does not appear to explicitly disclose the apparatus according to claim 7, wherein the security protection system is further configured to: perform a hash operation on the image information to obtain a hash value; compare the hash value with a preset hash value; and when the hash value is consistent with the preset hash value, determine that the image information is complete; or when the hash value is inconsistent with the preset hash value, determine that the image information is incomplete. However, Villatel discloses wherein the security protection system is further configured to: perform a hash operation on the image information to obtain a hash value; (See Villatel, [022]; For example, such a hash may be generated according to the SFIA-256 hash protocol.) compare the hash value with a preset hash value; (See Villatel, [011]; the monitoring is performed by taking a hash of the content at the identified locations and comparing it with a hash taken at an earlier time, such as at boot time, when the system is assumed not to be compromised. ) and when the hash value is consistent with the preset hash value, determine that the image information is complete; or when the hash value is inconsistent with the preset hash value, determine that the image information is incomplete. (See Villatel, [029-031]) CONTI, BOEHM, Lee and Villatel are analogous art because they are from the same field of endeavor which is access control. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of CONTI, BOEHM and Lee with the teaching of Villatel to include the hash comparison because it would have allowed to determine whether data has been tampered with. 15. As to claim 15, the claim is rejected under the same rationale as claim 8. See the rejection of claim 8 above. Claims 16-19 are rejected under 35 U.S.C 103 as being unpatentable over CONTI EP 1843250 A1 (IDS Submitted, 05/13/2024) in view of in view of BOEHM, CN 114830084 in further view of Lee, US 20100281273 A1 in further view of Koeberl, US pat. No 20150032996 (IDS Submitted, 05/13/2024) in further view of Lee, US 20100281273 A1. 16. CONTI discloses a computer readable media (CRM) for storing non-transitory computer instructions that, (See CONTI, [0005]; systems and methods for checking the integrity of executing computer code.) when executed by at least one processor of a device, (See CONTI, [0012]; the core 110 may be any processor suitable for integration into a system on a chip (SoC), such as the ARM 1136 series of processors) cause a device to perform the steps of: obtaining, by the processor tracker, first address information of a first instruction in the instructions in the memory, (See CONTI, [0033]; the address LFSR 210 also receives physical instruction addresses from the instruction bus 242. The ETM LFSR 212 receives execution state signals from the ETM 240 after each instruction fetched from these physical locations is executed. In some embodiments, the address LFSR 210 and the ETM LFSR 212 are LFSRs in a Galois configuration. The address LFSR 210 and the ETM LFSR 212 each generate signatures representative of the physical instruction address sequence (i.e., address fetch signatures) and the execution states resulting from the execution of the instructions in the sequence (i.e., execution state signatures), respectively, for the currently executing software. At each clock cycle, the outputs of the LFSRs 210, 212 are written to shadow buffers (not specifically shown) ) and storing the first address information in the first storage area; (See CONTI, [0029] and [0048]; the SIC logic 200 also uses secure channels of DMA 122 to store model address fetch and execution state signatures in secure memory (e.g., secure RAM 118) when in record mode, and to read the model signatures from secure RAM 118 when in play mode. If the SIC logic 200 is in record mode, the signature handling logic 406 causes the contents of the address signature and ETM signature shadow buffers to be provided to the address signature record router logic 428 and the ETM signature record router logic 430, respectively. The signature handling logic 406 also signals the DMA request generation logic 218 to write the contents of the address signature output buffers 422 and the ETM signature output buffers 426 to memory.) obtaining, by a security protection system, the first address information from the first storage area, and assessing security of the first instruction based on the first address information. (See CONTI, [0049]; If the SIC logic 200 is in play mode, the signature handling logic 406 signals the address signature comparison logic 414 and the ETM signal comparison logic 416 to compare the signatures generated by the address LFSR 210 and the ETM LFSR 212 to the model signatures in the signature input buffers 420, 424. The address signature comparison logic 414 and the ETM signature comparison logic 416 compare signatures generated by the address LFSR 210 and the ETM LFSR 212, respectively, to pre-computed model signatures in the signature input buffers 220, 224. If the address signature comparison logic 414 determines that the address fetch signature generated by the address LFSR 210 does not match any of the model address fetch signatures in the address signature input buffers 420, it send a security violation notification to