DETAILED ACTION
This office action is responsive to claims 1 - 20 filed in this application Kotary et al., U.S. Patent Application No. 18/427,048, (Filed January 30, 2024).
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections 35 U.S.C. §103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claims 1 – 20 are rejected under 35 U.S.C. 103 as being unpatentable over Sfadia et al., United States Patent Application Publication No. 2022/0245251 (Published August 4, 2022, filed February 1, 2021) (“Sfadia”) in view of Liedtke et al., United States Patent Application Publication No. 20200257518 (Published August 13, 2020, filed April 24, 2020) (“Liedtke”).
Claims 1, 18, and 20
With respect to claims 1, 18, and 20 Sfadia teaches the invention as claimed including a system comprising: a device executing a firmware; … an orchestrator connected to the update agent over a network to coordinate firmware updates on the device; at least one processor; and memory coupled to the processor, the memory consisting of computer executable instructions that, when executed by the system, perform operations comprising: prepare a firmware payload with an updated firmware and an arm bundle;… determine an arm status based on the arm bundle; transmit the arm status to the root of trust; transmit an activation command to the root of the trust, {New firmware is received for an in-service update, the device enters a restricted access state and a firmware root of trust is obtained, then the orchestrator trigger command to proceed with the firmware update is received from a network location and the firmware is installed responsive in active memory responsive to the trigger command. Sfadia at Abstract; id. at ¶¶ 0036 – 0041 & 0048; id. at ¶ 0045 (failure of authentication means reverting to previous firmware).}
However, Sfadia doesn’t explicitly teach the limitation:
an update agent to aid in staging the firmware; a root of trust coupled with the update agent to activate the firmware; … stage the firmware payload to the update agent, causing the update agent to perform operations comprising: transmit the updated firmware in the firmware payload to the device; … causing the root of trust to perform operations comprising: review the arm status of the updated firmware; and in response to the arm status being true, transmit a consume command to the device to consume the updated firmware. {Liedtke does teach this limitation. Liedtke teaches firmware updating using a root of trust, as taught in Sfadia, may include where the firmware payload can be assembled and transmitted to an update agent such as a Platform Firmware Configuration Service 710 which can then stage the payload and transmit to the Platform root of trust 702 a request for authentication of the firmware “using unique hardware IDs, computed hashes or other security authentication approach,” where if the authentication succeeds the root of trust will command the firmware image to be loaded into the firmware memory and booted. Liedtke at ¶¶ 0059, 0065 - 0067, 0069 – 0076.
Sfadia and Liedtke are analogous art because they are from the “same field of endeavor” and are both from the same “problem-solving area.” Specifically, they are both from the field of software updating, and both are trying to solve the problem of to validate the update prior to activation.
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to combine firmware updating using a root of trust, as taught in Sfadia with staging the payload and then authenticating, as taught in Liedtke. Sfadia teaches that firmware updates should be secure. Id. at ¶ 0001. Therefore, one having ordinary skill in the art would have been motivated to combine firmware updating using a root of trust, as taught in Sfadia with staging the payload and then authenticating, as taught in Liedtke, for the purpose of using a known secure firmware update method with a firmware that requires secure updating.}
Claim 2
With respect to claim 2 Sfadia and Liedtke, teach the invention as claimed including:
copy the updated firmware to an active location for the device to automatically consume upon restarting. {New firmware is received for an in-service update, the device enters a restricted access state and a firmware root of trust is obtained, then the orchestrator trigger command to proceed with the firmware update is received from a network location and the firmware is installed responsive in active memory responsive to the trigger command. Sfadia at Abstract; id. at ¶¶ 0036 – 0041 & 0048; id. at ¶ 0045 (failure of authentication means reverting to previous firmware).}
Claim 3
With respect to claim 3 Sfadia and Liedtke, teach the invention as claimed including:
in response to the arm status of the device set to false, transmit a consume command to the device to consume firmware executed prior to receipt of the activation command. {Sfadia at ¶ 0045 (failure of authentication means reverting to previous firmware).}
Claim 4
With respect to claim 4 Sfadia and Liedtke, teach the invention as claimed including:
wherein transmitting the updated firmware in the firmware payload to the device further comprises: copying the updated firmware to a volatile memory accessible to the device. {New firmware is received for an in-service update, the device enters a restricted access state and a firmware root of trust is obtained, then the orchestrator trigger command to proceed with the firmware update is received from a network location and the firmware is installed responsive in active memory responsive to the trigger command. Sfadia at Abstract; id. at ¶¶ 0036 – 0041 & 0048; id. at ¶ 0045 (failure of authentication means reverting to previous firmware).}
Claim 5
With respect to claim 5 Sfadia and Liedtke, teach the invention as claimed including:
