Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
This Office Action is in response to the Amendment filed on 04/17/2026.
In the instant Amendment, claims 1-5 have been examined and are pending; claims 6-20 are withdrawn. This Action is made Non-FINAL.
Election/Restrictions
Applicant elects with traverse, Group I, comprising claims 1-5, for prosecution of this patent application in the reply filed on 04/17/2026 is acknowledged. Restriction for examination purposes as indicated is proper because all these inventions listed in this action are independent or distinct for the reasons given above and there would be a serious search and/or examination burden. Because applicant did not distinctly and specifically point out the supposed errors in the restriction requirement, the election has been treated as an election without traverse (MPEP § 818.03(a)).
Information Disclosure Statement
The information disclosure statement (IDS), submitted on 11/25/2024, is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(B) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 1-5 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA the applicant regards as the invention.
Regarding claim 1, claim 1 recites “a storage unit, configured to store a control device certificate and a programming device certificate ….” which is unclear. It is not clear how the control device certificate and the programming device certificate generated or from where the control device certificate and the programming device certificate are received to store.
Regarding claim 1, claim 1 recites “a processing unit, configured to receive the control device certificate and the programming device certificate according to the first public key and a device identification code, and.….” which is unclear. It is not clear received from ……. Are the control device certificate and the programming device certificate are received from the stored unit?
Regarding claim 1, claim 1 recites “a processing unit, configured to receive the control device certificate and the programming device certificate according to the first public key and a device identification code, and.….” which is unclear. It is not clear a device identification code is the device identification code of the control device or the programming device.
Regarding claim 1, claim 1 recites “a processing unit, configured to store the control device certificate and the programming device certificate in the storage unit….” which is unclear. It is not clear the control device certificate and the programming device certificate stored in the storage unit by the processing unit is same as the control device certificate and the programming device certificate that were already stored by the storage unit or processing unit replacing/updating the stored the control device certificate and the programming device certificate. Again, claim recites “a processing unit, configured to receive the control device certificate and the programming device certificate according to the first public key and a device identification code, and.….” which is unclear. Are the control device certificate and the programming device certificate are received from the stored unit? If yes, then why stored again in the storage unit by the processing unit.
Regarding claims 2-5; claims 2-5 are dependent on claim 1, and therefore inherit 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph issues of the independent claim.
Claims 1-5 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA the applicant regards as the invention.
Claim limitations “a storage unit, configured to store …,” “a key generation unit, configured to generate …,” and “a processing unit, configured to receive……,” have been interpreted under 35 U.S.C. 112(f) or 35 U.S.C. 112 (pre-AIA ), sixth paragraph, because it includes generic place holder “unit” coupled with functional language “configured to…” without reciting sufficient structure to achieve the function. furthermore, the generic placeholder is not preceded by a structural modifier without reciting sufficient structure to achieve function. Applicant’s specification fails to provide a clear definition to the terms.
Since the claim limitations invoke 35 U.S.C. 112(f) or 35 U.S.C. 112 (pre-AIA ), sixth paragraph, claims 1-5 are interpreted to cover the corresponding structure described in the specification that achieves the claimed function, and equivalents thereof. However, the written description fails to disclose the corresponding structure, material, or acts for performing the entire claimed function and to clearly link the structure, material, or acts to the function. No association between the structure and the function can be found in the specification Therefore, the claim is indefinite and is rejected under 35 U.S.C. 112(b) or pre-AIA 35 U.S.C. 112, second paragraph.
Applicant may:
(a) Amend the claim so that the claim limitation will no longer be interpreted as a limitation under 35 U.S.C. 112(f) or 35 U.S.C. 112 (pre-AIA ), sixth paragraph; or
(b) Amend the written description of the specification such that it clearly links or associates the corresponding structure, material, or acts to the claimed function, without introducing any new matter (35 U.S.C. 132(a)); or
(c) State on the record where the corresponding structure, material, or acts are set forth in the written description of the specification and linked or associated to the claimed function. For more information, see 37 CFR 1.75(d) and MPEP §§ 608.01(o) and 2181.
If applicant wishes to provide further explanation or dispute the examiner’s interpretation of the corresponding structure, applicant must identify the corresponding structure with reference to the specification by page and line number, and to the drawing, if any, by reference characters in response to this Office action.
If applicant does not wish to have the claim limitation treated under 35 U.S.C. 112(f) or 35 U.S.C. 112 (pre-AIA ), sixth paragraph, applicant may amend the claim so that it will clearly not invoke 35 U.S.C. 112(f) or 35 U.S.C. 112 (pre-AIA ), sixth paragraph, or present a sufficient showing that the claim recites sufficient structure, material, or acts for performing the claimed function to preclude application of 35 U.S.C. 112(f) or 35 U.S.C. 112 (pre-AIA ), sixth paragraph.
