Prosecution Insights
Browse Companies Examiners Firms Draft Your Response
Office ActionsTyco Fire & Security GmbH › 18827532
Last updated: April 19, 2026
Application No. 18/827,532

SYSTEMS AND METHODS TO AUTOMATE SECURITY ASSETS DISCOVERY AND ONBOARDING

Non-Final OA §103
Filed
Sep 06, 2024
Examiner
WILCOX, JAMES J
Art Unit
2439
Tech Center
2400 — Computer Networks
Assignee
Tyco Fire & Security GmbH
OA Round
1 (Non-Final)
70%
Grant Probability
Favorable
1-2
OA Rounds
3y 5m
To Grant
99%
With Interview

Interview Optional

+60.3% interview lift. This examiner has a relatively high allow rate; a written response may suffice.
Based on 609 resolved cases, 2023–2026

Examiner Intelligence

WILCOX, JAMES J View full profile →
Grants 70% — above average
70%
Career Allow Rate
428 granted / 609 resolved
+12.3% vs TC avg
Strong +60% interview lift
Without
With
+60.3%
Interview Lift
resolved cases with interview
Typical timeline
3y 5m
Avg Prosecution
37 currently pending
Career history
646
Total Applications
across all art units

Statute-Specific Performance

§101
15.1%
-24.9% vs TC avg
§103
55.5%
+15.5% vs TC avg
§102
14.0%
-26.0% vs TC avg
§112
7.0%
-33.0% vs TC avg
Black line = Tech Center average estimate • Based on career data from 609 resolved cases

