DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This action is response to communication: response to election filed on 01/28/2026.
Claims 1-9 and 13-23 are currently pending in this application.
No new IDS has been filed for this application.
Election/Restrictions
Applicant’s election without traverse of the restriction requirement in the reply filed on 10/14/2025 is acknowledged. Applicants have elected Group I (claims 1-9 and 13-20) without traverse.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1-4, 6, 13-16, 18, and 21-23 rejected under 35 U.S.C. 103 as being unpatentable over Lim et al. US Patent Application Publication 2017/0185345 (Lim), in view of Triantafillou et al. US Patent Application Publicatoin 2014/0096260 (Triant), and further in view of Gathani et al. US Patent No. 12,411,938 (Gathani)
As per claim 1, Lim teaches a method of operating a system-on-chip SOC comprising: intercepting, by a secure code and from an interconnect component associated with the SoC, a first access request by a first device, wherein the first access request is associated with a first memory address of the SoC (abstract and throughout with access control to SoC based on address region and access permission; see paragraph 35 with address location/region; see paragraph 8 and 9 with access control unit as root of trust;); determining, by the secure code, that the first memory address is protected (paragraph 43 with access control unit controlling access based on security modes; see also paragraph 35, 36, 50, and throughout with access control based on modes and address regions along with permissions); based on determining that the first memory address is protected, establishing, by the secure code, a secure communication channel between the first device and the secure code (paragraph 54 and throughout, with allowing device to access particular region through secure channel/access; see also Figure 5; device may be a certain hardware block; see paragraph 54 wherein an example of device/hardware block is modem;); and providing, by the secure code and using the secure communication channel, first data determined based on contents of the first memory address to the first device (paragraph 54, Figure 5, and throughout with providing access to particular memory region).
Although Lim teaches a secure code, Lim does not explicitly teach an isolated RoT code. However, this would have been obvious, if not inherent, over Lim. As seen in paragraph 43, the access control unit is used to perform secure access to the SoC. Paragraph 44 further shows that the access control unit sets up the secure attributes of the devices. The access control unit is inherently trusted, and is thus a root of trust. However, for a more explicit teaching of a root of trust, see Triant (paragraph 20 wherein software used to manage systems are run in an isolated environment with a root of trust). Paragarph 20 further shows creating a secure tunnel to communicate with the root of trust (paragraph 20). Triant further teaches utilizing a private key (paragraph 83).
At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of Lim with Triant. One of ordinary skill in the art would have been motivated to perform such an addition to provide more security by running in a closed and secure environment (paragraph 20).
Although the Triant combination teaches utilizing a private key (paragraph 83), the combination does not explicitly teach generating an asymmetric key pair comprising a private key and a public key, and providing the public key to the first device; and wherein the first data is determined based on encrypting the contents of the first memory address using the private key. However, generating asymmetric key pairs, providing the public key to another device, and wherein data is determined based on encrypting contents using the private key is well known in the art. For example, see Gathani (col. 3 lines 1-25 with multiple root of trusts and are isolated; this passage further teaches creating a secure session/tunnel to communicate with the root of trust; col. 9 lines 55 to col. 10 line 20, with generating private/public key pair; public key is provided to other device; see col. 4 line 65 to col. 5 line 20 and throughout wherein the private key is used to encrypt data to generate a digital signature; public key is used to verify digital signature to generate a secure session)
At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of the Lim combination with Gathani. One of ordinary skill in the art would have been motivated to perform such an addition to create more securiby by providing security assurances (col. 1 lines 20-30).
As per claim 2, the Lim combination teaches intercepting, by the isolated RoT code and from the interconnect component, a second access request by a second device, wherein the second access request is assocaited with a second memory address of the SoC; determining, by the isolated RoT code, that the second memory address is restricted; based on determining that the second memory address is restricted, determining, by the isolated RoT code, that the second device is unauthorized to access the second memory address; and based on determining that the second device is unauthorized to access the second memory address, aborting, by the isolated RoT code, processing of the second access request (see throughout ; for example, see paragraph 54 wherein modem can only access modem only region; see paragraphs 64-65 wherein other elements, such as GNSS can only access particular memory regions and not other regions; See other elements in Figure 2 and paragraph 54 wherein the lements are hardware blocks, such as AP, Modem, Bluetooth, GNSS, Wifi, all with particular access to particular memory regions; if access is not allowed, access is denied/aborted).
As per claim 3, it would have been obvious over the Lim combination wherein intercepting the first access request comprises: monitoring data received by the interconnect component (see paragraph 43 wherein the access control unit is functionally disposed between hardware block and memory resources; thus commands are monitored/intercepted; see Figure 2; further, see Triant paragraph 73 wherein secure trusted firmware monitoring commands).
