DETAILED ACTION
This action is in response to application 18/619320, filed on 3/28/2024. Claims 1-20 are pending. The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(d):
(d) REFERENCE IN DEPENDENT FORMS.—Subject to subsection (e), a claim in dependent form shall contain a reference to a claim previously set forth and then specify a further limitation of the subject matter claimed. A claim in dependent form shall be construed to incorporate by reference all the limitations of the claim to which it refers.
Claim 20 is rejected under 35 U.S.C. 112(d) or pre-AIA 35 U.S.C. 112, 4th paragraph, as being of improper dependent form for failing to further limit the subject matter of the claim upon which it depends, or for failing to include all the limitations of the claim upon which it depends. The claim purports to be a dependent of “The EC of claim 18” but claim 18 recites a method, not an EC. It appears as though Applicant intended for claim 20 to be a dependent of claim 19, which does recite “An Embedded Controller (EC).” In the interest of compact prosecution, claim 20 will be examined as if it were amended to be a dependent of claim 19. However, Applicant alternatively may cancel the claim, otherwise amend the claim to place the claim in proper dependent form, rewrite the claim in independent form, or present a sufficient showing that the dependent claim complies with the statutory requirements.
Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.
Claims 1-5, 9-11, 17, and 19 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by USPGPUB 2024/0160431, hereinafter “Kumar.”
Regarding claim 1, Kumar anticipates “An Information Handling System (IHS), comprising:
a controller, wherein the controller comprises firmware that, upon execution by a processing core, causes the processing core to instantiate an orchestrator; (see, e.g., Kumar, para. 16-19) and
a plurality of devices coupled to the controller, wherein each device comprises firmware that, upon execution by a corresponding processing core, causes the corresponding processing core to instantiate a node of a plurality of nodes of a firmware framework; (see, e.g., Kumar, para. 16-19, 31) and
wherein the orchestrator is configured to: perform a firmware verification of a given node of the plurality of nodes, without any involvement by any Operating System (OS) of the IHS.” (see, e.g., Kumar, para. 22, 31, 38, 43-44).
Regarding claim 2, Kumar anticipates “The IHS of claim 1, wherein the controller comprises an Embedded Controller (EC) or Baseband Management Controller (BMC).” (see, e.g., Kumar, para. 17, 54).
Regarding claim 3, Kumar anticipates “The IHS of claim 1, wherein the plurality of devices comprises at least one of: a sensor, a sensor hub, a Central Processing Unit (CPU), a Graphical Processing Unit (GPU), an audio Digital Signal Processor (aDSP), a Neural Processing Unit (NPU), a Tensor Processing Unit (TSU), a Neural Network Processor (NNP), an Intelligence Processing Unit (IPU), an Image Signal Processor (ISP), or a Video Processing Unit (VPU), a camera controller, an audio controller, a memory, a Universal Serial Bus (USB) device, a Peripheral Component Interconnect express (PCIe) device, or a Trusted Platform Module (TPM).” (see, e.g., Kumar, para. 17, 54-63).
Regarding claim 4, Kumar anticipates “The IHS of claim 1, wherein at least one of the plurality of devices is coupled to the controller via at least one of: a Systems-on-Chip (SoC) interconnect, a Peripheral Component Interconnect Express (PCIe) bus, or a Universal Serial Bus (USB) port.” (see, e.g., Kumar, para. 18, 35)
Regarding claim 5, Kumar anticipates “The IHS of claim 4, wherein the SoC interconnect comprises at least one of: an Advanced Microcontroller Bus Architecture (AMBA) bus, a QuickPath Interconnect (QPI) bus, or a HyperTransport (HT) bus.” (see, e.g., Kumar, para. 35, 65).
Regarding claim 9, Kumar anticipates “The IHS of claim 1, wherein, subsequent to the firmware verification, the orchestrator is further configured to: communicate with the given node using, at least in part, a security service of the firmware framework without any involvement by any Operating System (OS) of the IHS.” (see, e.g., Kumar, para. 22, 31, 38, 43-44).
Regarding claim 10, Kumar anticipates “The IHS of claim 9, wherein the security service is configured to establish secure communications between the given node and the orchestrator.” (see, e.g., Kumar, para. 31).