Office Action

§103
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . DETAILED ACTION Claims 1-20 are pending in this application. Claim Objections Claims 9, 16 and 17 are objected to because of the following informalities: Regarding claims 9 and 17, the claims recite the acronyms “SNMP,” “ONVIF,” “SSDP,” “NMAP,” and “WS-Discovery,” The Examiner notes for further clarity to spell out the acronyms at its first occurrence. Regarding claim 16, claim 16 has an “o” after identified in the generate an asset hierarchy limitation and should be rewritten or removed. Appropriate correction is required. Information Disclosure Statement The information disclosure statement (IDS) submitted on 09/12/2024 is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1-2, 12 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Cayemberg et al (“Cayemberg,” US 20170357607) and further in view of Ben Ari et al (“Ben Ari,” US 20210377718). Regarding claim 1, Cayemberg discloses a method for onboarding security devices coupled to a building network in a building management system, the method comprising: transmitting a plurality of commands on the building network, each command comprising protocol-specific subsystem criteria for a corresponding security subsystem type of a plurality of security subsystem types; (Cayemberg discloses [0002], [0037], [0012] transmitting a plurality of commands on the building network [0002], [0031], each command comprising protocol-specific subsystem criteria [0009] for a corresponding security subsystem type of a plurality of security subsystem types, [0002]) receiving a plurality of responses to the plurality of commands from the security devices via the building network; (Cayemberg discloses [0007] receiving a plurality of responses [0012] to the plurality of commands [0051] from the security devices [0012] via the building network [0002], [0031]) generating an asset hierarchy comprising the plurality of security subsystems identified on the building network and the security devices within each identified security subsystem; (Cayemberg discloses [0004], [0079] generating an asset hierarchy comprising the plurality of security subsystems [0002] identified on the building network [0002], [0031] and the security devices [0012] within each identified security subsystem [0002]) and onboarding the security devices within each identified security subsystem, (Cayemberg discloses [0054], [0059] and onboarding the security devices [0012] within each identified security subsystem [0002]) Cayemberg further discloses a building network (Cayemberg discloses building network [0002], [0031]) Cayemberg fails to explicitly disclose identifying a plurality of security subsystems on the network based on whether the plurality of responses contain identifying strings specified by the protocol-specific subsystem criteria for the plurality of security subsystem types. However, in an analogous art, Ben Ari discloses identifying a plurality of security subsystems on the network based on whether the plurality of responses contain identifying strings specified by the protocol-specific subsystem criteria for the plurality of security subsystem types; (Ben Ari discloses and an identifying string (306, 312, FIG 3) for corresponding security subsystem type (302, 316, FIG 3, [0044]) Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Ben Ari with the method/system of Cayemberg to include identifying a plurality of security subsystems on the network based on whether the plurality of responses contain identifying strings specified by the protocol-specific subsystem criteria for the plurality of security subsystem types. One would have been motivated to provide discovery processes based on discovery pattern affinity (Ben Ari, [0001]). Regarding claim 2, Cayemberg and Ben Ari disclose the method of claim 1. Cayemberg further discloses further comprising operating the security devices identified within each identified security subsystem using the protocol-specific subsystem criteria (Cayemberg discloses further comprising operating the security devices [0012] identified within each identified security subsystem [0002] using the protocol-specific subsystem criteria [0009]). Regarding claim 12, Cayemberg and Ben Ari disclose the method of claim 1. Cayemberg further discloses a building network (Cayemberg discloses building network [0002], [0031]) Ben Ari further discloses wherein generating the asset hierarchy comprises: performing a device scan for each of the plurality of security subsystems identified on the network, wherein each device scan comprises: (Ben Ari discloses FIG 3, [0007]-[0008] wherein generating the asset hierarchy comprises: performing a device scan for each of the plurality of security subsystems identified on the network, wherein each device scan comprises) selecting, from a plurality of connectors, at least one connector associated with the identified security subsystem; (Ben Ari discloses [0007]-[0009], FIG 3 selecting, from a plurality of connectors, at least one connector associated with the identified security subsystem) scanning, using the selected connector, the identified subsystem for one or more security devices connected with the identified security subsystem; (Ben Ari discloses [0007]-[0009], FIG 3 scanning, using the selected connector, the identified subsystem for one or more security devices connected with the identified security subsystem) and generating, a device scan response including the one or more security devices and the associated identified security subsystem (Ben Ari discloses [0007]-[0009], FIG 3 and generating, a device scan response including the one or more security devices and the associated identified security subsystem). