DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-20 are examined.
Claims 1-20 are rejected.
Information Disclosure Statement
Out of the three IDS filed on June 6th, 2024, one has been received properly. If the Applicant wishes for the content in the other two IDS files to be reviewed, it must be submitted in a proper format.
Specification
The title of the invention is not descriptive. A new title is required that is clearly indicative of the invention to which the claims are directed.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claim 5-6, 15-17, 19-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Claim 5 recites “…. wherein the at least one processor is configured to: apply the OTA log to the encryption model to obtain a first encrypted OTA log included in the encrypted OTA log and to which a public key encryption algorithm has been applied…” It is unclear whether this recitation is to further limit the encryption claimed in claim 1 or whether this is a separate and an additional encryption. Furthermore, claim 5 recites “…to obtain a first encrypted OTA log included in the encrypted OTA log.” However, there is no mention of encrypting only a subset of the OTA log, so the scope of this claim language is unclear.
Claim 15 recites similar claim language and is rejected for similar reason as claim 5. The ambiguity lies in the scope of its claim language in relation to its parent claim 11.
Claim 6 and 16 recites “a hash encryption algorithm,” however, a hashing algorithm and an encryption algorithm are different cryptography techniques, and using the specified claim language makes it unclear what is being claimed.
Claim 6 recites “…apply the OTA log to the encryption model to obtain a second encrypted OTA log included in the encrypted OTA log,” however, as described above there is no explicit mention of encrypting only a subset of an OTA log, so the recitation of “...a second encrypted OTA log included in the encrypted OTA log…” is unclear in its scope. Furthermore, it is unclear whether “the OTA log” refers to the original OTA log in claim 1, encrypted OTA log from claim 1, or the (possibly) subset of OTA log that has been encrypted by public key algorithm from claim 5.
Claim 16 recites similar claim language as claim 6 and thus is rejected for similar reasons. The ambiguity lies in the scope of its claim language in relation to its parent claims 15, which in turn is dependent on claim 11.
Claim 17 is rejected because it is dependent on claim 16.
Claim 19 recites “…wherein the verifying of the access authority of the user includes obtaining an OTA log by performing decryption of the encrypted OTA log based on the access authority of the user based on the access authority of the user having been verified,” but the scope of this claim language is unclear since obtaining an OTA log is fundamentally a separate an independent process from verifying the access of authority of the user.
Claim 20 is rejected because it is dependent on claim 19.
Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.
Claim(s) 8-9 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Barr (“AWS CloudTrail Update – SSE-KMS Encryption & Log File Integrity Verification,” 2015) from henceforth referred to as Barr.
Per claim 8, Barr teaches
A management server comprising (page 2):
A memory configured to store computer-executable instructions (page 2);
At least one processor configured to access the memory and execute the instruction (page 2); and
A communication device configured to perform communication with an electronic device, wherein the at least one processor is configured to (page 2):
Verify integrity of an encrypted OTA log based on an electronic signature combined with the encrypted OTA log based on receiving the encrypted OTA log from the electronic device (page 3, digital signature is used as part of the validation and verification process);
Verify an access authority of a user who has entered a request for decryption of the encrypted OTA log based on receiving the request for decryption; and (page 2, decrypt permission is applied to the principal – IAM users, roles, groups, etc)
Store the encrypted OTA log based on the integrity of the encrypted OTA log having been verified (page 2, validation and verification is done on encrypted log files before they are stored in the S3 bucket).
Per claim 9, Barr teaches
The management server of claim 8, wherein the at least one processor is configured to obtain an OTA log by performing decryption of the encrypted OTA log based on the access authority of the user based on the access authority of the user having been verified (page 2, the decrypt permission is set to the principal and only those who have access will be able to obtain the OTA log)
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 10 is rejected under 35 U.S.C. 103 as being unpatentable over Barr in view of Yoo (US 20240362104 A1) from henceforth referred to as Yoo.
Per claim 10, Barr teaches
The management server of claim 9, wherein the at least one processor is configured to:
….provide [data] to the user in response to the request for decryption…. (page 2, information in the S3 bucket is released only if the user has appropriate level of security)
Barr fails to teach
Obtain status information of a target controller corresponding to the OTA log and a communication record between the target controller and the main controller which are included in the OTA log; and
Provide a cause of failure of OTA in the target controller…. Based on the status information of the target controller and the communication record.