Regarding claim 11, Kumar anticipates “The IHS of claim 10, wherein the security service is configured to provide a session key to the given node, and wherein either the given node or the orchestrator is configured to verify authenticity of the session key upon decryption of an incoming message.” (see, e.g., Kumar, para. 26, 31, 56).
Regarding claim 17, Kumar anticipates “A method, comprising:
producing, via a controller within an Information Handling System (IHS), an orchestrator of a firmware framework; (see, e.g., Kumar, para. 16-19)
producing, via a plurality of devices coupled to the controller, a plurality of nodes of the firmware framework; (see, e.g., Kumar, para. 16-19, 31) and
performing, by the orchestrator, a firmware verification of a given node of the plurality of nodes without any involvement by any Operating System (OS) of the IHS.” (see, e.g., Kumar, para. 22, 38, 43-44).
Regarding claim 19, Kumar anticipates “An Embedded Controller (EC) integrated into or coupled to a heterogeneous computing platform of an Information Handling System (IHS), (see, e.g., Kumar, para. 16) the EC comprising:
a processing core distinct from any host processor of the heterogeneous computing platform; and a memory coupled to the processing core, the memory having firmware instructions stored thereon that, upon execution by the processing core, (see, e.g., Kumar, para. fig. 9 & associated text, para. 54-63) cause the EC to:
produce an orchestrator as part of a firmware framework; (see, e.g., Kumar, para. 16-19, 31) and
verify a node of the firmware framework, without any involvement by any Operating System (OS) of the IHS.” (see, e.g., Kumar, para. 22, 38, 43-44).
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 6-8, 12-16, 18, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Kumar and USPGPUB 2018/0123804, hereinafter “Smith.”
Regarding claim 6, Kumar discloses “The IHS of claim 1,” but does not appear to disclose the further limitations “wherein the firmware verification of the given node is based, at least in part, upon a digital certificate provided by the given node in connection with a discovery operation prior to the communication.” Stated more simply, while Kumar does disclose secure communication and verification (see, e.g., para. 31, 43-44), Kumar does not disclose the use of digital certificates. However, Smith discloses (at para. 286-289) “[d]igital certificates” and “[p]ublic certificates.” Smith further discloses that a “device may generate one or more self-signed digital certificates to establish the identity of the device” (para. 42) prior to carrying out secure communications.
Kumar and Smith are directed toward secure device communications and therefore are analogous art. On or before the effective filing date of the instant application, one of ordinary skill in the art would have deemed it obvious to try to combine the digital certificates of Smith with the secure device communications of Kumar, thereby obtaining the invention of the instant claim. A clear and predictable benefit of so combining would have appeared as the ability to “authenticate system components, securely transport messages between system components, establish a secure communications channel over a constrained link, authenticate message content, authorize actions, and distribute authorizations and configuration data amongst users' system components.” (Smith, para. 70). Accordingly, the instant claim is unpatentable over the combination of Kumar and Smith.
Regarding claims 7-8, Kumar discloses “The IHS of claim 1, wherein the orchestrator is configured to perform the firmware verification” (see, e.g., para. 31, 43-44) but does not appear to disclose the further limitation “subject to a policy and in response to contextual information” and “wherein the contextual information comprises an indication of at least one of: a location of the IHS, a network bandwidth, an IHS component’s utilization, or an IHS component’s power state.” However, Smith discloses (at para. 584) that devices “may perform various system-level operations in the background, communicating with one another via the secure communications channel” and (at para. 585) that “background operations include microlocation services, GPS/INS services, status information, logging, background/maintenance processing, power mode changes, and configuration updates” wherein “an authorization for a device . . . may be required to transition into the trusted communications phase (i.e., authorizations may contain both authentication information and authorization criteria).”
Kumar and Smith are directed toward secure device communications and therefore are analogous art. On or before the effective filing date of the instant application, one of ordinary skill in the art would have deemed it obvious to try to combine the verification policy and contextual information of Smith with the secure device communications of Kumar, thereby obtaining the invention of the instant claim. A clear and predictable benefit of so combining would have appeared as the ability to “authenticate system components, securely transport messages between system components, establish a secure communications channel over a constrained link, authenticate message content, authorize actions, and distribute authorizations and configuration data amongst users' system components.” (Smith, para. 70). Accordingly, the instant claim is unpatentable over the combination of Kumar and Smith.