the violation generation logic 208.) CONTI does not explicitly disclose an access controller providing access authentication to enable a processor tracker to access a first storage area in the memory and prohibiting the processor from accessing the first storage area; However, BOEHM discloses an access controller providing access authentication to enable a processor tracker to access a first storage area in the memory and prohibiting the processor from accessing the first storage area; (See BOEHM, Section Description: FIG. 2 shows a first embodiment of the proposed SoC without ROM. The SoC 100 includes a processor 10, a non-volatile memory 11, a connection 12 configured to connect the processor 10 and at least a non-volatile memory 11, and a monitoring component 13. The processor 10 is configured to receive a reset signal SR, and to perform at least one read access to the non-volatile memory 11 through the connection 12. The monitoring component 13 is configured to monitor the connection 12 between the processor 10 and the non-volatile memory 11. In detail, when the first read access of the processor 10 to the non-volatile memory 11, the monitoring component 13 is configured to detect whether the data value returned by the first read access of the connection 12 is in accordance with the preset value. If the returned data value is different from the preset value, the monitoring component 13 is configured to stop the operation of the processor 10....After receiving the reset signal from the outside of the SoC, the processor performs the first read access to the non-volatile memory by using the connection. monitoring component monitors the connection, and detecting the first read access. After it checks whether the data value returned by the first access is matched with the preset value. if it determines that the returned value is different from the preset value, the monitoring component stops the processor operation.) CONTI and BOEHM are analogous art because they are from the same field of endeavor which is access control. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of CONTI with the teaching of BOEHM to include the monitoring component because it would have allowed to detect unauthorized access. The combination of CONTI and BOEHM does not appear to explicitly disclose and wherein: when the first address information falls within a valid address range, determining that the first instruction is secure; or when the first address information falls outside the valid address range, determining that the first instruction is insecure. However, Koeberl discloses and wherein: when the first address information falls within a valid address range, determining that the first instruction is secure; or when the first address information falls outside the valid address range, determining that the first instruction is insecure. (See Koeberl, [0049]) CONTI, BOEHM and Koeberl are analogous art because they are from the same field of endeavor which is access control. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of CONTI and BOEHM with the teaching of Koeberl to include the secure memory range because it would have allowed to determine whether data has been tampered with. The combination of CONTI, BOEHM and Koeberl does not appear to explicitly disclose and the processor obtaining the first address information stored in the first storage area and executes instruction associated with the first address information based on the security assessment. However, Lee discloses and the processor obtaining the first address information stored in the first storage area and executes instruction associated with the first address information based on the security assessment. (See Lee, [0040-0044]; in step 56, the hash is stored in an on-chip register of the processor of the present invention, the "hypervisor hash" register. In step 58, the value stored in the hypervisor hash register is compared to a second hash value stored in another register of the processor referred to as the "secure_storage_hash" register. This register stores a hash value which corresponds to the identity of a hypervisor that created the secure storage area currently protected by the processor chip. By making this comparison, the present invention can determine whether a given hypervisor loaded into main memory should be given access to the said secure storage area. If a positive determination is made in step 58, step 60 occurs, wherein the hypervisor is given access to the two processor registers (discussed below in greater detail) containing the cryptographic hash and cryptographic encryption key protecting the hypervisor's secure storage area on disk, thereby unlocking this area for the hypervisor. In step 82, the hypervisor computes a module identity value. [0043] In block 83, the present invention also uses on-chip (CPU) cryptography engines to encrypt information for software modules and/or hypervisors that have requested (by way of the secure_launch hypercall or instruction) secure memory areas in which to execute. The functionality of these engines is now described in connection with steps 84-88. [0044] It is noted that, if an untrusted loader skips secure_launch or loads a corrupted hypervisor, the hypervisor_hash value will be different, or will not get computed at all. In such circumstances, the hypervisor's secure storage area then remains locked, since it is tied to the good hypervisor_hash value. This ensures that no other software can read or modify the information in the hypervisor's secure storage. Additionally, it is noted that information provided to the processor of the present invention is first decrypted if a corresponding cache line is marked as "secure," and the branch of the memory integrity tree is validated to check that what is retrieved from memory is exactly what was legitimately written.) CONTI, BOEHM, Koeberl and Lee are analogous art because they are from the same field of endeavor which is access control. