Prosecution Insights
Last updated: July 17, 2026
Application No. 18/473,097

SECURE HANDSHAKE FOR HOST TO NON-HOST EXECUTION

Final Rejection §103
Filed
Sep 22, 2023
Examiner
HARRINGTON, CHERI L.
Art Unit
2176
Tech Center
2100 — Computer Architecture & Software
Assignee
Dell Products L.P.
OA Round
2 (Final)
69%
Grant Probability
Favorable
3-4
OA Rounds
0m
Est. Remaining
96%
With Interview

Examiner Intelligence

Grants 69% — above average
69%
Career Allowance Rate
219 granted / 318 resolved
+13.9% vs TC avg
Strong +27% interview lift
Without
With
+27.0%
Interview Lift
resolved cases with interview
Typical timeline
2y 9m
Avg Prosecution
18 currently pending
Career history
340
Total Applications
across all art units

Statute-Specific Performance

§101
1.9%
-38.1% vs TC avg
§103
79.1%
+39.1% vs TC avg
§102
4.8%
-35.2% vs TC avg
§112
12.4%
-27.6% vs TC avg
Black line = Tech Center average estimate • Based on career data from 318 resolved cases

Office Action

§103
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Claims 1-18 are pending. The objections to the drawings are withdrawn. Claim Interpretation The following is a quotation of 35 U.S.C. 112(f): (f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. The following is a quotation of pre-AIA 35 U.S.C. 112, sixth paragraph: An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier. Such claim limitation(s) is/are: executable code that is executable by the information handling system for establishing in claim 13, executable code that is executable by the information handling system for transferring in claim 13, executable code that is executable by the information handling system for transferring in claim 13, executable code that is executable by the information handling system for executing in claim 13. Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof. If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, applicant may: (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 1-2, 6-8, 12-14, and 18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Severns-Williams et al (US 20220292203) Richards et al (US 20250291926). Regarding claim 1, Severns-Williams teaches An information handling system comprising: a non-CPU processing unit; and (Fig. 1 (microcontroller - 302), [0016], “Microcontroller 302 can be implemented as a central processing unit or other processor device.”) a non-host device; (Fig. 3 (300-system) [0022], “In some examples, requester 350 can utilize protocols defined by SPDM to communicates through communication circuitry 308.” ) wherein the information handling system is configured to, during execution of a pre-boot environment: ([0023], “during a secure boot operation, IASC 316 can perform actions (1) to (4) to respond to remote attestation by providing product identifier and firmware and hardware measurements.” Where a secure boot operation is a pre-boot operation) establish trust between the host CPU and the non-host device via a cryptographic measurement; ([0017], “Microcontroller 302 can instruct Immutable Attestation Security Circuitry (IASC) 316 to perform operations related to attestation of system 300 including generating measurements, signing measurements, generating key pairs, inserting measurements into one or more messages, and signing messages or message transcripts, as described herein. IASC 316 can be a trusted device and unchanged after manufacture. Examples of instructions issued by microcontroller 302 to IASC 316 include: generate measurements, calculate hash, generate signature, verify signature, encrypt data, decrypt data, include measurements in message, Generate SPDM CHALLENGE Response Message, Generate SPDM MEASUREMENTS Response Message, Generate SPDM_KEY_EXCHANGE Response Message, and so forth.”) transfer data regarding the established trust from the host CPU to the non-CPU processing unit; and ([0022], “ Communication can be provided via wired or wireless media through a network or other connection … In some examples, requester 350 can utilize protocols defined by SPDM to communicates through communication circuitry 308.” And [0023], “ during a secure boot operation, IASC 316 can perform actions (1) to (4) to respond to remote attestation by providing product identifier and firmware and hardware measurements. At (1), system 300 commences secure boot by running boot firmware from boot ROM 306. In some examples, boot firmware code or firmware can include one or more of: Basic Input/Output System (BIOS), Universal Extensible Firmware Interface (UEFI)”) Severns-Williams teaches a Requestor but does not specifically mention executing code on the non-CPU processing unit. Richards teaches a host central processing unit (CPU); (Fig. 3 (External Device – 344) [0030], “an external device (e.g., server, computing device, smartphone, tablet device, etc.)” transfer code associated with the non-host device from the host CPU to the non- CPU processing unit via a Unified Extensible Firmware Interface (UEFI) multiprocessing (MP) services protocol; ([0063], “ described herein may utilize a controller 328 (e.g., security controller) or secure operating environment (e.g., System Management Mode (SMM), UEFI pre-boot”) and [0079], “In a case that the second authentication is successful, the electronic device may execute the command at step 516. In some examples, executing the command may be accomplished as described in FIG. 1, FIG. 2, FIG. 3, FIG. 4, or a combination thereof. For instance, the electronic device (e.g., controller) may modify firmware as instructed by the command.”) execute the code associated with the non-host device on the non-CPU processing unit. (Figs. 3 (controller – 328) and 5, [0079], “ In a case that the second authentication is successful, the electronic device may execute the command at step 516. In some examples, executing the command may be accomplished as described in FIG. 1, FIG. 2, FIG. 3, FIG. 4, or a combination thereof. For instance, the electronic device (e.g., controller) may modify firmware as instructed by the command.”) Severns-Williams and Richards are analogous art. Richards is cited to teach a similar concept of establishing secure communication to authenticate the system during pre-boot. Based on Richards, it would have been obvious before the effective filing date of the invention to a person having ordinary skill in the art to which said subject matter pertains to have modified Severns-Williams to execute code of the non-CPU processing unit after a second authentication. To one of ordinary skill in the art before the effective filing data of the invention it would have been advantageous to make this modification because “examples of the techniques described herein may utilize a controller 328 (e.g., security controller) or secure operating environment (e.g., System Management Mode (SMM), UEFI pre-boot, a hypervisor, or a combination thereof) to enhance firmware authentication with a second authentication 329”, [0063] Severns-Williams and Richards teach a Requestor and transferring code/commands using UEFI but does not specifically mention the UEFI multiprocessing services. Li teaches