Prosecution Insights
Last updated: July 17, 2026
Application No. 18/788,512

MANAGING CONFLICTING POLICIES USING A DIGITAL TWIN

Final Rejection §101§102§103
Filed
Jul 30, 2024
Examiner
AHSAN, SYED M
Art Unit
2491
Tech Center
2400 — Computer Networks
Assignee
Dell Products L.P.
OA Round
2 (Final)
74%
Grant Probability
Favorable
3-4
OA Rounds
1y 5m
Est. Remaining
93%
With Interview

Examiner Intelligence

Grants 74% — above average
74%
Career Allowance Rate
212 granted / 288 resolved
+15.6% vs TC avg
Strong +19% interview lift
Without
With
+19.0%
Interview Lift
resolved cases with interview
Typical timeline
3y 4m
Avg Prosecution
21 currently pending
Career history
323
Total Applications
across all art units

Statute-Specific Performance

§101
4.1%
-35.9% vs TC avg
§103
82.3%
+42.3% vs TC avg
§102
9.2%
-30.8% vs TC avg
§112
2.7%
-37.3% vs TC avg
Black line = Tech Center average estimate • Based on career data from 288 resolved cases

Office Action

§101 §102 §103
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . DETAILED ACTION This Office Action is in response to an Amendment Application received on 03/06/2026. In the application, claim 2, 7, 12, and 17 have been cancelled. Claims 21-24 have been added as new claims. Claims 1, 5, 10-11, 15-16, and 20 have been amended. Claims 3-4, 6, 8-9, 13-14, and 18-19 remain original. For this Office Action, claims 1, 3-6, 8-11, 13-16, 18-24 have been received for consideration and have been examined. Response to Arguments Claim Rejections – 35 USC § 101 Applicant’s remarks in light of the amended claims and instant specification have been reviewed, and amended claims have overcome the raised 35 USC § 101 Abstract Idea Rejection. Therefore, this rejection has been withdrawn. Claim Rejections – 35 USC § 102 Applicant’s arguments, filed 03/06/2026, with respect to the rejection(s) of claim(s) under 35 USC § 102 have been fully considered and are persuasive. Therefore, the rejection has been withdrawn. However, upon further consideration, a new ground(s) of rejection is made in view of new amendments to the independent claims. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 1, 3, 5-6, 8, 10-11, 13-16, 18, and 20-24 are rejected under 35 U.S.C. 103 as being unpatentable over Mikolajczyk et al., (US20240223609A1) hereinafter referred as Miko in view of Tiwari et al., (US20250007952A1). Regarding claim 1, Miko discloses: A method for managing conflicting policies, the method comprising: obtaining a policy, the policy comprising an action set keyed to a predicted state (i.e., a decision points to determine how to response to events that occur) and the action set being usable to update operation of one or more data processing systems that are likely to be impacted by the predicted state ([0074] FIG. 7 is a flow chart of a process 600 for applying provisional policies in OT systems. At block 602, the process begins enforcing one or more active policies stored in memory. The active policies define settings, guidelines, and/or rules that define various aspects of how OT devices are to be configured and operate. Accordingly, the OT device may reference the active policies at decision points to determine how to respond to events that occur); performing, using at least the policy and a digital twin, a policy analysis process to determine whether the policy conflicts with any of a set of existing policies, the digital twin being adapted to generate simulated conditions ([0071] In some embodiments, the compute surface may run a digital twin that operates as a digital copy of the OT device 308, simulating what happens to the real-world OT device 308 with the digital twin. As used herein, the term “digital twin” refers to a digital representation of the OT asset, a digital representation of a system that the OT asset is a part of, or the like; [0075] At block 604, one or more provisional policies stored in memory are emulated … In some embodiments, the emulation may include running a digital twin of the OT device in which the one or more provisional policies are implemented); in an instance of the policy analysis process in which the policy is determined as being conflicting with at least one policy of the set of existing policies ([0077] At block 610, the process 600 performs the identified action; [0078] At block 612, the process 600 utilizes the emulation to determine whether enforcing one or more of the provisional policies would have resulted in a different outcome. For example, would enforcing one or more of the provisional policies dictated that the process 600 identify and perform a different action than under the active policy?): initiating generation of a new policy, the new policy being adapted to, when invoked by an occurrence of the predicted state, resolve a conflict between the policy and the at least one policy of the set of existing policies ([0078] If no, the process 600 returns to block 606 and waits for new data indicative of an event to be received. If yes, the process 600 proceeds to block 614 and generates a record of the difference between the active policies and the provisional policies); and updating the set of existing policies using the new policy so that the new policy is invoked during any future occurrence of predictions of the predicted state ([0078] If no, the process 600 returns to block 606 and