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Ben Ari with the method/system of Cayemberg include wherein generating the asset hierarchy comprises: performing a device scan for each of the plurality of security subsystems identified on the building network, wherein each device scan comprises: selecting, from a plurality of connectors, at least one connector associated with the identified security subsystem; scanning, using the selected connector, the identified subsystem for one or more security devices connected with the identified security subsystem; and generating, a device scan response including the one or more security devices and the associated identified security subsystem. One would have been motivated to provide discovery processes based on discovery pattern affinity (Ben Ari, [0001]). Regarding claim 14, Cayemberg and Ben Ari disclose the method of claim 12. Ben Ari further disclose further comprising assigning the security devices within at least one identified security subsystem to at least one of a plurality of device categories based on the device scan response, (Ben Ari discloses [0007]-[0009], FIG 3 further comprising assigning the security devices within at least one identified security subsystem to at least one of a plurality of device categories based on the device scan response) Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Ben Ari with the method/system of Cayemberg include further comprising assigning the security devices within at least one identified security subsystem to at least one of a plurality of device categories based on the device scan response. One would have been motivated to provide discovery processes based on discovery pattern affinity (Ben Ari, [0001]). Claims 3-4 are rejected under 35 U.S.C. 103 as being unpatentable over Cayemberg et al (“Cayemberg,” US 20170357607) in view of Ben Ari et al (“Ben Ari,” US 20210377718) and further in view of Bolton et al (“Bolton,” US 20150163327) Regarding claim 3, Cayemberg discloses the method of claim 1. Ben Ari further discloses and an identifying string for corresponding security subsystem type, (Ben Ari discloses and an identifying string (306, 312, FIG 3) for corresponding security subsystem type (302, 316, FIG 3, [0044]) Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Ben Ari with the method/system of Cayemberg to include and an identifying string for corresponding security subsystem type. One would have been motivated to provide discovery processes based on discovery pattern affinity (Ben Ari, [0001]). Cayemberg fails to explicitly disclose wherein the protocol-specific subsystem criteria comprises a unique network port. However, in an analogous art, Bolton discloses wherein the protocol-specific subsystem criteria comprises a unique network port (Bolton discloses wherein the protocol-specific subsystem criteria [0079], [0062] comprises a unique network port [0037]-[0038]) Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Bolton with the method/system of Cayemberg and Ben Ari to include wherein the protocol-specific subsystem criteria comprises a unique network port. One would have been motivated to provide correct port identification in a network host connection (Bolton, [0016]). Regarding claim 4, Cayemberg and Ben Ari disclose the method of claim 1. Cayemberg and Ben Ari fail to explicitly disclose wherein each command is transmitted on a network port identified in the protocol-specific subsystem criteria. However, in an analogous art, Bolton discloses wherein each command is transmitted on a network port identified in the protocol-specific subsystem criteria. (Bolton discloses wherein each command [0056] is transmitted on a network port [0037]-[0038] identified in the protocol-specific subsystem criteria [0037], [0042]) Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Bolton with the method/system of Cayemberg and Ben Ari to include wherein each command is transmitted on a network port identified in the protocol-specific subsystem criteria. One would have been motivated to provide correct port identification in a network host connection (Bolton, [0016]). Claims 5-8, 10 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Cayemberg et al (“Cayemberg,” US 20170357607) in view of Ben Ari et al (“Ben Ari,” US 20210377718) and further in view of Liu et al (“Liu,” US 20180092151). Regarding claim 5, Cayemberg and Ben Ari disclose the method of claim 1. Cayemberg and Ben Ari fail to explicitly disclose further comprising identifying a subset of the security devices within each identified security subsystem and obtaining device data for the security devices and providing the device to a data platform. However, in an analogous art, Liu discloses further comprising identifying a subset of the security devices within each identified security subsystem and obtaining device data for the security devices and providing the device to a data platform (Liu discloses further comprising [0012] identifying a subset of the security devices [0012] within each identified security subsystem [0027] and obtaining device data [0028] for the security devices [0012] and providing the device to a data platform [0021], [0059]) Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Liu with the method/system of Cayemberg and Ben Ari to include wherein each command is transmitted on a network port identified in the protocol-specific subsystem criteria. One would have been motivated to provide manage IoT devices (Liu, [0027]). Regarding claim 6, Cayemberg, Ben Ari and Liu discloses the method of claim 5. Liu further discloses wherein the data platform is a cloud-based data platform (Liu discloses [0021], [0027] wherein the data platform is a cloud-based data platform [0021], [0059]) Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Liu with the method/system of Cayemberg and Ben Ari to include wherein the data platform is a cloud-based data platform. One would have been motivated to provide manage IoT devices (Liu, [0027]). Regarding claim 7, Cayemberg, Ben Ari and Liu disclose the method of claim 5. Liu further discloses wherein the subset is identified based on a status of the security devices provided in the plurality of responses, (Liu discloses wherein the subset is identified based on a status [0028], [0035] of the security devices [0035], [0059] provided in the plurality of responses [0067], [0069], [0092]) Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Liu with the method/system of Cayemberg and Ben Ari to include wherein the subset is identified based on a status of the security devices provided in the plurality of responses. One would have been motivated to provide manage IoT devices (Liu, [0027]). Regarding