COMPILER PLUGIN FOR ENFORCING SAFETY AGREEMENTS

§101 §103

Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . DETAILED ACTION This action is in response to the application filed on 04/23/2024. Claims 1-20 are pending. Examiner’s Note Please note that Examiner cites particular columns and line numbers in the references as applied to the claims below for the convenience of the applicant. Although the specified citations are representative of the teachings in the art and are applied to the specific limitations within the individual claim, other passages and figures may apply as well. It is respectfully requested that, in preparing responses, the applicant fully consider the references in entirely as potentially teaching all or part of the claimed invention, as well as the context of the passage as taught by the prior art or disclosed by the examiner. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. Claim 1, this claim is within at least one of the four categories of patent eligible subject matter as it is directing to a method claim under Step 1. 1. A method comprising: receiving at a compiler, code comprising a plurality of functions; during compilation of the code, determining whether each of the plurality of functions originates from a vendor; for each function originating from the vendor, determining, by a processing device, if the function is listed in a profile comprising a list of safety agreement compliant functions; and identifying as compliant with the safety agreement, each function originating from the vendor that is listed in the profile. Regarding claim 1, the limitations “determining whether each of the plurality of functions originates from a vendor; for each function originating from the vendor, determining” and “if the function is listed in a profile comprising a list of safety agreement compliant functions; and identifying as compliant with the safety agreement, each function originating from the vendor that is listed in the profile” as drafted, are functions that, under its broadest reasonable interpretation, recite the abstract idea of a mental process. For example, a person is capable of determining whether the function is a vendor function using pen and paper and decide if it is originated from the vendor by some authenticity technique. In the same manner, a person is capable of identifying if the function is compliant with aid of pen and paper by mapping with the given vendor requirements/specification to determine its authenticity. Therefore, these limitations encompass a human mind carrying out the function through observation, evaluation judgment and/or opinion, or even with the aid of pen and paper. Thus, these limitations recite and falls within the “Mental Processes” grouping of abstract ideas under Step 2A, Prong 1. Under Step 2A, Prong 2, the additional elements “during compilation of the code” and “by a processing device” are recited at a high-level of generality such that it amounts no more than mere instructions for executing / running code which merely using generic computing equipment or tool to execute / apply the abstract idea. See MPEP 2106.05(f). For the additional elements “receiving at a compiler, code comprising a plurality of functions” do nothing more than to add insignificant extra solution activity to the judicial exception of merely storing / gathering data. See MPEP § 2106.05(g). Under Step 2B, the claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional elements of “during compilation of the code” and “by a processing device” amount to no more than mere instructions, or generic computer and/or computer components to carry out the exception, thus, cannot amount to an inventive concept. For the additional elements “receiving at a compiler, code comprising a plurality of functions” the courts have identified functions such as gathering and storing data as well-understood, routine, conventional activity (Berkheimer v. HP, Inc., 881 F.3d 1360, 1368, 125 USPQ2d 1649, 1654 (Fed. Cir. 2018)), thus do not amount to significantly more than the judicial exception. See MPEP 2106.05(d). Accordingly, the claims are not patent eligible under 35 USC 101. 2. The method of claim 1, further comprising: in response to determining that one or more of the functions originating from the vendor are not listed in the profile: terminating the compilation of the code; and providing an error message indicating the one or more functions originating from the vendor. The limitations for this claim further recite an additional insignificant extra solution activity under step 2A, Prong 2. 3. The method of claim 1, wherein determining whether each of the plurality of functions originates from the vendor comprises: identifying each of the plurality of functions from a syntax tree generated by the compiler during compilation of the code; and comparing each of the plurality of functions to a package database to determine if the function originates from a package provided by the vendor, wherein the package database comprises information regarding each package that is installed on an operating system on which the compiler executes. The limitations for this claim further recite an additional mental process under Step 2A, Prong 1. 