waits for new data indicative of an event to be received. If yes, the process 600 proceeds to block 614 and generates a record of the difference between the active policies and the provisional policies … For example, provisional policies that may expose certain vulnerabilities may be emphasized. The data may be used to generate new provisional policies or modify existing provisional policies for subsequent implementation as provisional policies for further testing. Additionally, the data may be used to determine when provisional policies have been sufficiently tested and are ready for implementation as active policies (e.g., tested for greater than a threshold period of time of for more than a threshold number of events)). Miko does not disclose: wherein the policy conflicts with at least one policy of the set of existing policies when the action set corresponding to the policy and the action set corresponding to the at least one policy comprises at least one mutually exclusive action; performing, responsive to an occurrence of the predicted state, an action set of the new policy to update operation of the one or more data processing systems that are likely to be impacted by the predicted state; and providing computer-implemented services using the updated operation of the one or more data processing systems. However, Tiwari discloses: wherein the policy conflicts with at least one policy of the set of existing policies when the action set corresponding to the policy and the action set corresponding to the at least one policy comprises at least one mutually exclusive action ([0020] As used herein, an insight may include one or more characteristics pertaining to a security policy rule(s) and/or one or more characteristics pertaining to a relationship among a plurality of security policy rules. Examples of characteristics pertaining to security policy rule that is provided by the insight include (i) an overlap analysis among a plurality of security policy rules (e.g., a determination of an overlap, or extent of an overlap, between at least two security policy rules), (ii) a similarity of a plurality of security policy rules (e.g., a determination of a degree of similarity or divergence between at least two security policy rules or at least two versions of a particular security policy rule), (iii) an equivalence analysis with respect to a plurality of security policy rules (e.g., a determination of the equivalence or the extent of equivalence between at least two security policy rules), (iv) a correlation analysis between/among a plurality of security policy rules (e.g., a determination of a consistency or contradiction between at least two security policy rules), and (v) an optimization analysis with respect to one or more security policy rules (e.g., an analysis of whether/how a plurality of security policy rules can be combined), etc.; [0038] In some embodiments, system 100 (e.g., policy evaluator 170, security platform 140, etc.) trains one or more models to determine (e.g., predict) insights for a security policy or set of security policy rules. Examples of models include a symbolic prediction engine (e.g., an SMT solver), a ML prediction engine, etc. System 100 may train a model to determine an overlapping of security policy rules, determine contradicting security policy rules; [0053] In some embodiments, system 200 (i) receives a set of security policy rules, (ii) determines one or more security policy rules that do not satisfy an intent or contradict an intent; and (iii) performs a priority/position analysis to generate an intent/satisfaction result of the security policy rules to generate a final set of security policy rules. System 200 can report out a result of the evaluation of the security policy or security policy rules. Additionally, or alternatively, system 200 can provide a recommendation for resolving an inconsistency in the security policy/security policy rule (e.g., to optimize a security policy such as via consolidating security policy rules, to resolve contradicting security policy rules such as rules that treat the same set of network traffic in different/opposing manners, etc.)); performing, responsive to an occurrence of the predicted state, an action set of the new policy to update operation of the one or more data processing systems that are likely to be impacted by the predicted state; and providing computer-implemented services using the updated operation of the one or more data processing systems ([0117] At 820, the system selects an insight for which the new policy rule is to be evaluated. At 825, the system determines one or more characteristics pertaining to the new policy rule; [0118] At 830, the system uses a prediction engine obtains an evaluation result based at least in part on analyzing the one or more characteristics. In some embodiments, the system queries the prediction engine using a vector associated with the one or more characteristics. For example, the system queries a machine learning model using a feature vector obtained by analyzing the policy rule(s). [0122] FIG. 9 is a flow diagram of a method for performing an active measure based on an evaluation of a policy rule; [0123] At 905, the system obtains an indication that one or more policy rules are to be evaluated. At 910, the one or more policy rules are evaluated. In