claim 8, Cayemberg, Ben Ari and Liu disclose the method of claim 5. Liu further discloses identifying the subset of the security devices within each identified security subsystem comprises receiving a selection from a user comprising the subset, (Liu discloses [0089] identifying the subset of the security devices within each identified security subsystem [0101] comprises receiving a selection [0068], [0093] from a user comprising the subset [0093]-[0094]) Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Liu with the method/system of Cayemberg and Ben Ari to include identifying the subset of the security devices within each identified security subsystem comprises receiving a selection from a user comprising the subset. One would have been motivated to provide manage IoT devices (Liu, [0027]). Regarding claim 10, Cayemberg and Ben Ari disclose the method of claim 1. Cayemberg and Ben Ari fail to explicitly disclose wherein the protocol-specific subsystem criteria are obtained from a data platform. However, in an analogous art, Liu discloses wherein the protocol-specific subsystem criteria are obtained from a data platform, (Liu discloses [0091] wherein the protocol-specific subsystem criteria [0099], [0101] are obtained from a data platform [0021], [0059]) Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Liu with the method/system of Cayemberg and Ben Ari to include wherein the protocol-specific subsystem criteria are obtained from a data platform. One would have been motivated to provide manage IoT devices (Liu, [0027]). Regarding claim 15, Cayemberg and Ben Ari disclose the method of claim 12. Cayemberg and Ben Ari fail to explicitly disclose wherein the device scan response comprises at least one of an online status, firmware version, software version, model, serial number, disk space, video recording status, tamper status, or license expiration for at least one of the one or more security devices. However, in an analogous art, Liu discloses wherein the device scan response comprises at least one of an online status, firmware version, software version, model, serial number, disk space, video recording status, tamper status, or license expiration for at least one of the one or more security devices, (Liu discloses collecting [0028], [0035] and reporting device status [0028], [0035] and data to the cloud platform [0021], [0059]) Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Liu with the method/system of Cayemberg and Ben Ari to include wherein the device scan response comprises at least one of an online status, firmware version, software version, model, serial number, disk space, video recording status, tamper status, or license expiration for at least one of the one or more security devices. One would have been motivated to provide a method and system for remotely managing IoT devices (Liu, [0026]). Claim 9 is rejected under 35 U.S.C. 103 as being unpatentable over Cayemberg et al (“Cayemberg,” US 20170357607) in view of Ben Ari et al (“Ben Ari,” US 20210377718) and further in view of Crabtree et al (“Crabtree,” US 20200296137). Regarding claim 9, Cayemberg and Ben Ari disclose the method of claim 1. Cayemberg and Ben Ari fail to explicitly disclose wherein at least one of the plurality of security subsystem types corresponds to at least one of a plurality of security protocols, wherein the plurality of security protocols comprises at least one of SNMP, ONVIF, SSDP, NMAP or WS-Discovery However, in an analogous art, Crabtree discloses wherein at least one of the plurality of security subsystem types corresponds to at least one of a plurality of security protocols, wherein the plurality of security protocols comprises at least one of SNMP, ONVIF, SSDP, NMAP or WS-Discovery, (Crabtree discloses wherein at least one of the plurality of security subsystem types [0116] corresponds to at least one of a plurality of security protocols, wherein the plurality of security protocols [0074] comprises at least one of SNMP, ONVIF, SSDP, NMAP [0065] or WS-Discovery) Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Crabtree with the method/system of Cayemberg and Ben Ari to include wherein at least one of the plurality of security subsystem types corresponds to at least one of a plurality of security protocols, wherein the plurality of security protocols comprises at least one of SNMP, ONVIF, SSDP, NMAP or WS-Discovery. One would have been motivated to provide a system and method for generating comprehensive security profiles and ratings for organizations that takes into account the organization's infrastructure and operations in generating the profile, and the context and purpose of the rating to be generated related to the profile (Crabtree, [0005]). Claim 11 is rejected under 35 U.S.C. 103 as being unpatentable over Cayemberg et al (“Cayemberg,” US 20170357607), Ben Ari et al (“Ben Ari,” US 20210377718) and further in view of Ghai et al (“Ghai,” US 20080209506). Regarding claim 11, Cayemberg and Ben Ari disclose the method of claim 1. Cayemberg and Ben Ari fail to explicitly disclose wherein the plurality of subsystem types comprises at least one of a Ccure, Exacq, Genetec, Kantech, or VideoEdge type. However, in an analogous art, Ghai discloses wherein the plurality of subsystem types comprises at least one of a Ccure, Exacq, Genetec, Kantech, or VideoEdge type, (Ghai discloses wherein the plurality of subsystem types [0030] comprises at least one of a Ccure [0048], Exacq, Genetec, Kantech, or VideoEdge type). