Prosecution Insights
Last updated: July 17, 2026
Application No. 18/665,124

METHOD FOR SECURE INSTALLATION OF A SOFTWARE UPDATE

Final Rejection §102§103
Filed
May 15, 2024
Priority
May 30, 2023 — FR 2305373
Examiner
KIM, TAE K
Art Unit
2496
Tech Center
2400 — Computer Networks
Assignee
STMicroelectronics N.V.
OA Round
2 (Final)
74%
Grant Probability
Favorable
3-4
OA Rounds
1y 4m
Est. Remaining
80%
With Interview

Examiner Intelligence

Grants 74% — above average
74%
Career Allowance Rate
491 granted / 661 resolved
+16.3% vs TC avg
Moderate +5% lift
Without
With
+5.3%
Interview Lift
resolved cases with interview
Typical timeline
3y 6m
Avg Prosecution
16 currently pending
Career history
690
Total Applications
across all art units

Statute-Specific Performance

§101
1.2%
-38.8% vs TC avg
§103
72.7%
+32.7% vs TC avg
§102
19.1%
-20.9% vs TC avg
§112
4.1%
-35.9% vs TC avg
Black line = Tech Center average estimate • Based on career data from 661 resolved cases

Office Action

§102 §103
DETAILED ACTION This Action is in consideration of the Applicant’s response on March 30, 2026. No amendments are made by the Applicant. Claims 1 – 3, 12 – 16, and 18 – 21, where Claims 1 and 16 are in independent form, are presented for examination. Claims 4 – 11, 17, and 22 are withdrawn as being a non-elected species. Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Arguments Applicant’s arguments filed March 30, 2026 have been fully considered but they are not persuasive. Applicant argued: a) Regarding Claim 1, Mantyla does not disclose or suggest of “receiving, by an electronic device, data comprising an application update module for an application program.” b) Regarding Claim 1, Mantyla does not disclose or suggest of “the application update module comprising a first part, the first part comprising first update information and an indication value.” c) Regarding Claim 1, Mantyla does not disclose or suggest of “the first update information indicating a set of resources used when executing an updated application program.” d) Regarding Claim 1, Mantyla does not disclose or suggest of “comparing…the first update information with reference information associated with the indication value…wherein the reference information…indicates a set of authorized resources.” e) Regarding Claim 1, Mantyla does not disclose or suggest of “installing…a second part of the application update module when the first update information corresponds to the reference information.” The Office respectfully disagrees with Applicant’s assertions. 1. With regards to a), the Office reminds the Applicant that the pending claims must be "given the broadest reasonable interpretation consistent with the specification" [In re Prater, 162 USPQ 541 (CCPA 1969)] and "consistent with the interpretation that those skilled in the art would reach" [In re Cortright, 49 USPQ2d 1464 (Fed. Cir. 1999)]. There is nothing within the claims that distinguish an application update module from a package as argued by the Applicant [See Remarks, Pg. 8, 1st Para.]. The package of Mantyla is consistent with an application update module as claimed. 2. With regards to b), the Applicant argues that there is no dividing of an update module having a first part and a second part [See Remarks, Pg. 8, 5th Para.]. However, nothing within the claims indicates that both the first part and the second part of the application update module are received at the same time. As shown in Mantyla, allowed set of resources (second part) are returned to the installer to install on the device [Fig. 3]. 3. With regards to c), the Applicant merely argues a structured manner that is not claimed [See Remarks, Pg. 9, 1st Para.]. Applicant's arguments fail to comply with 37 CFR 1.111(b) because they amount to a general allegation that the claims define a patentable invention without specifically pointing out how the language of the claims patentably distinguishes them from the references. 4. With regards to d), the Office reminds the Applicant that the pending claims must be "given the broadest reasonable interpretation consistent with the specification" [In re Prater, 162 USPQ 541 (CCPA 1969)] and "consistent with the interpretation that those skilled in the art would reach" [In re Cortright, 49 USPQ2d 1464 (Fed. Cir. 1999)]. There is nothing within the claims that distinguish an indication value from one of the resource declarations as argued by the Applicant [See Remarks, Pg. 9, 3rd Para.]. The resource declarations comprise information regarding the resources needed for the application package of Mantyla. 5. With regards to e), as stated above, nothing within the claims indicates that both the first part and the second part of the application update module are received at the same time. As shown in Mantyla, allowed set of resources (second part) are returned to the installer to install on the device [Fig. 3]. Claim Rejections - 35 USC § 102 The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action. Claim(s) 1 – 3, 12, 14 – 16, 18, 19, and 21 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by WO 2011042892 (hereinafter “Mantyla”). 6. Regarding Claim 1, Mantyla discloses of a method [Abstract; Figs. 16 and 17], comprising: receiving, by an electronic device, data comprising an application update module for an application program [Fig. 2, 3, 16; Pg. 7, lines 17-18], the application update module comprising a first part, the first part comprising first update information and an indication value, the first update information indicating a set of resources used when executing an updated application program [Fig. 3; Pg. 10, lines 1-5; extracted resource declarations and software source from the application package]; comparing, by a processor of the electronic device, the first update information with reference information associated with the indication value and stored in a memory of the electronic device [Fig. 1, SSRRU or device policy], wherein the reference information associated with the indication value indicates a set of authorized resources for the indication value [Fig. 3, 16; Pg. 9, line 30 – Pg. 10, line 8; SSRRU policy (reference information) associated with the source determines which set of resources are allowed]; installing, by the processor, a second part of the application update module when the first update information corresponds to the reference information, thereby producing the updated application program [Figs. 3, 16; Pg. 10, lines 3-5]; and during the execution of the updated application program [Fig. 17] by the processor: sending a request for use of a given resource of the electronic device [Fig. 17; Pg. 17, lines 7-14]; and verifying, based on the indication value stored in association with the application program, whether the use of the given resource is authorized [Fig. 17; Pg. 17, lines 7-14]. 7. Regarding Claim 2, Mantyla discloses the limitations of Claim 1. Mantyla further discloses that the indication value is an identifier of the application program [Pg. 18, lines 10-13; AppID comprises SourceID]. 8. Regarding Claim 3, Mantyla discloses the limitations of Claim 1. Mantyla further discloses that the indication value is a value identifying a category of application programs [Pg. 18, lines 10-13; AppID comprises SourceID; programs from a particular source]. 