some embodiments, process 700 and/or process 800 is invoked at 910. At 915, the system obtains an evaluation result for the one or more policy rules. At 920, the system determines whether to perform an active measure … At 930, the system causes the active measure to be implemented. The system may implement the active measure or provide an indication/instruction to another system or service for implementation. At 935, an indication of the evaluation result is provided. At 940, a determination is made as to whether process 900 is complete. In some embodiments, process 900 is determined to be complete in response to a determination that no further policy rules are obtained, no further policy rules are to be validated or evaluated, no further active measures are to be implemented, the active measure(s) is successfully implemented, the process has terminated, an administrator indicates that process 900 is to be paused or stopped, etc.). It would have been obvious to an ordinary skill in the art before the effective filing date of the claimed invention to modify the system of enforcing policies and include a system that receives a set of security policy rules, determines one or more security policy rules that do not satisfy an intent or contradict an intent; and performs a priority/position analysis to generate an intent/satisfaction result of the security policy rules to generate a final set of security policy rules, as disclosed by Tiwari. The motivation to include Tiwari’s system is to provide a recommendation for resolving an inconsistency in the security policy/security policy rule (e.g., to optimize a security policy such as via consolidating security policy rules, to resolve contradicting security policy rules such as rules that treat the same set of network traffic in different/opposing manners, etc.) (Tiwari: [0053]). Regarding claim 11, it is a non-transitory machine-readable medium claim and recites similar subject matter as claim 1 and therefore rejected under similar ground of rejection. Regarding claim 16, it is a data processing system claim and recites similar subject matter as claim 1 and therefore rejected under similar ground of rejection. Regarding claim 3, the combination of Miko and Tiwari discloses: The method of claim 1, wherein obtaining the policy comprises generating the policy to manage impact of a state not contemplated by the set of existing policies, the policy being intended to be added to the set of existing policies (Miko: [0078] Additionally, the data may be used to determine when provisional policies have been sufficiently tested and are ready for implementation as active policies (e.g., tested for greater than a threshold period of time of for more than a threshold number of events). The control engineer may finalize the policy and deploy the policy to one or more OT devices as an active policy). Regarding claim 13, it is a non-transitory machine-readable medium claim and recites similar subject matter as claim 3 and therefore rejected under similar ground of rejection. Regarding claim 18, it is a data processing system claim and recites similar subject matter as claim 3 and therefore rejected under similar ground of rejection. Regarding claim 5, the combination of Miko and Tiwari discloses: The method of claim 1, wherein performing the policy analysis process comprises: inputting a set of initial conditions into the digital twin as ingest, the initial conditions being previously used to obtain the policy and the initial conditions being intended to represent operational conditions for data processing systems likely to be impacted by the predicted state; obtaining a set of simulated conditions from the digital twin as output, the set of simulated conditions being intended to represent operation of the data processing systems at a point in time different from a point in time of the initial conditions; making, using at least the simulated conditions, a determination regarding whether the policy and at least a second policy from the set of existing policies are invoked; and in an instance of the determination in which the policy and at least the second policy are invoked: comparing the action set to action sets corresponding to the at least the second policy to identify any instances of conflicting actions (Miko: [0071-0078]). Regarding claim 15, it is a non-transitory machine-readable medium claim and recites similar subject matter as claim 5 and therefore rejected under similar ground of rejection. Regarding claim 20, it is a data processing system claim and recites similar subject matter as claim 5 and therefore rejected under similar ground of rejection. Regarding claim 6, the combination of Miko and Tiwari discloses: The method of claim 5, wherein making the determination comprises: using the set of simulated conditions as input for at least one inference model to obtain a simulated predicted state; and using the simulated predicted state as a key to perform a look up to identify any of the set of existing policies that are invoked (Miko: [0077-0078]). Regarding claim 14, it is a non-transitory machine-readable medium claim and recites similar subject matter as claim 6 and therefore rejected under similar ground of rejection. Regarding claim 8, the combination of Miko and Tiwari discloses: The method of claim 1, wherein