DETAILED ACTION
Response to Amendment
1. This written action is responding to the amendment dated on 10/02/2025.
2. The present application, filed on or after March 16, 2013, is being examined under
the first inventor to file provisions of the AIA .
3. Claims 1, 4, 11, 13, 17 and 20 are amended.
4. Claims 1-20 are submitted for examination.
5. Claims 1-20 are rejected.
6. The Examiner would like to point out that this action is made final (See MPEP
706.07a).
7.
Applicant’s Argument:
On pages 8-11 of the Remarks/Arguments, Applicant argues that Rosenstein does not teach or suggest:
1. "receiving encrypted telemetry data of the workload-specific device, the telemetry data comprising operational metrics of the workload-specific device," and
2. "determining updated configuration data for the workload-specific device based on the decrypted telemetry data, the updated configuration data comprising configuration parameters of the workload-specific device,"
Response to Argument: Examiner respectfully disagrees with Applicant’s arguments
Because:
1. Rosenstein substantially teaches retraining data is encrypted by the edge computing device using the shared secret key, and then the encrypted retraining data is sent to a remote computing device, wherein the remote computing device decrypts the retraining data and train an AI model to produce a trained AI model, wherein the trained AI model encrypted and deployed at an accelerator on SoM device (i.e. specific device) [0040-0041], fig. 3A-3B, wherein the hardware accelerator may securely perform artificial intelligence tasks on data collected from the remote sensors [0074], wherein the data collected by sensors comprise a plurality of images and audio data [0019] and wherein the communication between the parties is performed via internet (i.e. communication via internet means data always will be sent and received by specific devices based on IP address) [0016]).
2. Rosenstein substantially teaches after decrypting the retraining data, they will produced as artificial intelligence model and then they will be deployed on a hardware accelerator on the SoM device [0040-0041], and fig. 3A, wherein the hardware accelerator utilizes the artificial intelligence model to collect sensor data from the one or more sensors and perform artificial intelligence or machine learning analysis on the sensor data, and extracting features in the sensor data [0021] and [0039]. After importing the trained AI models on IoT hub, the IoT may perform a plurality of configuration on the edge device [0078]. Thus, Rosenstein teaches the above limitations.
8.
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.
Claims 1-2, 4-7, 9-12, 14, and 17-18 are rejected under 35 U.S.C. 102(a)(1) as being unpatentable over Rosenstein et al. US 2022/0060455 (hereinafter Rosenstein).
Regarding claim 1 Rosenstein teaches a system, comprising: a first memory; and one or more first processing devices, coupled to the first memory, configured to perform operations comprising:
causing, using an encrypted application programming interface (API) call, a shared secret to be provided to a workload-specific device in a cloud computing environment (Rosenstein teaches a shared secret key may be shared between the SoM device and the cloud server [0024] and fig. 1, wherein communication between the edge computing device and the cloud server is performed over a communication interface, which may be a network adapter, such as a USB-ethernet/Wi-Fi adapter. Other network adapters are also possible [0025]);
receiving encrypted telemetry data of the workload-specific device, the telemetry data comprising operational metrics of the workload-specific device (Rosenstein teaches retraining data is encrypted by the edge computing device using the shared secret key, and then the encrypted retraining data is sent to a remote computing device, wherein the remote computing device decrypts the retraining data and train an AI model to produce a trained AI model, wherein the trained AI model encrypted and deployed at an accelerator on SoM device (i.e. specific device) [0040-0041], fig. 3A-3B, wherein the hardware accelerator may securely perform artificial intelligence tasks on data collected from the remote sensors [0074], wherein the data collected by sensors comprise a plurality of images and audio data [0019], and wherein the communication between the parties is performed via internet (i.e. communication via internet means data always will be sent and received by specific devices based on IP address) [0016]);
decrypting, using the shared secret, the encrypted telemetry data (Rosenstein teaches the encrypted retraining data is decrypted by the secure cryptoprocessor of the remote computing device using the shared secret key [0040]);
determining updated configuration data for the workload-specific device based on the decrypted telemetry data, the updated configuration data comprising configuration parameters of the workload-specific device; and causing the updated configuration data in an encrypted state to be provided to the workload-specific device, wherein the updated configuration data, when in a decrypted state, is applicable to the workload-specific device to modify operation of the workload-specific device (Rosenstein teaches after decrypting the retraining data, they will produced as artificial intelligence model and then they will be deployed on a hardware accelerator on the SoM device [0040-0041], and fig. 3A, wherein the hardware accelerator utilizes the artificial intelligence model to collect sensor data from the one or more sensors and perform artificial intelligence or machine learning analysis on the sensor data, and extracting features in the sensor data [0021] and [0039]. After importing the trained AI models on IoT hub, the IoT may perform a plurality of configuration on the edge device [0078]).