For more information, see MPEP § 2173 et seq. and Supplementary Examination Guidelines for Determining Compliance with 35 U.S.C. § 112 and for Treatment of Related Issues in Patent Applications, 76 FR 7162, 7167 (Feb. 9, 2011).
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C.
102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-5 are rejected under 35 U.S.C. 103 as being unpatentable over Gremaud (US 2025/0112791) and in view of Gulati (US 2021/0152373).
Regarding claim 1, Gremaud discloses a control device, comprising:
a storage unit, configured to store a control device certificate and a programming device certificate (Gremaud par. 0026-0027; The security server 100 can generate a set of security credentials based on the data received from the devices 105, 106, 160 and can then deploy the set of security credentials to the one or more networked devices. In one embodiment, the networked devices can be in network communication with a commissioner device 150, which can be a computing device such as a server or computer. one embodiment, the networked devices 110, 111, 11n can be in communication with other devices via a wired connection in addition to or in place of the communication network 650. A digital certificate is a non-limiting example of a security credential that can be used according to the present disclosure. A batch of digital certificates can be stored in one or more files used for device authentication, the one or more files including identifying information about the device that is issued the digital certificate. Digital certificates can be issued to a device by device (e.g., a server) hosting a public key infrastructure (PKI) system. See also abstract, par. 0025 and par. 0030);
a key generation unit, configured to generate a first private key, and to generate a first public key according to the first private key (Gremaud par. 0029; 0035 and 0054; The digital certificate for the device can include a public key of a key pair generated by a device manufacturer. The public key of the product digital certificate can be the origin public key from the secure origin public-private key pair that was initially installed on the IC chip 130. The security server 100 can extract a public key (the origin public key) of the networked device from the first digital certificate (origin digital certificate). The origin digital certificate can include the origin public key. The origin public key can be a public key generated for the networked device, e.g., by the security controller hardware module of an IC chip included in the networked device. The origin public key can correspond to an origin private key of the IC chip to form a public-private key pair for asymmetric cryptography); and
a processing unit, configured to receive the control device certificate and the programming device certificate according to the first public key and a device identification code, and to store the control device certificate and the programming device certificate in the storage unit (Gremaud par. 0025-0027; The security server 100 can receive data from the devices 105, 106, 160, the data including instructions, security credentials, or identification data related to the one or more networked devices. A second device 106 can be an IC security device 106 associated with a manufacturer of IC chips 130, 131, 13n that are embedded in the networked devices 110. The IC security device 106 can transmit at least part of the origin security credentials to the customer device 105 and/or the security server 100. In one embodiment, the manufacturer device 160 can be in network communication with the security server 100, the customer device 105, and/or the IC security device 106. The security server 100 can generate a set of security credentials based on the data received from the devices 105, 106, 160 and can then deploy the set of security credentials to the one or more networked devices. A digital certificate is a non-limiting example of a security credential that can be used according to the present disclosure. A batch of digital certificates can be stored in one or more files used for device authentication, the one or more files including identifying information about the device that is issued the digital certificate. For example, a networked device can receive a digital certificate and can transmit the digital certificate to an IoT server. The IoT server can identify and authenticate the networked device based on the digital certificate or a component of the digital certificate).
Gremaud3KhanKhanKkk teaches3 a processing unit, configured to receive the control device certificate and the programming device certificate according to the first public key and to store the control device certificate and the programming device certificate in the storage unit (Gremaud par. 0026-0027). However, Gremaud does not explicitly teach a processing unit, configured to receive the control device certificate and the programming device certificate according to a device identification code.
However, in an analogous field, Gulati teaches a processing unit, configured to receive the control device certificate and the programming device certificate according to a device identification code (Gulati abstract, par. 0180; A device birth certificate is generated with the device identification and the security key. For example, the software markers 908 may include information that describe or identify additional codes that are security sensitive. The codes may be run on the programmable devices 128. The codes may be extracted or decrypted on demand to provide access to data related to the device birth certificate 504. In an embodiment, data security is greatly simplified using codes encrypted and programmed into the programmable devices 128 at manufacture of the programmable devices 128. Only the codes that are programmed on the programmable devices 128 may be used to access the device birth certificate 504. See also par. 0176-0178).