4. The method of claim 1, wherein determining if a function originating from the vendor is listed in the profile comprises: looking up, from a profile database, application program interface (API) information for each safety agreement compliant function listed in the profile; and comparing API information for each function originating from the vendor to the API information for each safety agreement compliant function in the profile. The limitations for this claim further recite an additional mental process under Step 2A, Prong 1. 5. The method of claim 4, wherein the API information for each safety agreement compliant function in the profile comprises: a name of the safety agreement compliant function’s source file; a hash value resulting from processing the source file with a hash function; a specific line number in the source file where the safety agreement compliant function is declared; and a symbol of the safety agreement compliant function. The limitations for this claim further recite an additional mental process under Step 2A, Prong 1. 6. The method of claim 1, further comprising: receiving, by the compiler, a selection of the profile, where the profile is one of a plurality of profiles stored in a profile database. The limitations, by the compiler, amount to no more than mere instructions to apply the exception using generic computer and/or mere computer components to carry out the exception under Step 2A, Prong 2. For the limitations, receiving,…, a selection of the profile, where the profile is one of a plurality of profiles stored in a profile database, are an additional insignificant extra solution activity under step 2A, Prong 2. 7. The method of claim 1, wherein the compiler comprises a plugin, and wherein the plugin determines whether each of the plurality of functions originates from the vendor and determines if each function originating from the vendor is listed in the profile. The limitations for this claim further recite an additional mental process under Step 2A, Prong 1. Claim 8, this claim is within at least one of the four categories of patent eligible subject matter as it is directing to a system claim under Step 1. 8. A system comprising: a memory; and a processing device operatively coupled to the memory, the processing device to: receive at a compiler, code comprising a plurality of functions; during compilation of the code, determine whether each of the plurality of functions originates from a vendor; for each function originating from the vendor, determine if the function is listed in a profile comprising a list of safety agreement compliant functions; and identify as compliant with the safety agreement, each function originating from the vendor that is listed in the profile. Regarding claim 8, the limitations “determining whether each of the plurality of functions originates from a vendor; for each function originating from the vendor, determining” and “if the function is listed in a profile comprising a list of safety agreement compliant functions; and identifying as compliant with the safety agreement, each function originating from the vendor that is listed in the profile” as drafted, are functions that, under its broadest reasonable interpretation, recite the abstract idea of a mental process. For example, a person is capable of determining whether the function is a vendor function using pen and paper and decide if it is originated from the vendor by some authenticity technique. In the same manner, a person is capable of identifying if the function is compliant with aid of pen and paper by mapping with the given vendor requirements/specification to determine its authenticity. Therefore, these limitations encompass a human mind carrying out the function through observation, evaluation judgment and/or opinion, or even with the aid of pen and paper. Thus, these limitations recite and falls within the “Mental Processes” grouping of abstract ideas under Step 2A, Prong 1. Under Step 2A, Prong 2, the additional elements “A system comprising: a memory; and a processing device operatively coupled to the memory, the processing device to:” and “during compilation of the code” are recited at a high-level of generality such that it amounts no more than mere instructions for executing / running code which merely using generic computing equipment or tool to execute / apply the abstract idea. See MPEP 2106.05(f). For the additional elements “receive at a compiler, code comprising a plurality of functions” do nothing more than to add insignificant extra solution activity to the judicial exception of merely storing / gathering data. See MPEP § 2106.05(g). Under Step 2B, the claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional elements of “A system comprising: a memory; and a processing device operatively coupled to the memory, the processing device to:” and “during compilation of the code” amount to no more than mere instructions, or generic computer and/or computer components to carry out the exception, thus, cannot amount to an inventive concept. For the additional elements “receive at a compiler, code comprising a plurality of functions” the courts have identified functions such as gathering and storing data as well-understood, routine, conventional activity (Berkheimer v. HP, Inc., 881 F.3d 1360, 1368, 125 USPQ2d 1649, 1654 (Fed. Cir. 2018)), thus do not amount to significantly more than the judicial exception. See MPEP 2106.05(d). Accordingly, the claims are not patent eligible under 35 USC 101. 