via a Unified Extensible Firmware Interface (UEFI) multiprocessing (MP) services protocol; (p 8. “when the DXE stage finishes the initialization work of the service of starting service Boot Services, running service Runtime Services, after finishing the multi-core service MP Service installation, the MP service protocol interface and Event event mechanism can be invoked . at this time, creating the EFI multi-task protocol interface, namely EFI-MULTI-TASK_PROTOCOL interface, and registering and installing it in the Handle Database; realizing traversing each driving function in the protocol and transmitting the entrance address to the StartupThisAP function; realizing to distribute each peripheral driving function to different AP to execute,”) Severns-Williams, Richards, and Li are analogous art. Li is cited to teach a similar concept of using pre-boot mechanisms to provide communication between devices. Li specifically teaches using the UEFI multiprocessor service protocol to bring the system into operation, including the transferring of the code as taught by Richards. Using this protocol is known as a way to effectively boot a system and yield predictable results. Based on Li and the KSR rationale of combining prior art elements according to known methods to yield predictable results, it would have been obvious before the effective filing date of the invention to a person having ordinary skill in the art to which said subject matter pertains to have modified Severns-Williams and Richards to use the Unified Extensible Firmware Interface (UEFI) multiprocessing (MP) services protocol transfer code to the non-CPU device. Regarding claim 2, Richards teaches wherein the non-host device comprises a Bluetooth and/or Wi-Fi adapter. ([0063], “The controller 328 or secure operating environment may establish a secure communication channel with the external device 344 using the communication interface 305 (e.g., wireless networking, NFC, Bluetooth, etc.).”) Regarding claim 6, Severns-Williams teaches wherein the non-CPU processing unit comprises at least one of an application processing unit (APU) and a graphics processing unit (GPU). ([0021], “Subsystem 301 and its IASC 316 can be used in a wide variety of systems 300 from servers to low-cost Internet of things (IoT) devices as well as one or more of: microcontroller, central processing unit (CPU), graphics processing unit (GPU)”) As to claims 7 and 13, Severns-Williams, Richards, and Li teach these claims according to the reasoning provided in claim 1. As to claims 8 and 14, Severns-Williams, Richards, and Li teach these claims according to the reasoning provided in claim 2. As to claims 12 and 18, Severns-Williams, Richards, and Li teach these claims according to the reasoning provided in claim 6. Claim(s) 4-5, 10-11, and 16-17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Severns-Williams, Richards, and Li as applied to claims 1, 7, and 13, respectively, above, and further in view of in view of Security Protocol and Data Model (SPDM) Specification V1.3.0. Regarding claim 4, Severns-Williams does not teach but SPDM teaches wherein the cryptographic measurement is a Trusted Platform Module (TPM) measurement stored in one or more platform configuration registers (PCRs). (p 123, [507], “An example of such a scheme is the Platform Configuration Register “extend” function in Trusted Platform Modules. The hash() function is the measurement hash algorithm specified by the most recent ALGORITHMS response message. The initial value of a hash-extend measurement (HEM) shall be MH bytes whose bits are all set to 0 , where MH is the size of MeasurementHashAlgo in the most recent ALGORITHMS response message. The hash-extend measurement is updated by “extending” the current value to include the next data to extend ( DataToExtend ). The extend operation is calculating the digest of the current value concatenated with the data to extend. Then repeat the extend operation for additional data to extend.”) Severns-Williams, Richards, Li and SPDM are analogous art. SPDM is cited to teach a similar concept of establishing secure communication to authenticate the system during pre-boot and using a TPM PCR to store and/or update the measurements used in establishing secure communication. Based on SPDM, it would have been obvious before the effective filing date of the invention to a person having ordinary skill in the art to which said subject matter pertains to have modified Severns-Williams, Richards, and Li to use a TPM PCR to store and/or update the measurements which are used establish secure communication. To one of ordinary skill in the art before the effective filing data of the invention it would have been advantageous to make this modification because TPM PCR’s are secure places to store measurements. Regarding claim 5, Severns-Williams does not teach but does not specifically teach but SPDM teaches wherein, subsequent to transferring the data to the non-CPU processing unit, the information handling system is configured to repeatedly confirm that the code executing on the non-CPU processing unit has not been altered. (Fig. 13, [965-967], “Once the handshake completes and all validation passes, the session reaches the application phase where either the Responder or the Requester can send application data. During this phase, a Requester can send SPDM messages such as GET_MEASUREMENTS . These messages might involve transcript calculations … The application phase ends when the HEARTBEAT requirements fail, or with an END_SESSION message,”) Severns-Williams, Richards, Li, and SPDM are analogous art. SPDM is cited to teach a similar concept of establishing secure communication to authenticate the system during pre-boot and using being able to repeat measurements which validate trust of the system. Based on SPDM, it would have been obvious before the effective filing date of the invention to a person having ordinary skill in the art to which said subject matter pertains to have modified Severns-Williams, Richards, and Li to use a TPM PCR to repeatedly update and validate measurements. To one of ordinary skill in the art before the effective filing data of the invention it would have been advantageous to make this modification because repeatedly measuring and validating the measurements confirms the integrity of the system. As to claims 10-11 and 16-17, Severns-Williams, Richards, Li, and SPDM teach these claims according to the reasoning provided in claims 4-5, respectively. Response to Arguments Applicant’s arguments with respect to claim(s) 1, 7, and 13 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument. Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHERI L. HARRINGTON whose telephone number is (571)270-0468. The examiner can normally be reached Generally, M-F, 7:30a-4p. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jaweed Abbaszadeh can be reached at 571-270-1640. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /CHERI L HARRINGTON/Examiner, Art Unit 2176 June 9, 2026 /JAWEED A ABBASZADEH/Supervisory Patent Examiner, Art Unit 2176
Read full office action