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the method of receive the control device certificate and the programming device certificate according to a device identification code of Gremaud using receive the control device certificate and the programming device certificate according to a device identification code taught in Gulati in order to enhance the security of programming device using birth certificate that allow the device to have a unique identity so that it may be authorized to be programmed to have specific computing functionalities (Gulati par. 0029).7
Regarding claim 2, Gremaud and Gulati disclose control device as claimed in claim 1,
Gulati further discloses wherein the processing unit is further configured to obtain a bootloader with a signature bootloader according to the device identification code, the processing unit is configured to execute the bootloader, the key generation unit is configured to generate a shared session key to the processing unit, the processing unit is configured to receive an encrypted application with the shared session key according to the shared session key, and the processing unit is configured to decrypt the encrypted application according to the shared session key to obtain an application and burn the application (Gulati par. 0052, 0126, 0128 and 0152; The programmable devices 128 can be configured to include paired devices 146. The paired devices 146 are two or more of the programmable devices 128 that can share one or more of the security keys 106. This can allow each of the paired devices 146 to detect and authenticate another of the paired devices 146 in the same group. Thus data from one of the paired devices 146 can be shared with another one of the paired devices 146. This can allow functionality such as sharing information, authenticating a bi-directional secure communication channel between two or more of the paired devices 146, identifying other related devices, or a combination thereof. The device birth certificate 504 may provide the Root of Trust or the basis for the trust. The device birth certificate 504 may provide security for on-the-fly updates. The device birth certificate 504 may provide security for a first time boot process to be sure that programming occurs on a known device. he secure programming system 100 may include another Root of Trust on top of the Root of Trust. For example, the secure programming system 100 may be configured to have a license key upon boot up of the secure master storage system 102. The software markers 908 are security elements that can describe or identify the software used in the programmable devices 128. For example, the software markers 908 may identify boot loaders, OS, firmware, applications, etc.).
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the method of receive the control device certificate and the programming device certificate according to a device identification code of Gremaud using receive the control device certificate and the programming device certificate according to a device identification code taught in Gulati in order to enhance the security of programming device using birth certificate that allow the device to have a unique identity so that it may be authorized to be programmed to have specific computing functionalities (Gulati par. 0029).7
Regarding claim 3, Gremaud and Gulati disclose the control device as claimed in claim 1,
Gulati further discloses wherein the processing unit is further configured to obtain a verification certificate and an application version according to the device identification code, the key generation unit is configured to generate a shared session key to the processing unit, the processing unit is configured to use the verification certificate to verify the control device certificate and is configured to use the application version to check the application, the processing unit is configured to receive an encrypted updating application with the shared session key according to the shared session key, and the processing unit is configured to decrypt the encrypted updating application according to the shared session key to obtain an updating application and to burn the updating application (Gulati par. 0052, 0062 and 0153-0154; The programmable devices configured to include paired devices 146. The paired devices 146 are two or more of the programmable devices 128 that can share one or more of the security keys 106. This can allow each of the paired devices 146 to detect and authenticate another of the paired devices 146 in the same group. One of the advantages of the secure programming system 100 includes the ability to provision each of the programmable devices 128 with a different set of the security keys 106 and a different version of the security information 148 encrypted by the individual security keys 106. This can ensure that the security keys 106 used to decrypt the security information 148 on one of the programmable devices 128 cannot be used to decrypt the security information on another one of the programmable devices 128. Each of the programmable devices 128 can have a separate one of the security keys 106 to provide maximum protection. For example, the software markers 908 may identify the versions of the firmware used in the programmable devices 128. Also, for example, a programmable device 128 may be a printed circuit board having firmware installed on the board. A firmware marker 908 may identify the version number for each separate firmware element. The firmware version information could be used to coordinate interoperability between code elements in the programmable devices 128. the software markers 908 may include information about how the firmware used in the programmable devices 128 may be verified. The firmware used in the programmable devices 128 may be verified using a verification method that may detect if the firmware code has been altered, corrupted, or compromised).
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the method of receive the control device certificate and the programming device certificate according to a device identification code of Gremaud using receive the control device certificate and the programming device certificate according to a device identification code taught in Gulati in order to enhance the security of programming device using birth certificate that allow the device to have a unique identity so that it may be authorized to be programmed to have specific computing functionalities (Gulati par. 0029).
Regarding claim 4, Gremaud and Gulati disclose control device as claimed in claim 1,
Gremaud further discloses wherein the storage unit is a one-time programmable memory (Gremaud par. 0083 and 0086; The memory 520 stores information within the computer 500. In one implementation, the memory 520 is a computer-readable medium. In one implementation, the memory 520 is a volatile memory unit. In another implementation, the memory 520 is a non-volatile memory unit. The process data and instructions may be stored in memory 602. These processes and instructions may also be stored on a storage medium disk 604 such as a hard drive (HDD) or portable storage medium or may be stored remotely).
Regarding claims 5, Gremaud and Gulati disclose control device as claimed in claim 1,
Gremaud further discloses wherein the key generation unit comprises a key store configured to store the first private key (Gremaud par. 0008; Extracting a public key from the first digital certificate, the public key and a corresponding private key being stored in the secure component for asymmetric cryptography; receiving a product identifier and a vendor identifier associated with the secure component from a first user device).
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SANCHIT K SARKER whose telephone number is (571)270-7907. The examiner can normally be reached M-F 8:30 AM-5:30 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, FARID HOMAYOUNMEHR can be reached at 571-272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SANCHIT K SARKER/Primary Examiner, Art Unit 2495