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Ghai with the method/system of Cayemberg and Ben Ari to include wherein the plurality of subsystem types comprises at least one of a Ccure, Exacq, Genetec, Kantech, or VideoEdge type. One would have been motivated to provide a system for integrating disparate security systems using a rules-based policy engine and normalized data format (Ghai, [0002]). Claim 13 is rejected under 35 U.S.C. 103 as being unpatentable over Cayemberg et al (“Cayemberg,” US 20170357607) in view of Ben Ari et al (“Ben Ari,” US 20210377718) and further in view of Waschke et al (“Waschke,” US 20130046739). Regarding claim 13, Cayemberg and Ben Ari disclose the method of claim 12. Cayemberg and Ben Ari fail to explicitly disclose further comprising determining if the device scan response includes any duplicate security devices in the one or more security devices and removing the duplicate security devices from the device scan `response. However, in an analogous art, Waschke discloses further comprising determining if the device scan response includes any duplicate security devices in the one or more security devices and removing the duplicate security devices from the device scan response, (Waschke discloses [0005] further comprising determining if the device scan response includes any duplicate security devices [0015] in the one or more security devices [0030] and removing [0030] the duplicate security devices [0005], [0015] from the device scan response [0031]) Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Waschke with the method/system of Cayemberg and Ben Ari to include further comprising determining if the device scan response includes any duplicate security devices in the one or more security devices and removing the duplicate security devices from the device scan response. One would have been motivated to reconcile duplicate configuration items in a configuration management database (Waschke, [0005]). Claims 16 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Cayemberg et al (“Cayemberg,” US 20170357607) in view of Liu et al (“Liu,” US 20180092151) and further in view of Ben Ari et al (“Ben Ari,” US 20210377718) Regarding claim 16, Cayemberg discloses a building management system, comprising: a communications bus; (Cayemberg discloses [0052] a communications bus) a plurality of subsystems coupled to the communications bus and configured to communicate on the communications bus, wherein the plurality of subsystems each comprise one or more security devices configured to monitor a state or condition of a building; (Cayemberg discloses a plurality of subsystems [0002] coupled to the communications bus [0051] and configured to communicate on the communications bus [0051], wherein the plurality of subsystems [0002] each comprise one or more security devices [0012] configured to monitor a state [0047] or condition of a building [0047]) a first device coupled to the communications bus comprising a processing circuit comprising one or more memory devices coupled to one or more processors, the one or more memory devices configured to store instructions thereon that, when executed by the one or more processors, cause the one or more processors to: (Cayemberg discloses a first device [0012] coupled to the communications bus [0051] comprising a processing circuit [0144] comprising one or more memory devices [0076] coupled to one or more processors [0144], the one or more memory devices [0076] configured to store instructions thereon that, when executed by the one or more processors [0144], cause the one or more processors to: [0144]) transmit a plurality of commands on the communications bus, each command comprising protocol-specific subsystem criteria for a corresponding subsystem type of a plurality of subsystem types; (Cayemberg discloses [0002], [0037], [0012] transmitting a plurality of commands [0114] on the building network [0002], [0031], each command comprising protocol-specific subsystem criteria [0009] for a corresponding security subsystem type of a plurality of security subsystem types, [0002]) receive a plurality of responses to the plurality of commands from the plurality of subsystems via the communications bus; (Cayemberg discloses receive a plurality of responses [0125]-[0126] to the plurality of commands [0114] from the plurality of subsystems [0002] via the communications bus [0051]). generate an asset hierarchy comprising the plurality of security subsystems identified o and the one or more security devices within each identified security subsystem; (Cayemberg discloses [0007] receiving a plurality of responses [0125]-[0126] to the plurality of commands [0051] from the security devices [0012] via the building network [0002], [0031]) and onboard the security devices within each identified security subsystem, (Cayemberg discloses [0054], [0059] and onboarding the security devices [0012] within each identified security subsystem [0002]) Cayemberg fails to explicitly disclose a cloud platform communicably coupled to the communications bus. However, in an analogous art, Liu discloses a cloud platform communicably coupled to the communications bus, (Liu discloses a cloud platform [0021] communicably coupled to the communications bus [0016]) Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Liu with the method/system of Cayemberg to include a cloud platform communicably coupled to the communications bus. One would have been motivated to provide a method and system for remotely managing IoT devices (Liu, [0026]). Cayemberg and Liu fail to explicitly disclose identify subsystem type from the plurality of subsystem types for each of the plurality of subsystems based on whether the plurality of responses contain identifying strings specified by the protocol-specific subsystem criteria for the plurality of security subsystem types. However, in an analogous art, Ben Ari discloses identifying a plurality of security subsystems on the network based on whether the plurality of responses contain identifying strings specified by the protocol-specific subsystem criteria for the plurality of security subsystem types; (Ben Ari discloses identifying a plurality of security subsystems (302, 316, FIG 3, [0044]) on the network based on whether the plurality of responses contain identifying strings (306, 312, FIG 3) specified by the protocol-specific subsystem criteria for the plurality of security subsystem types (302, 316, FIG 3, [0044])) Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Ben Ari with the method/system of Cayemberg and Liu to include identifying a plurality of security subsystems on the network based on whether the plurality of responses contain identifying strings specified by the protocol-specific subsystem criteria for the plurality of security subsystem types. One would have been motivated to provide discovery processes based on discovery pattern affinity (Ben