However Yoo teaches
Obtain status information of a target controller corresponding to the OTA log and a communication record between the target controller and the main controller which are included in the OTA log; and ([0050] uses Redfish API to collect information such as operating system information, firmware information, etc)
Provide a cause of failure of OTA in the target controller…. Based on the status information of the target controller and the communication record. ([0049] the management server analyzes logs and patterns when an issue of the fault occurs in any device of the management target server…. [0067] the data of the analysis can be shown to the user terminal via Flask Response User Web page)
It is obvious to a person of ordinary skill in the art prior to the effective filing date of the claimed invention to modify Barr to incorporate the teachings of Yoo because Yoo demonstrates how a structured and unstructured log data can be used for failure analysis, which is important since this optimization can allow the servers to be managed smoothly and respond smoothly to events (Yoo, [0004]).
Claims 1-7, 11-20 are rejected under 35 U.S.C. 103 as being unpatentable over Sangameswaran et al (US 11782691 B2) from henceforth referred to as Sangameswaran in view of Barr (“AWS CloudTrail Update – SSE-KMS Encryption & Log File Integrity Verification,” 2015) from henceforth referred to as Barr.
Per claim 1, Sangameswaran teaches:
An electronic device comprising ([2] vehicle electronic control units):
a memory configured to store computer-executable instructions ([9] memory);
at least one processor configured to access the memory and execute the instruction ([10] processor); and
a communication device configured to perform communication with a management server ([25] obtaining over-the-air (OTA) updates that allow a customer to update vehicle software without visiting a dealer),
wherein the at least one processor is configured to:
allocate a first target area to a memory of a target controller at a start point in time when over-the-air (OTA) programming is performed in the target controller by a main controller ([30] initial manifest and the update state log is stored on the target device);
store an OTA log containing a communication record between the target controller and the main controller in the first target area ([30] initial manifest and the update state log is stored on the target device); and
…transmit an … OTA log to the management server based on failure of the OTA at an end point in time when the OTA performed in the target controller ends ([35] update log is sent to the GIVIS system)
Sangameswaran fails to teach
apply the OTA log to an encryption model
However, Barr teaches
apply the OTA log to an encryption model (page 1, first paragraph, supporting encryption of logs using SSE-KMS and log file integrity validation)
It is obvious to a person of ordinary skill in the art prior to the effective filing date of the claimed invention to modify Sangameswaran to incorporate the teachings of Barr because the AWS CloudTrail documentation demonstrates that encryption and integrity verification of log data are well-known practices in remote system logging.
Per claim 2, Sangameswaran in view of Barr teaches
The electronic device of claim 1, wherein the at least one processor is configured to:
allocate a second target area different from the first target area to a memory of the main controller at the start point in time when the OTA is performed; (Sangameswaran, [35] GIVIS system can be set to receive the post-update log. A person of ordinary skill in the art prior to the earliest priority date of the claimed invention would understand that, in order to receive and process the log, memory must be allocated to store the log data. Therefore, it would have been obvious to allocate memory for the log)
determine at least one of the first target area, or the second target area, or any combination thereof as an area for storing the OTA log, before performing communication between the target controller and the main controller; and (Sangameswaran [30] update state log is stored on the target device)
store the OTA log in the determined area (Sangameswaran [30] update state log is stored on the target device)
Per claim 3, Sangameswaran in view of Barr teaches
The electronic device of claim 1, wherein the at least one processor is configured to:
obtain status information including at least one of power information of a vehicle including the target controller, OTA task information, or control information of the target controller, or any combination thereof; and (Sangameswaran, [30] the process will receive a state log identifying the success or failure of various update installations)
store the status information and the OTA log in the first target area (Sangameswaran, FIG. 2B, the post update state log is sent. It would have been obvious to a person of ordinary skill in the art prior to the effective filing date of the claimed invention that the data is stored in the first target area prior to the transmission because data transmission requires the data to be held in memory or storage at the source location before being transmitted)
Per claim 4, Sangameswaran in view of Barr teaches
The electronic device of claim 1, wherein the at least one processor is configured to:
determine whether the OTA is successful, based on at least one of a log of download phase, a log of background transfer phase, a log of update phase, or a log of OTA end phase, or any combination thereof, which is included in the OTA log at the end point in time when the OTA ends; and (Sangameswaran, [35] post-update log that includes the success or failure of updates is sent)
delete the OTA log stored in the first target area based on the OTA being successful at the end point in time when the OTA ends (Sangameswaran, [36] teaches that “it is also possible, for the process to log or record the transmission of certain software version updates to a vehicle.” By stating that this is possible, the prior art implies that long-term retention on the target device is not the typical case, but rather an optional or situational practice. Therefore, a person of ordinary skill in the art prior to the effective priority date of the claimed invention would have understood that such logs are generally not kept long term on the target device).