9. The system of claim 8, wherein the processing device is further to: in response to determining that one or more of the functions originating from the vendor are not listed in the profile: terminating the compilation of the code; and providing an error message indicating the one or more functions originating from the vendor. The limitations for this claim further recite an additional insignificant extra solution activity under step 2A, Prong 2. 10. The system of claim 8, wherein to determine whether each of the plurality of functions originates from the vendor, the processing device is to: identify each of the plurality of functions from a syntax tree generated by the compiler during compilation of the code; and compare each of the plurality of functions to a package database to determine if the function originates from a package provided by the vendor, wherein the package database comprises information regarding each package that is installed on an operating system on which the compiler executes. The limitations for this claim further recite an additional mental process under Step 2A, Prong 1. 11. The system of claim 8, wherein to determine if a function originating from the vendor is listed in the profile, the processing device is to: look up, from a profile database, application program interface (API) information for each safety agreement compliant function listed in the profile; and compare API information for each function originating from the vendor to the API information for each safety agreement compliant function in the profile. The limitations for this claim further recite an additional mental process under Step 2A, Prong 1. 12. The system of claim 11, wherein the API information for each safety agreement compliant function in the profile comprises: a name of the safety agreement compliant function’s source file; a hash value resulting from processing the source file with a hash function; a specific line number in the source file where the safety agreement compliant function is declared; and a symbol of the safety agreement compliant function. The limitations for this claim further recite an additional mental process under Step 2A, Prong 1. 13. The system of claim 8, wherein the processing device is further to: receiving, by the compiler, a selection of the profile, where the profile is one of a plurality of profiles stored in a profile database. The limitations, by the compiler, amount to no more than mere instructions to apply the exception using generic computer and/or mere computer components to carry out the exception under Step 2A, Prong 2. For the limitations, receiving,…, a selection of the profile, where the profile is one of a plurality of profiles stored in a profile database, are an additional insignificant extra solution activity under step 2A, Prong 2. 14. The system of claim 8, wherein the compiler comprises a plugin, and wherein the plugin determines whether each of the plurality of functions originates from the vendor and determines if each function originating from the vendor is listed in the profile. The limitations for this claim further recite an additional mental process under Step 2A, Prong 1. Claim 15, this claim is within at least one of the four categories of patent eligible subject matter as it is directing to a computer-readable medium claim under Step 1. 15. A non-transitory computer-readable medium having instructions stored thereon which, when executed by a processing device, cause the processing device to: receive at a compiler, code comprising a plurality of functions; during compilation of the code, determine whether each of the plurality of functions originates from a vendor; for each function originating from the vendor, determine, by the processing device, if the function is listed in a profile comprising a list of safety agreement compliant functions; and identify as compliant with the safety agreement, each function originating from the vendor that is listed in the profile. Regarding claim 15, the limitations “determine whether each of the plurality of functions originates from a vendor; for each function originating from the vendor, determine” and “if the function is listed in a profile comprising a list of safety agreement compliant functions; and identify as compliant with the safety agreement, each function originating from the vendor that is listed in the profile” as drafted, are functions that, under its broadest reasonable interpretation, recite the abstract idea of a mental process. For example, a person is capable of determining whether the function is a vendor function using pen and paper and decide if it is originated from the vendor by some authenticity technique. In the same manner, a person is capable of identifying if the function is compliant with aid of pen and paper by mapping with the given vendor requirements/specification to determine its authenticity. Therefore, these limitations encompass a human mind carrying out the function through observation, evaluation judgment and/or opinion, or even with the aid of pen and paper. Thus, these limitations recite and falls within the “Mental Processes” grouping of abstract ideas under Step 2A, Prong 1. Under Step 2A, Prong 2, the additional elements “A non-transitory computer-readable medium having instructions stored thereon which, when executed by a processing device, cause the processing device to” and “during compilation of the code” “by the processing device” are recited at a high-level of generality such that it amounts no more than mere instructions for executing / running code which merely using generic computing equipment or tool to execute / apply the abstract