Prosecution Timeline

Sep 22, 2023
Application Filed
Dec 16, 2025
Non-Final Rejection mailed — §103
Mar 13, 2026
Response Filed
Jun 11, 2026
Final Rejection mailed — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12681649
SYSTEM WITH MCU AND FLASH MEMORY AND CONTROL METHOD FOR DEEP POWER DOWN CONTROL THEREOF
3y 1m to grant Granted Jul 14, 2026
Patent 12669856
POWER MANAGEMENT DEVICE AND CONSUMER ELECTRONIC PRODUCT
3y 10m to grant Granted Jun 30, 2026
Patent 12656853
INFORMATION PROCESSING APPARATUS, NON-TRANSITORY COMPUTER READABLE MEDIUM STORING PROGRAM, AND INFORMATION PROCESSING METHOD
3y 8m to grant Granted Jun 16, 2026
Patent 12657305
BIOS SETTINGS RUNTIME MODIFICATION AUTHENTICATION SYSTEM
2y 7m to grant Granted Jun 16, 2026
Patent 12625540
Intelligent Power Optimization Mechanism Via an Enhanced CPU Power Management Algorithm
2y 7m to grant Granted May 12, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

3-4
Expected OA Rounds
69%
Grant Probability
96%
With Interview (+27.0%)
2y 9m (~0m remaining)
Median Time to Grant
Moderate
PTA Risk
Based on 318 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month