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of CONTI, BOEHM and Koeberl with the teaching of Lee to include the hash value because it would have allowed the verifying data read from the external memory using the at least one hash value. (See Lee, [0016]) 17. the combination of CONTI, BOEHM, Koeberl and Lee discloses the CRM according to claim 16, wherein the assessing security of the first instruction based on the first address information comprises: when the first address information falls within a valid address range, and the first instruction is consistent with a second instruction within the valid address range, determining that the first instruction is secure; (See Koeberl, [0049]) or when the first address information falls outside the valid address range, or the first instruction is inconsistent with a second instruction within the valid address range, determining that the first instruction is insecure. (See Koeberl, [0049]) CONTI, BOEHM, Koeberl and Lee are analogous art because they are from the same field of endeavor which is access control. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of CONTI, BOEHM and Lee with the teaching of Koeberl to include the secure memory range because it would have allowed to determine whether data has been tampered with. 19. The combination of CONTI, BOEHM, Koeberl and Lee discloses the CRM according to claim 16 wherein the instructions cause the device to generate processor tracker as a logical device that operate within the device. (See CONTI, [0034]. See also BOEHM Description section: monitor component) CONTI, BOEHM, Koeberl and Lee are analogous art because they are from the same field of endeavor which is access control. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of CONTI, BOEHM and Lee with the teaching of Koeberl to include the secure memory range because it would have allowed to determine whether data has been tampered with. Claim 18 is rejected under 35 U.S.C 103 as being unpatentable over CONTI EP 1843250 A1 (IDS Submitted, 05/13/2024) in view of in view of BOEHM, CN 114830084 in further view of Koeberl, US pat. No 20150032996 (IDS Submitted, 05/13/2024) in further view of Lee, US 20100281273 A1 in further view of Villatel, WO 2021080601. 18. The combination of CONTI, BOEHM, Koeberl and Lee does not appear to explicitly disclose the CRM according to claim 16, wherein the assessing, by the security protection system, integrity of the image information comprises: performing a hash operation on the image information to obtain a hash value; comparing the hash value with a preset hash value; and when the hash value is consistent with the preset hash value, determining that the image information is complete; or when the hash value is inconsistent with the preset hash value, determining that the image information is incomplete. However, Villatel discloses wherein the assessing, by the security protection system, integrity of the image information comprises: performing a hash operation on the image information to obtain a hash value; (See Villatel, [022]; For example, such a hash may be generated according to the SFIA-256 hash protocol.) comparing the hash value with a preset hash value; (See Villatel, [011]; the monitoring is performed by taking a hash of the content at the identified locations and comparing it with a hash taken at an earlier time, such as at boot time, when the system is assumed not to be compromised. ) and when the hash value is consistent with the preset hash value, determining that the image information is complete; or when the hash value is inconsistent with the preset hash value, determining that the image information is incomplete. (See Villatel, [029-031]) CONTI, BOEHM, Koeberl, Lee and Villatel are analogous art because they are from the same field of endeavor which is access control. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of CONTI, BOEHM, Koeberl and Lee with the teaching of Villatel to include the hash comparison because it would have allowed to determine whether data has been tampered with. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Bhattacharyya, Binata, US20170063532, title “ Efficient sharing of hardware encryption pipeline for multiple security solutions.” Any inquiry concerning this communication or earlier communications from the examiner should be directed to JOSNEL JEUDY whose telephone number is (571)270-7476. The examiner can normally be reached M-F 10:00-8:00. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Arani T Taghi can be reached on (571)272-3787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. Date: 03/16/2026 /JOSNEL JEUDY/ Primary Examiner, Art Unit 2438