Regarding claim 12, Kumar discloses “The IHS of claim 10,” but does not appear to disclose the further limitation “wherein to establish the secure communications, the security service is configured to determine whether to add security to a native security mechanism associated with a standard bus or protocol of the given node based, at least in part, upon a policy.” However, Smith discloses (at, e.g., para. 558-560) adding encryption key cycling to establish more secure communications based on policy and context as claimed.
Kumar and Smith are directed toward secure device communications and therefore are analogous art. On or before the effective filing date of the instant application, one of ordinary skill in the art would have deemed it obvious to try to combine the digital certificate attestation system of Smith with the secure device communications of Kumar, thereby obtaining the invention of the instant claim. A clear and predictable benefit of so combining would have appeared as the ability to “authenticate system components, securely transport messages between system components, establish a secure communications channel over a constrained link, authenticate message content, authorize actions, and distribute authorizations and configuration data amongst users' system components.” (Smith, para. 70). Accordingly, the instant claim is unpatentable over the combination of Kumar and Smith.
Regarding claim 13, Kumar discloses “The IHS of claim 10,” but does not appear to disclose the further limitation “wherein to establish the secure communications, the security service is configured to determine whether to add a security feature to a native security mechanism associated with a standard bus or protocol of the given node based, at least in part, upon a policy.” However, Smith discloses (at, e.g., para. 558-560) adding encryption key cycling to establish more secure communications based on policy and context as claimed.
Kumar and Smith are directed toward secure device communications and therefore are analogous art. On or before the effective filing date of the instant application, one of ordinary skill in the art would have deemed it obvious to try to combine the digital certificate attestation system of Smith with the secure device communications of Kumar, thereby obtaining the invention of the instant claim. A clear and predictable benefit of so combining would have appeared as the ability to “authenticate system components, securely transport messages between system components, establish a secure communications channel over a constrained link, authenticate message content, authorize actions, and distribute authorizations and configuration data amongst users' system components.” (Smith, para. 70). Accordingly, the instant claim is unpatentable over the combination of Kumar and Smith.
Regarding claim 14, Kumar discloses “The IHS of claim 10,” but does not appear to disclose the further limitation “wherein to establish the secure communications, the security service is configured to determine whether to refresh, invalidate, or revoke one or more keys based, at least in part, upon a policy and contextual information.” However, Smith discloses (at, e.g., para. 558-560) using encryption key cycling to establish secure communications based on policy and context as claimed.
Kumar and Smith are directed toward secure device communications and therefore are analogous art. On or before the effective filing date of the instant application, one of ordinary skill in the art would have deemed it obvious to try to combine the digital certificate attestation system of Smith with the secure device communications of Kumar, thereby obtaining the invention of the instant claim. A clear and predictable benefit of so combining would have appeared as the ability to “authenticate system components, securely transport messages between system components, establish a secure communications channel over a constrained link, authenticate message content, authorize actions, and distribute authorizations and configuration data amongst users' system components.” (Smith, para. 70). Accordingly, the instant claim is unpatentable over the combination of Kumar and Smith.
Regarding claims 15-16, Kumar discloses “The IHS of claim 1, wherein to perform the firmware verification of the given node, the orchestrator is further configured to: determine that the given node does not comprise [valid encryption credentials]” (see, e.g., para. 26, 46) but does not disclose the further limitations including determining that “the given node does not comprise a digital certificate; derive an attestation key for the given node and a corresponding digital certificate; sign the corresponding digital certificate; and provide the signed certificate to the given node” and “wherein the derived digital certificate is assigned an expiration.” However, Smith discloses (at, e.g., para. 170-172, 277-299) an digital certificate creation and attestation system remedying the deficiency of Kumar.
Kumar and Smith are directed toward secure device communications and therefore are analogous art. On or before the effective filing date of the instant application, one of ordinary skill in the art would have deemed it obvious to try to combine the digital certificate attestation system of Smith with the secure device communications of Kumar, thereby obtaining the invention of the instant claim. A clear and predictable benefit of so combining would have appeared as the ability to “authenticate system components, securely transport messages between system components, establish a secure communications channel over a constrained link, authenticate message content, authorize actions, and distribute authorizations and configuration data amongst users' system components.” (Smith, para. 70). Accordingly, the instant claim is unpatentable over the combination of Kumar and Smith.