idea. See MPEP 2106.05(f). For the additional elements “receive at a compiler, code comprising a plurality of functions” do nothing more than to add insignificant extra solution activity to the judicial exception of merely storing / gathering data. See MPEP § 2106.05(g). Under Step 2B, the claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional elements of “A non-transitory computer-readable medium having instructions stored thereon which, when executed by a processing device, cause the processing device to” and “during compilation of the code” “by the processing device” amount to no more than mere instructions, or generic computer and/or computer components to carry out the exception, thus, cannot amount to an inventive concept. For the additional elements “receive at a compiler, code comprising a plurality of functions” the courts have identified functions such as gathering and storing data as well-understood, routine, conventional activity (Berkheimer v. HP, Inc., 881 F.3d 1360, 1368, 125 USPQ2d 1649, 1654 (Fed. Cir. 2018)), thus do not amount to significantly more than the judicial exception. See MPEP 2106.05(d). Accordingly, the claims are not patent eligible under 35 USC 101. 16. The non-transitory computer-readable medium of claim 15, wherein the processing device is further to: in response to determining that one or more of the functions originating from the vendor are not listed in the profile: terminating the compilation of the code; and providing an error message indicating the one or more functions originating from the vendor. The limitations for this claim further recite an additional insignificant extra solution activity under step 2A, Prong 2. 17. The non-transitory computer-readable medium of claim 15, wherein to determine whether each of the plurality of functions originates from the vendor, the processing device is to: identify each of the plurality of functions from a syntax tree generated by the compiler during compilation of the code; and compare each of the plurality of functions to a package database to determine if the function originates from a package provided by the vendor, wherein the package database comprises information regarding each package that is installed on an operating system on which the compiler executes. The limitations for this claim further recite an additional mental process under Step 2A, Prong 1. 18. The non-transitory computer-readable medium of claim 15, wherein to determine if a function originating from the vendor is listed in the profile, the processing device is to: look up, from a profile database, application program interface (API) information for each safety agreement compliant function listed in the profile; and compare API information for each function originating from the vendor to the API information for each safety agreement compliant function in the profile. The limitations for this claim further recite an additional mental process under Step 2A, Prong 1. 19. The non-transitory computer-readable medium of claim 18, wherein the API information for each safety agreement compliant function in the profile comprises: a name of the safety agreement compliant function’s source file; a hash value resulting from processing the source file with a hash function; a specific line number in the source file where the safety agreement compliant function is declared; and a symbol of the safety agreement compliant function. The limitations for this claim further recite an additional mental process under Step 2A, Prong 1. 20. The non-transitory computer-readable medium of claim 15, wherein the processing device is further to: receiving, by the compiler, a selection of the profile, where the profile is one of a plurality of profiles stored in a profile database. The limitations, by the compiler, amount to no more than mere instructions to apply the exception using generic computer and/or mere computer components to carry out the exception under Step 2A, Prong 2. For the limitations, receiving,…, a selection of the profile, where the profile is one of a plurality of profiles stored in a profile database, are an additional insignificant extra solution activity under step 2A, Prong 2. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 1, 2, 4, 6, 8, 9, 11, 13, 15, 16, 18 and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over USPN 20250013441 to Schneider et al. in view of USPN 20040010571 to Hutchinson et al. Per claim 1: Schneider discloses: 1. A method comprising: receiving at a compiler, code comprising a plurality of functions (note that the program code includes functions, see Paragraph [0061] “program code 130A is provided to the compiler 122”); during compilation of the code (Paragraph [0054] “during compilation”), determining whether each of the plurality of functions originates from a vendor (Paragraph [0055,0054] “modeling language diagram 140 includes a plurality of node states 142 that are indicative of the plurality of functions 132 in the program code 130… function signatures (i.e., for each vendor/user/profile) in the modeling language diagram can undergo evaluation by a policy engine”); for each function originating from the vendor (note that the function belongs to vendor/user 190, see Paragraph [0053, 0055] “the user 190… policy engine 150 identifies one or more policies 160 to attribute to at least one function signature 144A associated with the node state transition 143”), determining, by a processing device, if the function