Ari, [0001]). Regarding claim 20, Cayemberg, Liu and Ben Ari disclose the building management system of claim 16. Liu further discloses comprising instructions that, when executed by the one or more processors, cause the one or more processors to: identify a subset of the one or more security devices within each identified security subsystem; (Liu discloses comprising instructions that, when executed by the one or more processors [0016], cause the one or more processors [0016] to: identify a subset [0039] of the one or more security devices [0026] within each identified security subsystem [0012]) obtain device data for the one or more security devices; (Liu discloses obtain device data [0028] for the one or more security devices [0026]) and provide the device to a data platform, (Liu discloses and provide the device [0026]; [0035] to a data platform [0021]) Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Liu with the method/system of Cayemberg to include comprising instructions that, when executed by the one or more processors, cause the one or more processors to: identify a subset of the one or more security devices within each identified security subsystem; obtain device data for the one or more security devices; and provide the device to a data platform. One would have been motivated to provide a method and system for remotely managing IoT devices (Liu, [0026]). Claim 17 is rejected under 35 U.S.C. 103 as being unpatentable over Cayemberg et al (“Cayemberg,” US 20170357607), Liu et al (“Liu,” US 20180092151) in view of Ben Ari et al (“Ben Ari,” US 20210377718) and further in view of Crabtree et al (“Crabtree,” US 20200296137) Regarding claim 17, Cayemberg, Liu and Ben Ari disclose the building management system of claim 16. Cayemberg, Liu and Ben Ari fail to explicitly disclose wherein at least one of the plurality of subsystems uses at least one of a plurality of security protocols, wherein the plurality of security protocols comprises at least one of SNMP, ONVIF, SSDP, NMAP or WS-Discovery. However, in an analogous art, Crabtree discloses wherein at least one of the plurality of subsystems uses at least one of a plurality of security protocols, wherein the plurality of security protocols comprises at least one of SNMP, ONVIF, SSDP, NMAP or WS-Discovery (Crabtree discloses wherein at least one of the plurality of subsystems [0116] uses at least one of a plurality of security protocols [0074], wherein the plurality of security protocols comprises at least one of SNMP, ONVIF, SSDP, NMAP [0065] or WS-Discovery) Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Crabtree with the method/system of Cayemberg, Liu and Ben Ari to include wherein at least one of the plurality of subsystems uses at least one of a plurality of security protocols, wherein the plurality of security protocols comprises at least one of SNMP, ONVIF, SSDP, NMAP or WS-Discovery. One would have been motivated to provide a system and method for generating comprehensive security profiles and ratings for organizations that takes into account the organization's infrastructure and operations in generating the profile, and the context and purpose of the rating to be generated related to the profile (Crabtree, [0005]). Claims 18-19 are rejected under 35 U.S.C. 103 as being unpatentable over Cayemberg et al (“Cayemberg,” US 20170357607), Liu et al (“Liu,” US 20180092151) in view of Ben Ari et al (“Ben Ari,” US 20210377718) in view of Bolton et al (“Bolton,” US 20150163327). Regarding claim 18, Cayemberg and Liu disclose the building management system of claim 16. Ben Ari further discloses wherein the protocol-specific subsystem criteria comprises and the identifying string, (Ben Ari discloses wherein the protocol-specific subsystem criteria [0029], FIG 3 comprises and the identifying string (306, 312, FIG 3)) Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Ben Ari with the method/system of Cayemberg and Liu to include wherein the protocol-specific subsystem criteria comprises and the identifying string. One would have been motivated to provide discovery processes based on discovery pattern affinity (Ben Ari, [0001]). Cayemberg, Liu and Ben Ari fail to explicitly disclose wherein the protocol-specific subsystem criteria comprises a unique network port. However, in an analogous art, Bolton discloses wherein the protocol-specific subsystem criteria comprises a unique network port (Bolton discloses wherein the protocol-specific subsystem criteria [0079], [0062] comprises a unique network port [0037]-[0038]) Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Bolton with the method/system of Cayemberg and Ben Ari to include wherein the protocol-specific subsystem criteria comprises a unique network port. One would have been motivated to provide correct port identification in a network host connection (Bolton, [0016]). Regarding claim 19, Cayemberg, Liu and Ben Ari disclose the building management system of claim 16. Cayemberg, Liu and Ben Ari fail to explicitly disclose wherein each command is transmitted on a network port identified in the protocol-specific subsystem criteria. However, in an analogous art, Bolton discloses wherein each command is transmitted on a network port identified in the protocol-specific subsystem criteria. (Bolton discloses wherein each command [0056] is transmitted on a network port [0037]-[0038] identified in the protocol-specific subsystem criteria [0037], [0042]) Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Bolton with the method/system of Cayemberg, Liu and Ben Ari to include wherein each command is transmitted on a network port identified in the protocol-specific subsystem criteria. One would have been motivated to provide correct port identification in a network host connection (Bolton, [0016]). Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to JAMES J WILCOX whose telephone number is (571)270-3774. The examiner can normally be reached M-F: 8 A.M. to 5 P.M.. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu T. Pham can be reached at (571)270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /JAMES J WILCOX/ Examiner, Art Unit 2439 /LUU T PHAM/Supervisory Patent Examiner, Art Unit 2439
Read full office action