Regarding claim 18, Kumar discloses “The method of claim 17, wherein to perform the firmware verification of the given node, the method further comprises: determining, by the orchestrator, that the given node does not comprise [valid encryption credentials]” (see, e.g., para. 26, 46) but does not disclose the further limitations including determining that “the given node does not comprise a digital certificate; deriving, by the orchestrator, an attestation key for the given node and a corresponding digital certificate; signing, by the orchestrator, the corresponding digital certificate; and providing, by the orchestrator, the signed certificate to the given node.” However, Smith discloses (at, e.g., para. 170-172, 277-299) an digital certificate creation and attestation system remedying the deficiency of Kumar.
Kumar and Smith are directed toward secure device communications and therefore are analogous art. On or before the effective filing date of the instant application, one of ordinary skill in the art would have deemed it obvious to try to combine the digital certificate attestation system of Smith with the secure device communications of Kumar, thereby obtaining the invention of the instant claim. A clear and predictable benefit of so combining would have appeared as the ability to “authenticate system components, securely transport messages between system components, establish a secure communications channel over a constrained link, authenticate message content, authorize actions, and distribute authorizations and configuration data amongst users' system components.” (Smith, para. 70). Accordingly, the instant claim is unpatentable over the combination of Kumar and Smith.
Regarding claim 20, Kumar discloses “The EC of claim 19, wherein to verify the node of the firmware framework, the memory has additional firmware instructions stored thereon that, upon execution by the processing core, further cause the EC to: determine that the node does not comprise [valid encryption credentials]” (see, e.g., para. 26, 46) but does not disclose the further limitations including determining that “the given node does not comprise a digital certificate; derive an attestation key for the node and a corresponding digital certificate; sign the corresponding digital certificate; and provide the signed certificate to the node.” However, Smith discloses (at, e.g., para. 170-172, 277-299) an digital certificate creation and attestation system remedying the deficiency of Kumar.
Kumar and Smith are directed toward secure device communications and therefore are analogous art. On or before the effective filing date of the instant application, one of ordinary skill in the art would have deemed it obvious to try to combine the digital certificate attestation system of Smith with the secure device communications of Kumar, thereby obtaining the invention of the instant claim. A clear and predictable benefit of so combining would have appeared as the ability to “authenticate system components, securely transport messages between system components, establish a secure communications channel over a constrained link, authenticate message content, authorize actions, and distribute authorizations and configuration data amongst users' system components.” (Smith, para. 70). Accordingly, the instant claim is unpatentable over the combination of Kumar and Smith.
Double Patenting
As set forth below, at least one claim of this application is patentably indistinct from at least one pending claim in each of copending applications 18/602324, 18/602355, 18/602367, 18602384, 18/611765, 18/618876, 18/618880, 18/618883, and 18/618291. Pursuant to 37 CFR 1.78(f), when two or more applications filed by the same applicant or assignee contain patentably indistinct claims, elimination of such claims from all but one application may be required in the absence of good and sufficient reason for their retention during pendency in more than one application. Applicant is required to either cancel the patentably indistinct claims from all but one application or maintain a clear line of demarcation between the applications. See MPEP § 822.
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13.
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer.
Claims 1-20 are provisionally rejected on the ground of nonstatutory double patenting as being unpatentable over at least claims 1 and 6-9 of copending application 18/602324, as being unpatentable over at least claims 1 and 9-10 of copending application 18/618876, and as being unpatentable over at least claim 1 of 18/618883. Although the claims at issue are not identical, they are not patentably distinct from each other as set forth in the table below. The claims of the instant and copending applications not specifically mentioned in the table below are rejected on the same grounds as their parent claim(s). This is a provisional nonstatutory double patenting rejection because the patentably indistinct claims have not in fact been patented.
18/619320 (this)
18/602324
1. An Information Handling System (IHS), comprising:
a controller, wherein the controller comprises firmware that, upon execution by a processing core, causes the processing core to instantiate an orchestrator; and
a plurality of devices coupled to the controller, wherein each device comprises firmware that, upon execution by a corresponding processing core, causes the corresponding processing core to instantiate a node of a plurality of nodes of a firmware framework; and
[cont’d)
10. The IHS of claim 9, wherein the security service is configured to establish secure communications between the given node and the orchestrator.