the new policy comprises an action set which overrides the action set of the policy and an action set of the at least one policy of the set of existing policies (Miko: [0078]). Regarding claim 10, the combination of Miko and Tiwari discloses: The method of claim 1, wherein updating the operation of one or more data processing systems is performed to hedge against a risk of an undesired outcome from the occurrence of the predicted state (Miko: [0072] The emulation of the provisional policies 504 acts as a test of the provisional policies 504, allowing control engineers to test new policies or modifications to existing policies, without the risk of downtime or outages). Regarding claim 21, the combination of Miko and Tiwari discloses: The method of claim 5, wherein making the determination comprises: using the set of simulated conditions as input for at least one inference model to obtain a plurality of simulated predicted states; analyzing the plurality of simulated predicted states to obtain a statistical characterization from the plurality of simulated predicted states; and using the statistical characterization to identify the policy and at least the second policy are invoked, wherein the policy analysis process identifies the at least one mutually exclusive action, relative to the at least one policy of the set of existing policies, from among the action set corresponding to the policy and an action set corresponding to at least the second policy and at least one policy of the set of existing policies (Tiwari: [0087] In connection with evaluating the security policy or set of security policy rules, system 300 uses a prediction engine in engine layer 340 to generate an evaluation result for an insight based on a representation (e.g., a feature vector, a bitvector, etc.) generated at model layer 320. Engine layer 340 comprises one or more predictive engines. In the case that engine layer 340 comprises a plurality of predictive engines, the plurality of predictive engines may comprise one or more types of predictive engines, such as a symbolic predictive engine, a statistical predictive engine, a simulation engine (e.g., to perform a constrained simulation such as to predict how certain packets/network traffic is to be handled according to the security policy rule(s)). In the example shown, engine layer 340 comprise symbolic predictive engine 342 and/or statistical predictive engine 350; [0088] Symbolic predictive engine 342 performs an evaluation of a security policy or set of security policy rules using one or more SMT solvers). Regarding claim 22, the combination of Miko and Tiwari discloses: The method of claim 21, further comprising, in response to identifying the at least one mutually exclusive action, generating a conflicting policy report comprising: an indication of the policy and at least the second policy; an indication of the at least one mutually exclusive action; and the statistical characterization used to identify the policy and at least the second policy (Tiwari: [0108-0110]). Regarding claim 23, the combination of Miko and Tiwari discloses: The method of claim 22, wherein, based on the conflicting policy report, the generation of the new policy hedges against a risk of an outcome that results in the statistical characterization correlated to the plurality of simulated predicted states (Tiwari: [0016-0018]). Regarding claim 24, the combination of Miko and Tiwari discloses: The method of claim 23, wherein the new policy includes meta data to that allows the new policy to override conflicting policies during any future occurrence of the simulated predicted states (Tiwari: [0037] & [0065]). Claim(s) 4, 9, and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Mikolajczyk et al., (US20240223609A1) hereinafter referred as Miko in view of Tiwari et al., (US20250007952A1) and further in view of Ahn et al., (US20210049460A1). Regarding claim 4, the combination of Miko and Tiwari fails to disclose: The method of claim 1, wherein obtaining the policy comprises: obtaining a prediction that indicates the predicted state will occur, the prediction being generated by at least one inference model; and identifying the policy from the set of existing policies, the policy being based on a type of the predicted state to which the policy is associated. However, Ahn discloses: obtaining a prediction that indicates the predicted state will occur, the prediction being generated by at least one inference model ([0015] FIG. 11 illustrates the deep probabilistic (DP) process model that predicts the sensors and targets given the conditions and actions over the future horizon, according to some example embodiments; [0130] FIG. 11 illustrates the process for calculating the predicted sequence, according to some example embodiments. The DP process model (state prediction, state update, observation prediction) is trained to learn the latent states to reduce the overall prediction error); and identifying the policy from the set of existing policies, the policy being based on a type of the predicted state to which the policy is associated ([0016] FIG. 12 illustrates the decision machines (DM) controller that optimizes the predicted targets by selecting the best actions given future conditions, relying on the trained DP process model, according to some example embodiments; [0130] FIG. 