Regarding claim 2 Rosenstein teaches the system of claim 1, wherein at least a portion of the one or more first processing devices are part of a first confidential computing environment that prevents external modification of data within the first confidential computing environment (Rosenstein teaches the shared secret key is not revealed to any hardware or software external to the SoM device, except to the cloud server [0024], wherein the shared secret key is used to decrypt the retraining data [0040], and wherein the SoM and the cloud server are located in a personal area network or a local area network [0016]).
Regarding claim 4 Rosenstein teaches the system of claim 1, wherein the operational metrics of the workload-specific device comprise at least one of: computing resource utilization data of the workload-specific device; a data path of the workload-specific device; an error generated by the workload-specific device; or a cache line miss of the workload-specific device (Rosenstein teaches hardware accelerator may securely perform artificial intelligence tasks on data collected from the remote sensors utilizing the trained AI [0040-0041] and [0074].
Regarding claim 5 Rosenstein teaches the system of claim 1, wherein the workload-specific device comprises at least one of: an application-specific integrated circuit (ASIC); a field-programmable gate array (FPGA); a graphics processing unit (GPU); or a central processing unit (CPU) [0020].
Regarding claim 6 Rosenstein teaches the system of claim 1, wherein determining the updated configuration data for the workload-specific device further comprises: performing data analysis on the telemetry data; and generating the updated configuration data based on one or more results of the data analysis (Rosenstein teaches authenticates the received encrypted trained artificial intelligence model as a genuine via a secure cryptoprocessor [0033]).
Regarding claim 7 Rosenstein teaches the system of claim 1, wherein the encrypted telemetry data is not decryptable by a cloud provider of the cloud computing environment (Rosenstein teaches after decrypting the trained artificial model, it will be deployed on the hardware accelerator on the SoM device [0041] and fig. 1, and wherein the SoM and the cloud server are located in a personal area network or a local area network [0016]).
Regarding claim 9 Rosenstein teaches the system of claim 1, wherein the operations further comprise receiving the shared secret from a computing device, wherein: the computing device is external to the cloud computing environment (Rosenstein teaches a shared secret key may be shared between the SoM device and the cloud server [0024] and fig. 1); and receiving the shared secret from the computing device comprises using a second encrypted API call (Rosenstein teaches communication between the edge computing device and the cloud server is performed over a communication interface , which may be a network adapter, such as a USB-ethernet/Wi-Fi adapter. Other network adapters are also possible [0025]).
Regarding claim 10 Rosenstein teaches the system of claim 1, further comprising a virtualized component that includes the first memory and the one or more first processing devices, wherein the virtualized component comprises at least one of a virtual machine (VM) or a container [0023].
Regarding claim 11 Rosenstein teaches a system, comprising: an integrated circuit; a memory; and one or more processing devices, coupled to the memory, configured to perform operations comprising: receiving at least one shared secret provided by a device configuration manager in a cloud computing environment (Rosenstein teaches a shared secret key may be shared between the SoM device and the cloud server [0024] and fig. 1);
generating telemetry data during execution of the integrated circuit, the telemetry data comprising operational metrics of the integrated circuit; encrypting, using the at least one shared secret, the telemetry data (Rosenstein teaches retraining data is encrypted by the edge computing device using the shared secret key, and then the encrypted retraining data is sent to a remote computing device, wherein the remote computing device decrypts the retraining data and train an AI model to produce a trained AI model, wherein the trained AI model encrypted and deployed at an accelerator on SoM device (i.e. specific device) [0040-0041], fig. 3A-3B); providing the encrypted telemetry data for storage in a telemetry data store accessible to the device configuration manager; receiving encrypted updated configuration data generated by the device configuration manager for the integrated circuit, the updated configuration data comprising configuration parameters of the integrated circuit (Rosenstein teaches retraining data is encrypted by the edge computing device using the shared secret key, and then sent to a remote computing device [0040], and wherein the hardware accelerator may securely perform artificial intelligence tasks on data collected from the remote sensors [0074]); decrypting, using the at least one shared secret, the updated configuration data; and applying the decrypted updated configuration data to the integrated circuit to modify operation of the integrated circuit (Rosenstein teaches after decrypting the retraining data, they will produced as artificial intelligence model and then they will be deployed on a hardware accelerator on the SoM device [0040-0041], and fig. 3A-3B, wherein the hardware accelerator utilizes the artificial intelligence model to collect sensor data from the one or more sensors and perform artificial intelligence or machine learning analysis on the sensor data, and extracting features in the sensor data [0021] and [0039]).