(1. cont’d]
wherein the orchestrator is configured to: perform a firmware verification of a given node of the plurality of nodes, without any involvement by any Operating System (OS) of the IHS.
6. The IHS of claim 1, wherein the firmware verification of the given node is based, at least in part, upon a digital certificate provided by the given node in connection with a discovery operation prior to the communication.
7. The IHS of claim 1, wherein the orchestrator is configured to perform the firmware verification subject to a policy and in response to contextual information.
8. The IHS of claim 7, wherein the contextual information comprises an indication of at least one of: a location of the IHS, a network bandwidth, an IHS component’s utilization, or an IHS component’s power state.
1. An Information Handling System (IHS), comprising:
a controller, wherein the controller comprises firmware that, upon execution by a processing core, causes the processing core to instantiate an orchestrator; and
a plurality of devices coupled to the controller, wherein each device comprises firmware that, upon execution by a corresponding processing core, causes the corresponding processing core to instantiate a node as part of a firmware framework, and
wherein a given node is configured to communicate with the orchestrator, at least in part, using a security service of the firmware framework without any involvement by any Operating System (OS) of the IHS.
6. The IHS of claim 1, wherein the security service is configured to perform a firmware verification of the given node prior to the communication.
7. The IHS of claim 6, wherein the firmware verification is based, at least in part, upon a digital certificate provided by the given node in connection with a discovery operation prior to the communication.
8. The IHS of claim 6, wherein the security service is configured to perform the firmware verification subject to a policy and in response to contextual information.
9. The IHS of claim 8, wherein the contextual information comprises an indication of at least one of: a location of the IHS, a network bandwidth, an IHS component’s utilization, or an IHS component’s power state.
18/619320 (this)
18/618876
1. An Information Handling System (IHS), comprising:
a controller, wherein the controller comprises firmware that, upon execution by a processing core, causes the processing core to instantiate an orchestrator; and
a plurality of devices coupled to the controller, wherein each device comprises firmware that, upon execution by a corresponding processing core, causes the corresponding processing core to instantiate a node of a plurality of nodes of a firmware framework; and
wherein the orchestrator is configured to: perform a firmware verification of a given node of the plurality of nodes, without any involvement by any Operating System (OS) of the IHS.
6. The IHS of claim 1, wherein the firmware verification of the given node is based, at least in part, upon a digital certificate provided by the given node in connection with a discovery operation prior to the communication.
1. An Information Handling System (IHS), comprising:
a controller, wherein the controller comprises firmware that, upon execution by a processing core, causes the processing core to instantiate an orchestrator; and
a plurality of devices coupled to the controller, wherein each device comprises firmware that, upon execution by a corresponding processing core, causes the corresponding processing core to instantiate a node as part of a firmware framework, and
[cont’d)
9. The IHS of claim 1, wherein the given node is configured to perform a verification of the firmware module prior to installing or executing the firmware module.
10. The IHS of claim 9, wherein the verification is based, at least in part, upon a digital certificate provided to the given node in connection with a discovery operation.
(1 cont’d]
wherein the orchestrator is configured to distribute a firmware module to a given node in response to a determination that the given node requires the firmware module to provide a capability, without any involvement by any Operating System (OS) of the IHS.
18/619320 (this)
18618883
1. An Information Handling System (IHS), comprising:
a controller, wherein the controller comprises firmware that, upon execution by a processing core, causes the processing core to instantiate an orchestrator; and
a plurality of devices coupled to the controller, wherein each device comprises firmware that, upon execution by a corresponding processing core, causes the corresponding processing core to instantiate a node of a plurality of nodes of a firmware framework; and
wherein the orchestrator is configured to:
perform a firmware verification of a given node of the plurality of nodes, without any involvement by any Operating System (OS) of the IHS.