Per claim 5, Sangameswaran in view of Barr teaches
The electronic device of claim 1, wherein the at least one processor is configured to:
apply the OTA log to the encryption model to obtain a first encrypted OTA log included in the encrypted OTA log and to which a public key encryption algorithm has been applied based on the OTA failing and the OTA log being stored; and (Barr, page 1, first paragraph, supporting encryption of logs using SSE-KMS and log file integrity validation)
transmit the first encrypted OTA log to the management server through the main controller (Sangameswaran, [35] update log is sent to the GIVIS system)
Per claim 6, Sangameswaran in view of Barr teaches
The electronic device of claim 5, wherein the at least one processor is configured to:
apply the OTA log to the encryption model to obtain a second encrypted OTA log included in the encrypted OTA log and to which a hash encryption algorithm has bee applied based on the OTA failing and the OTA log being stored; and (Barr, page 1, first paragraph, supporting encryption of logs using SSE-KMS and log file integrity validation)
transmit the second encrypted OTA log to the management server through the main controller (Sangameswaran, [35] update log is sent to the GIVIS system)
Per claim 7, Sangameswaran in view of Barr teaches
The electronic device of claim 6, wherein the at least one processor is configured to combine an electronic signature capable of verifying integrity with at least one of the first encrypted OTA log, or the second encrypted OTA log, or any combination thereof (Barr, page 1, first paragraph, supporting encryption of logs using SSE-KMS and log file integrity validation)
Per claim 11, Sangameswaran teaches:
allocating a first target area to a memory of a target controller at a start point in time when performing over-the-air (OTA) programming in the target controller by a main controller; ([30] initial manifest and the update state log is stored on the target device);
storing an OTA log containing a communication record between the target controller and the main controller in the first target area; and ([30] initial manifest and the update state log is stored on the target device);
… transmitting an …OTA log to the management server based on failure of the OTA at an end point in time when the OTA performed in the target controller ends ([35] update log is sent to the GIVIS system)
Sangameswaran fails to teach
applying the OTA log to an encryption model
However, Barr teaches
applying the OTA log to an encryption model (page 1, first paragraph, supporting encryption of logs using SSE-KMS and log file integrity validation)
It is obvious to a person of ordinary skill in the art prior to the effective priority date of the claimed invention to modify Sangameswaran to incorporate the teachings of Barr because the AWS CloudTrail documentation demonstrates that encryption and integrity verification of log data are well-known practices in remote system logging.
As for claims 12-17, these claims recite similar limitations found in claims 2-7 and thus are rejected on the same grounds as claims 2-7.
Per claim 18,
The control method of claim 11, further comprising:
verifying integrity of the encrypted OTA log based on an electronic signature combined with the encrypted OTA log based on receiving the encrypted OTA log from an electronic device (Barr, page 3, digital signature is used as part of the validation and verification process);
verifying an access authority of a user who has entered a request for decryption of the encrypted OTA log based on receiving the request for decryption; and (Barr, page 2, decrypt permission is applied to the principal – IAM users, roles, groups, etc)
storing the encrypted OTA log based on the integrity of the encrypted OTA log having been verified. (Barr, page 2, validation and verification is done on encrypted log files before they are stored in the S3 bucket).
As for claims 19-20, these claims recite similar limitations found in claims 9-10 and thus are rejected on the same grounds as claims 9-10.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Park et al (US10638314) teaches the process of downloading profiles over wireless communication system, storing an encryption key, decrypting the profile using the said encryption key. It does not mention OTA logs or sending OTA logs at the point of failure.
Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KAYO LISA RUSIN whose telephone number is (703)756-1679. The examiner can normally be reached Monday-Friday 8:30 - 5:00 EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashish Thomas can be reached at 571-272-0631. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/K.L.R./Examiner, Art Unit 2114
/ASHISH THOMAS/Supervisory Patent Examiner, Art Unit 2114