Regarding claim 12 Rosenstein teaches the system of claim 11, wherein: the integrated circuit comprises a portion of an artificial intelligence (AI) model; and the execution of the integrated circuit comprises operating the AI model (Rosenstein teaches a secure cryptoprocessor may authenticate the encrypted AI model and decrypt the encrypted AI model to generate a decrypted AI model; and the decrypted AI model may be subsequently stored and executed on the hardware accelerator [0080-0082]).
Regarding claim 14 Rosenstein teaches the system of claim 11, wherein: the at least one shared secret comprises a plurality of shared secrets; and using the at least one shared secret comprises using a currently selected shared secret of the plurality of shared secrets (Rosenstein teaches the SoM device may implement an authentication protocol to exchange data with the remote computing device via a cryptographic message derived out of unique encryption keys of a secret key pair comprising a first encryption key stored in the secure cryptoprocessor of the SoM device and a second encryption key stored in the remote computing device [0083]).
In response to Claim 17: Rejected for the same reason as claim 11
Regarding claim 18 Rosenstein teaches the method of claim 17, wherein: the method further comprises receiving, at the workload-specific device and from a device configuration manager, a second shared secret; receiving the updated configuration data comprises receiving encrypted updated configuration data from the device configuration manager; and the method further comprises decrypting the encrypted updated configuration data using the second shared secret (Rosenstein teaches receiving a second data package from a remote computing device, which may include an AI model, which is trained on the training or retraining data, and decrypt the second data package, wherein the data may be encrypted and decrypted using a plurality of cryptographic keys [0031] and [0034]).
9.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim 8 is rejected under 35 U.S.C. 103 as being unpatentable over Rosenstein as mentioned above, in view of Lee et al. US 2017/0118282 (hereinafter Lee).
Regarding claim 8 Rosenstein teaches the system of claim 7. Rosenstein does not teach determining one or more portions of the telemetry data that are below a threshold level of sensitivity; and providing the one or more portions of the telemetry data in a decrypted state for access by the cloud provider of the cloud computing environment. Lee substantially teaches if the data segment is not sensitive data, the data will be moved to the public cloud [0074].
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Rosenstein such that the invention further includes determining one or more portions of the telemetry data that are below a threshold level of sensitivity; and providing the one or more portions of the telemetry data in a decrypted state for access by the cloud provider of the cloud computing environment. One would have been motivated to do so to allow the organization that owns the data to gain local storage space without risk of adversely affecting applications or users that utilize the data or a risk of accidental release of confidential data [0074].
10.
Claim 13 is rejected under 35 U.S.C. 103 as being unpatentable over Rosenstein as mentioned above, in view of O’Reilly et al. US 2020/0173679 (hereinafter O’Reilly).
Regarding claim 13 Rosenstein teaches the system of claim 11. Rosenstein does not teach that the operational metrics of the integrated circuit comprise at least one of: microprocessor usage data and memory usage data of the integrated circuit; a temperature reading of the integrated circuit; or a power consumption reading of the integrated circuit. O’Reilly substantially teaches operational metrics can include a real-time LCC, real-time TCO, and/or real-time power consumption [0041].
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Rosenstein such that the invention further includes the operational metrics of the integrated circuit comprise at least one of: microprocessor usage data and memory usage data of the integrated circuit; a temperature reading of the integrated circuit; or a power consumption reading of the integrated circuit. One would have been motivated to do so because such operational metrics can be used to select filters and equipment that can improve the efficiency and lower costs [0041].
11.
Claim 15 is rejected under 35 U.S.C. 103 as being unpatentable over Rosenstein as mentioned above, in view of Kriegeret al. US 9,043,602 (hereinafter Krieger).