1. (Currently Amended) An Information Handling System (IHS), comprising:
a controller, wherein the controller comprises firmware that, upon execution by a processor core, causes the processor core to instantiate an orchestrator; and
a plurality of devices coupled to the controller at least in part, by a hardware interconnect coupled to at least one IHS host processor, wherein each device comprises firmware configured to, upon execution by a respective processor core, cause the respective processor core to instantiate a node as part of a firmware framework, wherein the orchestrator is configured to perform operations that comprise:
distribute a policy to at least a given node without any involvement by any Operating System (OS) of the IHS,
instantiate a telemetry service configured to perform operations that comprise: maintain a list of telemetry capabilities accessible through available interfaces: and in response to receipt of a telemetry collection request, route the telemetry collection request to appropriate collector node(s), set one or more parent node(s) of the collector node(s) as aggregator node(s) or bypass node(s), and select communication paths or protocols which depend at least in part upon a telemetry policy stored in a policies module of the firmware framework, wherein policy rules that govern telemetry collection, path and protocol selection, and node classification, are based upon contextual information and instantiate a security service configured to perform operations that comprise:
in response to connection of a new node to the firmware framework, query the new node for firmware image details verify the firmware image, based at least in part on the firmware image details: and in response to a determination verification of the firmware image was successful, enable discovery and participation in the firmware framework for the new node.
Claims 1-20 are provisionally rejected on the ground of nonstatutory double patenting as being unpatentable over certain claims of copending applications 18/602355, 18/602367, 18/602384, 18/611765, 18/618880, and 18/619291 (hereinafter “the copending applications”) in view of USPGPUB 2024/0160431, hereinafter “Kumar.” This is a provisional nonstatutory double patenting rejection because the patentably indistinct claims have not in fact been patented. Any claims of the instant and the copending applications not specifically mentioned in the table below are rejected on the same grounds as their parent claim(s).
18/619320 (this)
18/602355
1. An Information Handling System (IHS), comprising:
a controller, wherein the controller comprises firmware that, upon execution by a processing core, causes the processing core to instantiate an orchestrator; and
a plurality of devices coupled to the controller, wherein each device comprises firmware that, upon execution by a corresponding processing core, causes the corresponding processing core to instantiate a node of a plurality of nodes of a firmware framework; and
wherein the orchestrator is configured to:
perform a firmware verification of a given node of the plurality of nodes, without any involvement by any Operating System (OS) of the IHS.
1. An Information Handling System (IHS), comprising:
a controller, wherein the controller comprises firmware that, upon execution by a processing core, causes the processing core to instantiate an orchestrator; and
a plurality of devices coupled to the controller, wherein each device comprises firmware that, upon execution by a corresponding processing core, causes the corresponding processing core to instantiate a node, and wherein the nodes are configured to communicate with the orchestrator within a firmware framework without any involvement by any Operating System (OS).
18/619320 (this)
18/602367
1. An Information Handling System (IHS), comprising:
a controller, wherein the controller comprises firmware that, upon execution by a processing core, causes the processing core to instantiate an orchestrator; and
a plurality of devices coupled to the controller, wherein each device comprises firmware that, upon execution by a corresponding processing core, causes the corresponding processing core to instantiate a node of a plurality of nodes of a firmware framework; and
wherein the orchestrator is configured to:
perform a firmware verification of a given node of the plurality of nodes, without any involvement by any Operating System (OS) of the IHS.
1. An Information Handling System (IHS), comprising:
a controller, wherein the controller comprises firmware that, upon execution by a processing core, causes the processing core to instantiate an orchestrator; and
a plurality of devices coupled to the controller, wherein each device comprises firmware that, upon execution by a corresponding processing core, causes the corresponding processing core to instantiate a node, and wherein each node is configured to communicate, to the orchestrator, one or more exposed capabilities and one or more exposed interfaces usable to access the one or more exposed capabilities without any involvement by any Operating System (OS) of the IHS.
18/619320 (this)
18/602384
1. An Information Handling System (IHS), comprising:
a controller, wherein the controller comprises firmware that, upon execution by a processing core, causes the processing core to instantiate an orchestrator; and
a plurality of devices coupled to the controller, wherein each device comprises firmware that, upon execution by a corresponding processing core, causes the corresponding processing core to instantiate a node of a plurality of nodes of a firmware framework; and
wherein the orchestrator is configured to:
perform a firmware verification of a given node of the plurality of nodes, without any involvement by any Operating System (OS) of the IHS.
1. An Information Handling System (IHS), comprising:
a controller, wherein the controller comprises firmware that, upon execution by a processing core, causes the processing core to instantiate an orchestrator; and
a plurality of devices coupled to the controller, wherein each device comprises firmware that, upon execution by a corresponding processing core, causes the corresponding processing core to instantiate a node as part of a firmware framework, and wherein at least a given node is configured to communicate, following a policy and based on contextual information, telemetry data to the orchestrator without any involvement by any Operating System (OS) of the IHS.