As per claim 4, the Lim combination teaches wherein intercepting the first access request comprises: at a time prior to intercepting the first access request, generating configuration data associated with the interconnect component that defines the first memory address in a memory address space associate with the isolated RoT code (see Lim paragraph 43, wherein access control unit may define or modify address regions that controls access to memory resrouces; see paragraph 46 wherein memory spaces may be defined by access control unit).
As per claim 6, the Lim combination eaches wherein intercepting the first access request comprises: executing operations assocaited with the interconnect component using the isolated RoT code (Lim paragraph 43 with access control unit functionally disposed between hardware block and system resources; see Figure 3).
Claim 13 is rejected using the same basis of arguments used to reject claim 1 above.
Claim 14 is rejected using the same basis of arguments used to reject claim 2 above.
Claim 15 is rejected using the same basis of arguments used to reject claim 3 above.
Claim 16 is rejected using the same basis of arguments used to reject claim 4 above.
Claim 18 is rejected using the same basis of arguments used to reject claim 6 above.
Claim 21 is rejected using the same basis of arguments used to reject claim 1 above.
Claim 22 is rejected using the same basis of arguments used to reject claim 2 above.
Claim 23 is rejected using the same basis of arguments used to reject claim 3 above.
Claim(s) 5 and 17 are rejected under 35 U.S.C. 103 as being unpatentable the Lim combination as applied above, and further in view of Ratiner et al. US Patent Application Publication 2021/0306348 (Ratiner)
As per claim 5, the Lim combination does not explicitly teach intercepting the first access request comprises: receiving a hardware interrupt from a hardware component associated with the interconnect component, wherein the hardware component may be configured to generate hardware interrupts based on detecting requests to access a set of protected memory addresses, and wherein the set of protected memory addresses comprise the first memory address. However, this would have been obvious. For example, see Ratiner (paragraph 211 with hardware module interrupt controller; see paragraph 213 wherein controller triggers an interrupt with access to restricted memory address is detected).
At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of Ratiner with the Lim combination. One of ordinary skill in the art would have been motivated to perform such an addition to provide more security via hardware security solutions (paragraph 1 of Ratiner).
Claim 17 is rejected using the same basis of arguments used to reject claim 5 above.
Claim(s) 7-9, 19, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over the Lim combination as applied above, and further in view of Sood et al. US Patent Application Publication 2019/0220601 (Sood)
As per claim 7, the Lim combination does not explicitly teach wherein the interconnect component is assocaited with a Peripheral component interconnect express PCIe protocol. However, utilizing PCIe is notoriously well known in the art. For example, see Sood (paragraph 55).
At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of Sood with the Lim combination. One of ordinary skill in the art would have been motivated to perform such an addition to provide more security by providing dynamic, scalable, and composable trustworthy execution environments (paragraph 22 of Sood).
As per claim 8, the Lim combination teaches receiving, by the isolated RoT code and using the secure channel, a second access request; and validating, by the isolated RoT code, the second access request (see throughout ; for example, see paragraph 54 wherein modem can only access modem only region; see paragraphs 64-65 wherein other elements, such as GNSS can only access particular memory regions and not other regions; See other elements in Figure 2 and paragraph 54 wherein the elements are hardware blocks, such as AP, Modem, Bluetooth, GNSS, Wifi, all with particular access to particular memory regions; if access is allowed, access is granted). However, the Lim combination does not explicitly teach utilizing a cryptographic accelerators. However, utilizing accelerators is notoriously well known in the art. For example, see Sood (paragraph 48).
At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of Sood with the Lim combination. One of ordinary skill in the art would have been motivated to perform such an addition to accelerate certain functionalities for computing devices (paragraph 48).
As per claim 9, the Lim combination teaches wherein the second access request is associated with a request for modification of the contents associated with the first memory address based on second data, and the method further comprises: based on validating the second access request, modifying, by the isolated RoT code, the contents based on the second data (Lim paragraph 42-43 wherein hardware blocks have data processing capabilities such as modifying the content).
Claim 19 is rejected using the same basis of arguments used to reject claim 7 above.
Claim 20 is rejected using the same basis of arguments used to reject claim 8 above.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JASON KAI YIN GEE whose telephone number is (571)272-6431. The examiner can normally be reached on Monda-Friday 8:30-5:00 PST Pacific.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on (571) 272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).
/JASON K GEE/Primary Examiner, Art Unit 2495