Regarding claim 15 Rosenstein teaches the system of claim 14. Rosenstein does not teach periodically rotating a currently selected secret among the plurality of secrets. Kriegeret substantially teaches each beacon device can have a set of rotation keys that can be shared secrets between such beacon device and the verifying entity. For example, selection of one of the set of rotation keys at each instance of rotation key usage can be based on a shared sense of time or other means or communication between the verifying entity and the beacon device (col. 5, lin. 29-35).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Rosenstein such that the invention further includes periodically rotating a currently selected secret among the plurality of secrets. One would have been motivated to do so because using different rotation keys from the set over time, the sequence of emitted ephemeral identifiers or message integrity codes can be further protected against attack (e.g. an attempt to deduce the rotation key by analyzing the sequence of emitted identifiers or message integrity codes or otherwise reversing the obscuring function) (col. 5, lin. 35-41).
12.
Claim 16 is rejected under 35 U.S.C. 103 as being unpatentable over Rosenstein as mentioned above, in view of Akasaki al. US 2002/0176292 (hereinafter Akasaki).
Regarding claim 16 Rosenstein teaches the system of claim 11. Rosenstein does not teach modifying a memory timing of the integrated circuit; or modifying a frequency of a component of the integrated circuit. Akasaki substantially teaches adjusting signal timing within RAM [0006].
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Rosenstein such that the invention further includes modifying a memory timing of the integrated circuit; or modifying a frequency of a component of the integrated circuit. One would have been motivated to do so to speed up the process on the circuit [0006].
13.
Claims 3 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Rosenstein as mentioned above, in view of Durand al. US 9,628,447 (hereinafter Durand).
Regarding claim 3 Rosenstein teaches the system of claim 1. Rosenstein does not teach a second confidential computing environment including at least a portion of one or more second processing devices, and the second confidential computing environment prevents external modification of data within the second confidential computing environment. Durand substantially teaches a computer platform may include a memory with a plurality of areas, wherein each area comprises a protected content and associated with an encryption key (col. 6, lin. 25-43) and fig. 2, wherein a user with a permission such as having a key may access at least one of the protected contents (col. 15, lin. 1-10) and fig. 6-7.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Rosenstein such that the invention further includes a second portion of the workload-specific device is part of a second confidential computing environment that prevents modification of data within the second confidential computing environment, wherein the second confidential computing environment comprises the second shared secret. One would have been motivated to do so to make the system more secure, for example if an attacker compromises a first protected content, it will be near impossible to break through a second protected content since each protected content has its own secret key.
Regarding claim 19 Rosenstein teaches the method of claim 18, wherein: at least a first portion of the workload-specific device is part of a first confidential computing environment that prevents modification of data within the first confidential computing environment, wherein the first confidential computing environment comprises the first shared secret; and at least a second portion of the workload-specific device is part of a second confidential computing environment that prevents modification of data within the second confidential computing environment, wherein the second confidential computing environment comprises the second shared secret. (Rosenstein teaches the shared secret key is not revealed to any hardware or software external to the SoM device, except to the cloud server [0024], wherein the shared secret key is used to decrypt the retraining data [0040], and wherein the SoM and the cloud server are located in a personal area network or a local area network [0016]). Rosenstein does not teach a second portion of the workload-specific device is part of a second confidential computing environment that prevents modification of data within the second confidential computing environment, wherein the second confidential computing environment comprises the second shared secret, and further Durand teaches a computer platform may include a memory with a plurality of areas, wherein each area comprises a protected content and associated with an encryption key (col. 6, lin. 25-43) and fig. 2, wherein a user with a permission such as having a key may access at least one of the protected contents (col. 15, lin. 1-10) and fig. 6-7.
14.
Claim 20 is rejected under 35 U.S.C. 103 as being unpatentable over Rosenstein as mentioned above, in view of Viclizki al. US 2023/0133110 (hereinafter Viclizki).
Regarding claim 20 Rosenstein teaches the method of claim 17. Rosenstein does not teach operational metrics of the workload-specific device comprise at least one of: a clock setting of the workload-specific device; a voltage of the workload-specific device; or a utilization counter of the workload-specific device. Viclizki substantially telemetry data may include clock settings [0055].
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Rosenstein such that the invention further includes telemetry data comprises at least one of: a clock setting of the workload-specific device; a voltage of the workload-specific device; or a utilization counter of the workload-specific device. One would have been motivated to do so to analyze the telemetry data and derived some features may, wherein these features may be analyzed and a report or alert may be created [0016].
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Ayoub Alata whose telephone number is (313) 446-6541. The examiner can normally be reached on M-F: 8:00am-4:30pm.
If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Jay Kim can be reached at (571) 272-3804. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
/AYOUB ALATA/ Primary Examiner, Art Unit 2494