is listed in a profile comprising a list of safety agreement compliant functions (note that the nodes are considered as vendor/user/profile, see Paragraph [0027, 0056] “the policy engine can determine that the particular portion of the program code associated with the Node State (A) complies with the policies (e.g., meets the security requirements)… the policy compliance unit 154 can access compliance data, at block 212, and map (i.e., to determine if function is listed) the compliance data to existing security controls 164B, at block 218”). Schneider does not explicitly disclose identifying as compliant with the safety agreement, each function originating from the vendor that is listed in the profile. However, Hutchinson discloses in an analogous computer system identifying as compliant with the safety agreement (Paragraph [0041] “user identifier information to be transmitted to a Framework Server 102 for verification… Framework Server 102 can perform a lookup operation or other query of the memory to determine whether the received user identifier is a valid user identifier”), each function originating from the vendor that is listed in the profile (Paragraph [0025] “Based on a verification and/or authentication of a user, and further based on the user's account (e.g., user profile, privileges, etc.), a Framework Server 102 can provide one or more interfaces through which the user can, for example, create, search, view, and edit policies, configuration standards, asset profiles, vulnerability profiles, and risk assessment questionnaires for an associated Enterprise 106”). Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention was made to incorporate the method of identifying as compliant with the safety agreement, each function originating from the vendor that is listed in the profile as taught by Hutchinson into the method of automated verify policy compliance as taught by Schneider. The modification would be obvious because of one of ordinary skill in the art would be motivated to add/incorporate the features of identifying as compliant with the safety agreement, each function originating from the vendor that is listed in the profile to provide an efficient technique for verifying the user/vendor and avoiding any security breach or compromising the system as suggested by Hutchinson (paragraph [0004]). Per claim 2: The rejection of claim 1 is incorporated and further, Schneider does not explicitly disclose in response to determining that one or more of the functions originating from the vendor are not listed in the profile: terminating the compilation of the code; and providing an error message indicating the one or more functions originating from the vendor. However, Hutchinson discloses in an analogous computer system in response to determining that one or more of the functions originating from the vendor are not listed in the profile (note that user or vendor are being identified as non-conformance, see Paragraph [0036] “the users (i.e., vendor) of the group of computing devices… detecting a non-conformance event at the managed computing device with respect to at least one organizational policy. In response to the detection of the non-conformance event”): terminating the compilation of the code (Paragraph [0036] “operation (i.e., compilation) of the managed computing device may be restricted with respect to features or data”); and providing an error message indicating the one or more functions originating from the vendor (Paragraph [0057] “managed device 115 may itself generate a message, which can be displayed or broadcast to the user of the device 115. The message may inform the user of the non-conformance event and a description of the event”). The feature of providing in response to determining that one or more of the functions originating from the vendor are not listed in the profile: terminating the compilation of the code; and providing an error message indicating the one or more functions originating from the vendor would be obvious for the reasons set forth in the rejection of claim 1. Per claim 4: The rejection of claim 1 is incorporated and further, Schneider does not explicitly disclose system looking up, from a profile database, application program interface (API) information for each safety agreement compliant function listed in the profile; and comparing API information for each function originating from the vendor to the API information for each safety agreement compliant function in the profile. However, Hutchinson discloses in an analogous computer system looking up, from a profile database, application program interface (API) information for each safety agreement compliant function listed in the profile (Paragraph [0041] “a Framework Server 102 can perform a lookup operation or other query of the memory to determine whether the received user identifier is a valid user identifier… a Framework Server 102 can provide one or more interfaces through which the user can, for example, create, search, view, and edit policies, configuration standards, asset profiles, vulnerability profiles, and risk assessment questionnaires for an associated Enterprise 106”); and comparing API information for each function originating from the vendor to the API information for each safety agreement compliant function in the profile (Paragraph [0043] “a configuration standard can include a minimum baseline procedure associated with an operational characteristic of an asset component, an