wherein transmitting the updated firmware in the firmware payload to a device further comprises: copying the updated firmware to a temporary location not accessible to the device. {New firmware is received for an in-service update, the device enters a restricted access state, and a firmware root of trust is obtained, then the orchestrator trigger command to proceed with the firmware update is received from a network location and the firmware is installed responsive in active memory responsive to the trigger command. Sfadia at Abstract; id. at ¶¶ 0036 – 0041 & 0048; id. at ¶ 0045 (failure of authentication means reverting to previous firmware).}
Claim 6
With respect to claim 6 Sfadia and Liedtke, teach the invention as claimed including:
wherein the temporary location is an inactive partition of a storage location. {New firmware is received for an in-service update, the device enters a restricted access state and a firmware root of trust is obtained, then the orchestrator trigger command to proceed with the firmware update is received from a network location and the firmware is installed responsive in active memory responsive to the trigger command. Sfadia at Abstract; id. at ¶¶ 0036 – 0041 & 0048; id. at ¶ 0045 (failure of authentication means reverting to previous firmware).}
Claim 7
With respect to claim 7 Sfadia and Liedtke, teach the invention as claimed including:
wherein the storage location contains firmware in an active partition consumed by the device prior to receiving the consume command. {New firmware is received for an in-service update, the device enters a restricted access state and a firmware root of trust is obtained, then the orchestrator trigger command to proceed with the firmware update is received from a network location and the firmware is installed responsive in active memory responsive to the trigger command. Sfadia at Abstract; id. at ¶¶ 0036 – 0041 & 0048; id. at ¶ 0045 (failure of authentication means reverting to previous firmware); id. at fig. 1.}
Claim 8
With respect to claim 8 Sfadia and Liedtke, teach the invention as claimed including:
wherein transmitting the updated firmware in the firmware payload to the device further comprises: copying the updated firmware from the inactive partition location to the active partition. {The firmware payload can be assembled and transmitted to an update agent such as a Platform Firmware Configuration Service 710 which can then stage the payload and transmit to the Platform root of trust 702 a request for authentication of the firmware “using unique hardware IDs, computed hashes or other security authentication approach,” where if the authentication succeeds the root of trust will command the firmware image to be loaded into the firmware memory and booted. Liedtke at ¶¶ 0059, 0065 - 0067, 0069 – 0076; id at figs. 3A & B.}
Claim 9
With respect to claim 9 Sfadia and Liedtke, teach the invention as claimed including:
wherein reviewing the arm status of the updated firmware further comprises: confirming version of firmware in the inactive partition is the updated firmware; confirming version of firmware in the active partition is an existing firmware consumed by the device prior to receiving the consume command; setting the arm status associated with the device to true. {The firmware payload can be assembled and transmitted to an update agent such as a Platform Firmware Configuration Service 710 which can then stage the payload and transmit to the Platform root of trust 702 a request for authentication of the firmware “using unique hardware IDs, computed hashes or other security authentication approach,” where if the authentication succeeds the root of trust will command the firmware image to be loaded into the firmware memory and booted. Liedtke at ¶¶ 0059, 0065 - 0067, 0069 – 0076; id at figs. 3A & B.}
Claim 10
With respect to claim 10 Sfadia and Liedtke, teach the invention as claimed including:
wherein the storage location is a non-volatile storage. {Liedtke at ¶¶ 0048.}
Claim 11
With respect to claim 11 Sfadia and Liedtke, teach the invention as claimed including:
wherein transmitting the consume command to the device to consume the updated firmware further comprises: restarting the device to boot using the updated firmware; reviewing status of the boot; and in response to the status of the boot being healthy, copy the updated firmware to an active location for the device to automatically consume upon restarting. {The firmware payload can be assembled and transmitted to an update agent such as a Platform Firmware Configuration Service 710 which can then stage the payload and transmit to the Platform root of trust 702 a request for authentication of the firmware “using unique hardware IDs, computed hashes or other security authentication approach,” where if the authentication succeeds the root of trust will command the firmware image to be loaded into the firmware memory and booted. Liedtke at ¶¶ 0059, 0065 - 0067, 0069 – 0076; id at figs. 3A & B.}
Claim 12
With respect to claim 12 Sfadia and Liedtke, teach the invention as claimed including:
wherein the operations further comprise: in response to the status of the boot being not healthy, transmitting an undo command to the device to consume firmware executed prior to receipt of the activation command. {New firmware is received for an in-service update, the device enters a restricted access state and a firmware root of trust is obtained, then the orchestrator trigger command to proceed with the firmware update is received from a network location and the firmware is installed responsive in active memory responsive to the trigger command. Sfadia at Abstract; id. at ¶¶ 0036 – 0041 & 0048; id. at ¶ 0045 (failure of authentication means reverting to previous firmware); id. at fig. 1.}
Claim 13
With respect to claim 13 Sfadia and Liedtke, teach the invention as claimed including:
wherein transmitting the activation command to the root of the trust is caused by an external activation of system restart. {New firmware is received for an in-service update, the device enters a restricted access state and a firmware root of trust is obtained, then the orchestrator trigger command to proceed with the firmware update is received from a network location and the firmware is installed responsive in active memory responsive to the trigger command. Sfadia at Abstract; id. at ¶¶ 0036 – 0041 & 0048; id. at ¶ 0045 (failure of authentication means reverting to previous firmware); id. at fig. 1.}
Claim 14
With respect to claim 14 Sfadia and Liedtke, teach the invention as claimed including:
wherein transmitting the updated firmware in the firmware payload to the device further comprises: identifying a level of management controller relevant for the staging the firmware payload; and transmitting the updated firmware in the firmware payload to the one or more devices managed by the management controller. {The firmware payload can be assembled and transmitted to an update agent such as a Platform Firmware Configuration Service 710 run by a Management Controller which can then stage the payload and transmit to the Platform root of trust 702 a request for authentication of the firmware “using unique hardware IDs, computed hashes or other security authentication approach,” where if the authentication succeeds the root of trust will command the firmware image to be loaded into the firmware memory and booted. Liedtke at ¶¶ 0059, 0065 - 0067, 0069 – 0076 (BMC); id at figs. 3A & B.}
Claim 15
With respect to claim 15 Sfadia and Liedtke, teach the invention as claimed including:
wherein reviewing the arm status of the updated firmware further comprises: determining a global arm status from the arm bundle; reviewing a global arm status; and in response to the global arm status set to true, transmitting an activation command to one or more root of trusts associated with the one or more devices. {The firmware payload can be assembled and transmitted to an update agent such as a Platform Firmware Configuration Service 710 run by a Management Controller which can then stage the payload and transmit to the Platform root of trust 702 a request for authentication of the firmware “using unique hardware IDs, computed hashes or other security authentication approach,” where if the authentication succeeds the root of trust will command the firmware image to be loaded into the firmware memory and booted. Liedtke at ¶¶ 0059, 0065 - 0067, 0069 – 0076 (BMC); id at figs. 3A & B.}
Claim 16
With respect to claim 16 Sfadia and Liedtke, teach the invention as claimed including:
wherein the operations further comprise: in response to the global arm status set to false or is empty, reviewing the arm status of a device of the one or more devices. {New firmware is received for an in-service update, the device enters a restricted access state and a firmware root of trust is obtained, then the orchestrator trigger command to proceed with the firmware update is received from a network location and the firmware is installed responsive in active memory responsive to the trigger command. Sfadia at Abstract; id. at ¶¶ 0036 – 0041 & 0048; id. at ¶ 0045 (failure of authentication means reverting to previous firmware); id. at fig. 1.}
Claim 17
With respect to claim 17 Sfadia and Liedtke, teach the invention as claimed including:
wherein the operations further comprise: restarting each device of the one or more devices to boot using the updated firmware; reviewing the status of the boot of each device; and in response to the status of the boot of a device of the one or more devices being not healthy, transmitting an undo command to the one or more devices to consume firmware executed prior to receipt of the activation command. {The firmware payload can be assembled and transmitted to an update agent such as a Platform Firmware Configuration Service 710 run by a Management Controller which can then stage the payload and transmit to the Platform root of trust 702 a request for authentication of the firmware “using unique hardware IDs, computed hashes or other security authentication approach,” where if the authentication succeeds the root of trust will command the firmware image to be loaded into the firmware memory and booted. Liedtke at ¶¶ 0059, 0065 - 0067, 0069 – 0076 (BMC); id at figs. 3A & B.}
Claim 19
With respect to claim 19 Sfadia and Liedtke, teach the invention as claimed including:
wherein transmitting the consume command to the device to consume the updated firmware further comprises: restarting the device to boot using the updated firmware; reviewing status of the boot; and in response to the status of the boot being healthy, copy the updated firmware to an active location for the device to automatically consume upon restarting. {The firmware payload can be assembled and transmitted to an update agent such as a Platform Firmware Configuration Service 710 run by a Management Controller which can then stage the payload and transmit to the Platform root of trust 702 a request for authentication of the firmware “using unique hardware IDs, computed hashes or other security authentication approach,” where if the authentication succeeds the root of trust will command the firmware image to be loaded into the firmware memory and booted. Liedtke at ¶¶ 0059, 0065 - 0067, 0069 – 0076 (BMC); id at figs. 3A & B.}
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to THEODORE E HEBERT whose telephone number is (571)270-1409. The examiner can normally be reached on Monday to Friday 9:00 a.m. to 6:00 p.m..
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lewis Bullock can be reached on 571-272-3759. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
//T.H./ January 10, 2026
Examiner, Art Unit 2199
/LEWIS A BULLOCK JR/Supervisory Patent Examiner, Art Unit 2199