9. Regarding Claim 12, Mantyla discloses the limitations of Claim 1. Mantyla further discloses that after the installation of the second part of the application update module, performing a recording phase in which the application update module is recorded, the recording phase [Fig. 3, 16; Pg. 9, line 30 – Pg. 10, line 8; package is installed] comprising: sending to the processor an indication of the set of resources to be used during execution of the updated application program [Fig. 3, 16; Pg. 9, line 30 – Pg. 10, line 8; extracting resource declaration]; comparing, by the processor, the set of resources to be used during execution of the updated application program with the set of resources indicated in the first update information [Fig. 3, 16; Pg. 9, line 30 – Pg. 10, line 8; SSRRU policy (reference information) associated with the source determines which set of resources are allowed]; and when the set of resources to be used during execution of the updated application program corresponds with the set of resources indicated in the first update information, storing the indication value in association with the application program [Fig. 3, 16; Pg. 9, line 30 – Pg. 10, line 8; resource possession list is updated for the package]. 10. Regarding Claim 14, Mantyla discloses the limitations of Claim 12. Mantyla further discloses that after installation of the application update module, and when the updated application program is active, deactivating resources not included in the authorized set of resources for the indication value [Fig. 3, 16; Pg. 9, line 30 – Pg. 10, line 8; SSRRU policy (reference information) associated with the source determines which set of resources are allowed]. 11. Regarding Claim 15, Mantyla discloses the limitations of Claim 12. Mantyla further discloses of storing the authorized set of resources, in association with the indication value, in a memory of a secure circuit in the electronic device [Fig. 3, 16; Pg. 9, line 30 – Pg. 10, line 8; resource possession list is updated for the package]. 12. Regarding Claim 16, Mantyla discloses an electronic device [Fig. 15], comprising: an interface configured to receive data comprising an application update module for an application program [Fig. 2, 3, 16; Pg. 7, lines 17-18; application update] stored in a memory, the application update module comprising a first part, the first part comprising first update information and an indication value, the first update information indicating a set of resources used when executing an updated application program [Fig. 3; Pg. 10, lines 1-5; extracted resource declarations and software source from the application package]; and a processor configured to compare the first update information with reference information stored in the memory in association with the indication value, the reference information associated with the indication value indicating a set of authorized resources for the indication value, the processor further configured to command installation of the application update module if the first update information corresponds to the reference information to thereby produce an updated application program [Fig. 3, 16; Pg. 9, line 30 – Pg. 10, line 8; SSRRU policy (reference information) associated with the source determines which set of resources are allowed]; wherein the processor is further configured to, during execution of the updated application program [Fig. 17], send a request for use of a given resource of the electronic device and verify whether the use of the given resource is authorized based on the indication value [Fig. 17; Pg. 17, lines 7-14]. 13. Regarding Claim 18, Mantyla discloses the limitations of Claim 16. Mantyla further discloses that the processor is further configured to, after the installation of a second part of the application update module, perform a recording phase in which the application update module is recorded, the recording phase [Fig. 3, 16; Pg. 9, line 30 – Pg. 10, line 8; package is installed] comprising: sending to the processor an indication of the set of resources to be used during execution of the updated application program [Fig. 3, 16; Pg. 9, line 30 – Pg. 10, line 8; extracting resource declaration]; comparing, by the processor, the set of resources to be used during execution of the updated application program with the set of resources indicated in the first update information [Fig. 3, 16; Pg. 9, line 30 – Pg. 10, line 8; SSRRU policy (reference information) associated with the source determines which set of resources are allowed]; and when the set of resources to be used during execution of the updated application program corresponds with the set of resources indicated in the first update information, storing the indication value in association with the application program [Fig. 3, 16; Pg. 9, line 30 – Pg. 10, line 8; resource possession list is updated for the package]. 14. Regarding Claim 19, Mantyla discloses the limitations of Claim 18. Mantyla further discloses that during the execution of the updated application program: send a request for use of a given resource of the electronic device [Fig. 17; Pg. 17, lines 7-14]; and verify, based on the indication value stored in association with the application program, whether the use of the given resource is authorized [Fig. 17; Pg. 17, lines 7-14]. 15. Regarding Claim 21, Mantyla discloses the limitations of Claim 16. Mantyla further discloses that the processor is configured to, after installation of the application update module, and when the updated application program is active, deactivate resources not included in the set of authorized resources for the indication value [Fig. 3, 16; Pg. 9, line 30 – Pg. 10, line 8; SSRRU policy (reference information) associated with the source determines which set of resources are allowed]. Claim Rejections - 35 USC § 103 The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action. Claim(s) 13 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Mantyla, in view of U.S. Patent 10,447,383 (hereinafter “Su”). 16. Regarding Claims 13 and 20, Mantyla discloses the limitations of Claims 12 and 18. Mantyla further discloses the use of hash signatures to authenticate the software module being executed and performing a security action if the signature does not match [Fig. 20; Pg. 19, lines 4-12]. Mantyla, however, does not specifically disclose that, if the first update information does not correspond to the reference information, deleting the application update module. Su discloses a system and method for updating software components in a system [Abstract]. Su further discloses that when the software update file is invalidated based on the signatures or hash values not matching, the system can delete the received firmware update (deleting the application update module) [Col. 17, lines 28-39]. It would have been obvious to one skilled in the art before the effective filing date of the current invention to incorporate the teachings of Su with Mantyla since both systems update software. The combination would enable the signature or hash value to be included in the first part of the update package to validate whether or not the software update file has been tampered or modified prior to installation. The motivation to do so is to prevent the installation of malicious files (obvious to one skilled in the art). Conclusion THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Contacts Any inquiry concerning this communication or earlier communications from the examiner should be directed to TAE K KIM whose telephone number is (571)270-1979. The examiner can normally be reached M-F 9:30-5:30. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jorge Ortiz-Criado can be reached at 5712727642. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /TAE K KIM/Primary Examiner, Art Unit 2496
Read full office action