asset, a group of assets, a functional unit 110, or an Enterprise 106… a list of one or more assets and/or asset components associated with the configuration standard 408, a name of a responsibility group assigned to the configuration standard 410”). The feature of providing looking up, from a profile database, application program interface (API) information for each safety agreement compliant function listed in the profile; and comparing API information for each function originating from the vendor to the API information for each safety agreement compliant function in the profile would be obvious for the reasons set forth in the rejection of claim 1. Per claim 6: Schneider discloses: 6. The method of claim 1, further comprising: receiving, by the compiler, a selection of the profile (Paragraph [0061] “program code 130A is provided to the compiler 122”), where the profile is one of a plurality of profiles stored in a profile database (Paragraph [0023] “a user database associated with the particular application”). Claims 8, 9, 11 and 13 is/are the apparatus/system claim corresponding to method claims 1, 2, 4 and 6 respectively, and rejected under the same rational set forth in connection with the rejection of claims 1, 2, 4 and 6 respectively, as noted above. Claims 15, 16, 18 and 20 is/are the medium/product claim corresponding to method claims 1, 2, 4 and 6 respectively, and rejected under the same rational set forth in connection with the rejection of claims 1, 2, 4 and 6 respectively, as noted above. Claim(s) 3, 7, 10, 14 and 17 is/are rejected under 35 U.S.C. 103 as being unpatentable over USPN 20250013441 to Schneider et al. in view of USPN 20040010571 to Hutchinson et al. and further in view of USPN 20150020056 to Wu. Per claim 3: The rejection of claim 1 is incorporated and further, neither Schneider does not explicitly disclose comparing each of the plurality of functions to a package database to determine if the function originates from a package provided by the vendor, wherein the package database comprises information regarding each package that is installed on an operating system on which the compiler executes. However, Hutchinson discloses in an analogous computer system comparing each of the plurality of functions to a package database to determine if the function originates from a package provided by the vendor (note here that the information server 102 accesses memory which includes corresponding information with profile, see Paragraph [0039] “Framework Server 102 can include, or otherwise can access a memory… memory thus can include associated user account records, policies, configuration standards, asset profiles, vulnerability profiles, and risk assessment questionnaires, although other and/or less information can be stored and/or associated… Enterprise 106 can communicate with a Framework Server 102 via a GUI 200 and/or the internet, where information regarding the Enterprise's assets 104 can be associated with asset profiles 170, and Enterprise users 160 can be associated with user accounts 162”), wherein the package database comprises information regarding each package that is installed on an operating system on which the compiler executes (Paragraph [0041] “ Framework Server 102 can perform a lookup operation or other query of the memory to determine whether the received user identifier is a valid user identifier, and if so, retrieve the user account record associated with the user. Based on a verification and/or authentication of a user”). Neither Schneider nor Hutchinson explicitly disclose identifying each of the plurality of functions from a syntax tree generated by the compiler during compilation of the code. However, Wu discloses in an analogous computer system identifying each of the plurality of functions from a syntax tree generated by the compiler during compilation of the code (Paragraph [0036] “generate a first AST and determine a position to place a plugin code based on the first AST… Each node on an AST represents a logic structure of the source code”). Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention was made to incorporate the method of identifying each of the plurality of functions from a syntax tree generated by the compiler during compilation of the code as taught by Wu into the method of automatically verify policy compliance with profile as taught by the combination system of Schneider and Hutchinson. The modification would be obvious because of one of ordinary skill in the art would be motivated to add/incorporate the features of identifying each of the plurality of functions from a syntax tree generated by the compiler during compilation of the code to provide an efficient technique for verifying the functions and avoiding any bugs or memory leaks for better performance of the system as suggested by Wu (paragraph [0003-0005]). Per claim 7: The rejection of claim 1 is incorporated and further, neither Schneider does not explicitly whether each of the plurality of functions originates from the vendor and determines if each function originating from the vendor is listed in the profile. However, Hutchinson discloses in an analogous computer system whether each of the plurality of functions originates from the vendor and determines if each function originating from the vendor is listed in the profile (note that user or vendor are being identified as non-conformance, see Paragraph [0036] “the users (i.e., vendor) of the group of computing