18/619320 (this)
18/611765
1. An Information Handling System (IHS), comprising:
a controller, wherein the controller comprises firmware that, upon execution by a processing core, causes the processing core to instantiate an orchestrator; and
a plurality of devices coupled to the controller, wherein each device comprises firmware that, upon execution by a corresponding processing core, causes the corresponding processing core to instantiate a node of a plurality of nodes of a firmware framework; and
wherein the orchestrator is configured to:
perform a firmware verification of a given node of the plurality of nodes, without any involvement by any Operating System (OS) of the IHS.
1. An Information Handling System (IHS), comprising:
a heterogeneous computing platform in communication with an Operating System (OS) of the IHS, the heterogeneous computing platform comprising:
a controller, wherein the controller comprises controller firmware that, upon execution by a controller processing core, causes the controller processing core to instantiate an orchestrator; and
a plurality of devices coupled to and controlled by the controller, wherein each device comprises device firmware that, upon execution by a corresponding device processing core, causes the corresponding device processing core to instantiate a node of the heterogeneous computing platform, a memory coupled to the controller processing core, the memory having program instructions stored thereon that, upon execution by the processor, cause the controller processing core to: identify a plurality of communication links between the nodes, wherein the communication links cause at least one of the nodes to have multiple paths to the orchestrator;
determine a best path to the controller for the at least one node;
after the best path has been selected, determine that either at least one application has been exited or another application has been launched;
select another best path for the at least one node; and communicate with the at least one node using the other best path.
18/619320 (this)
18/618880
1. An Information Handling System (IHS), comprising:
a controller, wherein the controller comprises firmware that, upon execution by a processing core, causes the processing core to instantiate an orchestrator; and
a plurality of devices coupled to the controller, wherein each device comprises firmware that, upon execution by a corresponding processing core, causes the corresponding processing core to instantiate a node of a plurality of nodes of a firmware framework; and
wherein the orchestrator is configured to:
perform a firmware verification of a given node of the plurality of nodes, without any involvement by any Operating System (OS) of the IHS.
1. An Information Handling System (IHS), comprising:
a controller, wherein the controller comprises firmware that, upon execution by a processing core, causes the processing core to instantiate an orchestrator; and
a plurality of devices coupled to the controller, wherein each device comprises firmware that, upon execution by a corresponding processing core, causes the corresponding processing core to instantiate a node as part of a firmware framework, and
wherein the orchestrator is configured to service a first node in communication with a second node without any involvement by any Operating System (OS) of the IHS.
18/619320 (this)
18619291
1. An Information Handling System (IHS), comprising:
a controller, wherein the controller comprises firmware that, upon execution by a processing core, causes the processing core to instantiate an orchestrator; and
a plurality of devices coupled to the controller, wherein each device comprises firmware that, upon execution by a corresponding processing core, causes the corresponding processing core to instantiate a node of a plurality of nodes of a firmware framework; and
wherein the orchestrator is configured to:
perform a firmware verification of a given node of the plurality of nodes, without any involvement by any Operating System (OS) of the IHS.
1. (Currently Amended) An Information Handling System (IHS), comprising:
a controller, wherein the controller comprises firmware that, upon execution by a processor core, causes the processor core to instantiate an orchestrator; and
a plurality of devices coupled to the controller, wherein each device comprises firmware that, upon execution by a respective processor core, causes the respective processor core to instantiate a node of a plurality of nodes, wherein the orchestrator is configured to provide, via a firmware framework, a license distribution and management service configured to obtain licenses that comprise license files from a backend server and distribute the license files to one or more node agents configured to run in the plurality of nodes within the firmware framework, without any involvement by any Operating System (OS) of the IHS, wherein a given node agent in a given node is configured to collect a license file from the license distribution and management service and execute firmware license services in a context of the given node to verify integrity of the license file based at least in part on a signature, store a feature capability key to be unlocked upon verification of the integrity, and upon verification release a configuration command to load and enumerate a capability licensed for use.