11 illustrates the process for calculating the predicted sequence, according to some example embodiments. The DP process model (state prediction, state update, observation prediction) is trained to learn the latent states to reduce the overall prediction error; [0131] Given the past sequence 902 of experience tuples (which includes targets and sensors 1102 plus conditions and actions 1106), the DP process model learns the latent states 918; [0132] Further, given the predicted conditions and actions 1108 over the future horizon (e.g., predicted sequence 904), the latent states 918 are propagated over the predicted sequence. Additionally, the target and sensors 1104 over the predicted sequence are predicted over the future horizon; [0135] The optimal policy is identified for the process and the DP model is trained for this policy. Then, at every step of the future horizon, the actions are predicted, and a scenario is developed that identifies the future actions in the future conditions to show the final outcome). It would have been obvious to an ordinary skill in the art before the effective filing date of the claimed invention to modify Systems and methods for provisional policies in operational technology devices of Miko and Tiwari and include deep probabilistic (DP) process model that predicts the sensors and targets given the conditions and actions over the future horizon, as disclosed by Ahn. The motivation to combine the teaching of Mike into Ahn is to improve policy decision making process with optimal decisions and controls for dynamic processes. Regarding claim 19, it is a data processing system claim and recites similar subject matter as claim 4 and therefore rejected under similar ground of rejection. Regarding claim 9, the combination of Miko, Tiwari and Ahn discloses: The method of claim 1, wherein the predicted state comprises: a state predicted to occur by an analysis of a plurality of predictions generated by at least one inference model, the analysis being based on a statistical characterization regarding agreement in the plurality of predictions (Ahn: [0132] Further, given the predicted conditions and actions 1108 over the future horizon (e.g., predicted sequence 904), the latent states 918 are propagated over the predicted sequence. Additionally, the target and sensors 1104 over the predicted sequence are predicted over the future horizon; [0133] In the example illustrated in FIG. 11, the defined future window for optimization includes K values: targets ŷt+1 to ŷt+K, sensors {circumflex over (x)}t+1 to {circumflex over (x)}t+K, conditions ct to ct+K−1, and actions at to at+K−1. For example, to predict inventory levels over two-month horizon, weekly states are predicted that means a K value of 8; [0134] During the past sequence 1102, the outputs are known, so it is possible to update priors to posteriors. However, during the future sequence 1104, the outputs are unknown, so the model keeps evolving the priors {circumflex over (x)} and ŷ; [0135] The optimal policy is identified for the process and the DP model is trained for this policy. Then, at every step of the future horizon, the actions are predicted, and a scenario is developed that identifies the future actions in the future conditions to show the final outcome). It would have been obvious to an ordinary skill in the art before the effective filing date of the claimed invention to modify Systems and methods for provisional policies in operational technology devices of Miko and Tiwari and include deep probabilistic (DP) process model that predicts the sensors and targets given the conditions and actions over the future horizon, as disclosed by Ahn. The motivation to combine the teaching of Mike in view of Tiwari into Ahn is to improve policy decision making process with optimal decisions and controls for dynamic processes. Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to SYED M AHSAN whose telephone number is (571)272-5018. The examiner can normally be reached 8:30 AM - 6:00 PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, William Korzuch can be reached at 571-272-7589. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /SYED M AHSAN/Primary Examiner, Art Unit 2491
Read full office action

Prosecution Timeline

Jul 30, 2024
Application Filed
Dec 16, 2025
Non-Final Rejection mailed — §101, §102, §103
Mar 06, 2026
Response Filed
Apr 29, 2026
Final Rejection mailed — §101, §102, §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12676833
Firewall System for Controlling Data Flow Between Computing Resources
4y 5m to grant Granted Jul 07, 2026
Patent 12671709
NETWORK ANOMALY DETECTION METHOD, ELECTRONIC DEVICE, AND STORAGE MEDIUM
1y 11m to grant Granted Jun 30, 2026
Patent 12671568
Device for Counteracting Side-Channel Attacks
1y 10m to grant Granted Jun 30, 2026
Patent 12665910
METHOD AND SYSTEM FOR DETERMINING AND ACTING ON A STRUCTURED DOCUMENT CYBER THREAT RISK
2y 2m to grant Granted Jun 23, 2026
Patent 12657269
Using Continuous Biometric Information Monitoring For Security
4y 1m to grant Granted Jun 16, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

3-4
Expected OA Rounds
74%
Grant Probability
93%
With Interview (+19.0%)
3y 4m (~1y 5m remaining)
Median Time to Grant
Moderate
PTA Risk
Based on 288 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month