devices… detecting a non-conformance event at the managed computing device with respect to at least one organizational policy. In response to the detection of the non-conformance event”). The feature of providing whether each of the plurality of functions originates from the vendor and determines if each function originating from the vendor is listed in the profile would be obvious for the reasons set forth in the rejection of claim 1. Neither Schneider nor Hutchinson explicitly disclose wherein the compiler comprises a plugin, and wherein the plugin determines. However, Wu discloses in an analogous computer system wherein the compiler comprises a plugin, and wherein the plugin determines (Paragraph [0049] “compiler interface to compile the source code in the source file into executable files… code blocks in the source file and the functions of the plugin code”). The feature of providing wherein the compiler comprises a plugin, and wherein the plugin determines would be obvious for the reasons set forth in the rejection of claim 3. Claims 10 and 14 is/are the apparatus/system claim corresponding to method claims 3 and 7 respectively, and rejected under the same rational set forth in connection with the rejection of claims 3 and 7 respectively, as noted above. Claims 17 is/are the medium/product claim corresponding to method claims 3 and rejected under the same rational set forth in connection with the rejection of claims 3 as noted above. Allowable Subject Matter Claims 5, 12 and 19 objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. Please note that if any of the claims are rejected under 101 and/or 112 above, applicants must overcome the rejections in order for these claims to be allowed. The cited prior art taken alone or in combination fail to teach, in the context of the claim limitations and in combination with the other claimed limitations “…a name of the safety agreement compliant function’s source file; a hash value resulting from processing the source file with a hash function; a specific line number in the source file where the safety agreement compliant function is declared; and a symbol of the safety agreement compliant function” as recited in claim 5 and in the same manner in claims 12 and 19. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Related cited arts: Borders, Kevin, et al. "thaNks tO Our summarIzers." (2008). pp. 75-99. Muhammad, Jan. Exploring the automatic identification and resolution of software vulnerabilities in grid-based environments. Diss. University of Glasgow, 2013. pp. 1-193. Watson, Robert NM. New approaches to operating system security extensibility. No. UCAM-CL-TR-818. University of Cambridge, Computer Laboratory, 2012. pp. 1-184. US 8700533 B2 - The disclosed technology can mitigate the risk of infringing a content owner's rights in legally-protectable content by operating as a trusted, third-party license authority between content owners and content users to ensure that a license governing at least some aspects of the protectable content is authentic and thus validly represents the restrictions imposed by content owners pertaining to the use, distribution, modification, combination, interaction, and/or other manipulation of such content. An identifier representative of the protectable content together with a profile of the license (which may include attributes that specify particular restrictions, uses, and interactions pertaining to the protectable content) can serve as a basis for determining the authenticity of the license associated with the protectable content. The protectable content can correspond to one or more multimedia presentations, video segments, audio segments, textual representations, works of art, visual representations, technological know-how, business know-how, contract rights, and/or software elements. US 8347280 B2 - A slot management system including a download and configuration server-based sub-system and method is disclosed for use with game devices, systems, and methods is provided to enable users to monitor, control, and modify different game devices and other related activities. The slot management system includes a validator that validates assignments to modify game devices. US 20130019231 A1 - A compiler module for providing instruction signature support to a compiler includes a language construct identifier and a placeholder insertion component. The language construct identifier is configured to identify an instruction signature-relevant language construct in a high level language source code supplied to the compiler. The placeholder insertion component is configured to interact with the compiler for inserting at least one instruction signature-related placeholder based on the instruction signature-related language construct into a compiled code processed by the compiler on the basis of the high level language source code. Any inquiry concerning this communication or earlier communications from the examiner should be directed to Satish Rampuria whose telephone number is 571-272-3732. The examiner can normally be reached on Monday-Friday from 8:30 AM to 5:00 PM. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Chat Do, can be reached at telephone number 571-272-3721. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) Form at https://www.uspto.gov/patents/uspto-automated- interview-request-air-form. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /Satish Rampuria/Primary Examiner, Art Unit 2193 *****