Prosecution Timeline

May 15, 2024
Application Filed
Feb 18, 2026
Non-Final Rejection mailed — §102, §103
Mar 30, 2026
Response Filed
Jun 17, 2026
Final Rejection mailed — §102, §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12671720
Cyber-Security in Heterogeneous Networks
2y 11m to grant Granted Jun 30, 2026
Patent 12671721
Cyber-Security in Heterogeneous Networks
2y 11m to grant Granted Jun 30, 2026
Patent 12664272
SECURITY IN INTEGRATED CIRCUITS
2y 7m to grant Granted Jun 23, 2026
Patent 12650816
SYSTEMS AND METHODS FOR PROVIDING TOOLS FOR THE SECURE CREATION, TRANSMITTAL, REVIEW OF, AND RELATED OPERATIONS ON, HIGH VALUE ELECTRONIC FILES
3y 4m to grant Granted Jun 09, 2026
Patent 12641108
SYSTEMS AND METHODS FOR MITIGATING RISKS OF THIRD-PARTY COMPUTING SYSTEM FUNCTIONALITY INTEGRATION INTO A FIRST-PARTY COMPUTING SYSTEM
2y 9m to grant Granted May 26, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

3-4
Expected OA Rounds
74%
Grant Probability
80%
With Interview (+5.3%)
3y 6m (~1y 4m remaining)
Median Time to Grant
Moderate
PTA Risk
Based on 661 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month