Prosecution Timeline

Sep 06, 2024
Application Filed
Jan 23, 2026
Non-Final Rejection — §103
Apr 13, 2026
Interview Requested

Precedent Cases

Applications granted by this same examiner with similar technology

17/950,493
Patent 12562884
OBFUSCATING DATA AT-TRANSIT
2y 5m to grant Granted Feb 24, 2026
17/403,470
Patent 12495042
SYSTEMS AND METHODS FOR RESETTING AN AUTHENTICATION COUNTER
2y 5m to grant Granted Dec 09, 2025
17/837,293
Patent 12450359
METHOD AND APPARATUS FOR SECURING EMBEDDED DEVICE FIRMWARE
2y 5m to grant Granted Oct 21, 2025
17/702,858
Patent 12432244
Home Gateway Monitoring for Vulnerable Home Internet of Things Devices
2y 5m to grant Granted Sep 30, 2025
17/932,754
Patent 12425371
SYSTEM AND METHOD FOR PROVIDING SCHC-BASED EDGE FIREWALLING
2y 5m to grant Granted Sep 23, 2025
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

1-2
Expected OA Rounds
70%
Grant Probability
99%
With Interview (+60.3%)
3y 5m
Median Time to Grant
Low
PTA Risk
Based on 609 resolved cases by this examiner. Grant probability derived from career allow rate.

Ready to respond to this office action?

IP Author drafts your complete OA response — amendments, arguments, and claim strategy — in minutes, not days.

Start Drafting Your Response →

Data sourced from USPTO Patent File Wrapper (daily) and Office Action Archive (weekly). Analysis generated by IP Author.

Data: USPTO Patent File Wrapper (daily) • Office Action Archive (weekly) • 89M+ prosecution events

© 2026 IP Author — Browse Office ActionsExaminersCompaniesFirms

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month