The copending applications do not claim firmware verification, although they may in future amendments. Regardless, as set forth above in the prior art rejections, analogous prior art Kumar discloses firmware verification at paras. 46-53. Moreover, the combination of firmware verification and the patented claims would have obvious utility (e.g., avoiding communication with systems with compromised firmware). The claims of the instant and the copending applications not specifically mentioned in the table below are rejected on the same grounds as their parent claim(s). Accordingly, the instant claims and the claims of the copending applications are patentably indistinct.
Claims 1-20 are further rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Pat. No. 12,489,641, hereinafter “the ‘641 patent,” in view of USPGPUB 2024/0160431, hereinafter “Kumar.”
18/619320 (this)
U.S. Pat. No. 12,489,641
1. An Information Handling System (IHS), comprising:
a controller, wherein the controller comprises firmware that, upon execution by a processing core, causes the processing core to instantiate an orchestrator; and
a plurality of devices coupled to the controller, wherein each device comprises firmware that, upon execution by a corresponding processing core, causes the corresponding processing core to instantiate a node of a plurality of nodes of a firmware framework; and
wherein the orchestrator is configured to:
perform a firmware verification of a given node of the plurality of nodes, without any involvement by any Operating System (OS) of the IHS.
1. An Information Handling System (IHS), comprising:
a controller, wherein the controller comprises firmware that, upon execution by a processing core, causes the processing core to instantiate an orchestrator; and
a plurality of devices coupled to the controller, wherein each device comprises firmware that, upon execution by a corresponding processing core, causes the corresponding processing core to instantiate a node of a plurality of nodes of a firmware framework; and
wherein the orchestrator is configured to:
store certificates in a local storage of the controller; and
distribute one or more other certificates to one or more of the plurality of nodes within the firmware framework, without any involvement by any Operating System (OS) of the IHS.
The ‘641 patent does not claim (though it does disclose, at col. 26 ln. 23-33 and col. 28 ln. 23-33) firmware verification. However, as set forth above in the prior art rejections, analogous prior art Kumar discloses firmware verification at paras. 46-53. Moreover, the combination of firmware verification and the claims of the ‘641 patent would have obvious utility (e.g., avoiding communication with systems with compromised firmware). The claims of the instant application and conflicting patent not specifically mentioned in the table below are rejected on the same grounds as their parent claim(s). Accordingly, the conflicting pending claims are patentably indistinct from the conflicting patented claims.
Requirement for Information under 35 C.F.R. § 1.105
Information which may be required under 37 CFR 1.105 is that information reasonably necessary to properly examine or treat a matter in a pending or abandoned application filed under 35 U.S.C. 111 (including a reissue application), in a pending or abandoned application that has entered the national stage under 35 U.S.C. 371, in a patent, or in a reexamination proceeding. There must be a reasonable basis for the information required that would aid in the examination of an application or treatment of some matter. A requirement for information under 37 CFR 1.105 places a substantial burden on the applicant that is to be minimized by clearly focusing the reason for the requirement and the scope of the expected response. Thus, the scope of the requirement should be narrowly defined, and a requirement under 37 CFR 1.105 may only be made when the examiner has a reasonable basis for requiring information. MPEP 704.11.
Ten (10) conflicting copending and commonly assigned applications and one (1) conflicting commonly assigned patent have been cited in this Office Action. The examiner is unable to determine wither other conflicting commonly assigned patents or copending applications exist and, therefore, the examiner is unable to determine whether other Double Patenting issues may affect this application. Accordingly, the examiner requires identification of all pending, issued, or abandoned applications filed by at least one of the inventors, or assigned to the same assignee as the current application, disclosing subject matter similar to the current application. See MPEP 701.11(a)(G).
A requirement for information may be combined with a first action on the merits that includes at least one rejection. MPEP 704.11(b)(II). Replies to requirements for information must be complete and filed within the time period set in the first action on the merits, including any extensions. MPEP 704.13. Failure to reply within the time period set will result in the abandonment of the application. MPEP 704.12. Please see MPEP 704.12(a)-(b) for additional information.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to RYAN D. COYER whose telephone number is (571) 270-5306 and whose fax number is (571) 270-6306. The examiner normally can be reached via phone on Monday-Friday 12pm-10pm Eastern Time. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Wei Mui, can be reached on 571-272-3708. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/Ryan D. Coyer/Primary Examiner, Art Unit 2191