DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Priority
Should applicant desire to obtain the benefit of foreign priority under 35 U.S.C. 119(a)-(d) prior to declaration of an interference, a certified English translation of the foreign application must be submitted in reply to this action. 37 CFR 41.154(b) and 41.202(e).
Failure to provide a certified translation may result in no benefit being accorded for the non-English application.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 9/11/2024 is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.
Claim Objections
A series of singular dependent claims is permissible in which a dependent claim refers to a preceding claim which, in turn, refers to another preceding claim.
A claim which depends from a dependent claim should not be separated by any claim which does not also depend from said dependent claim. It should be kept in mind that a dependent claim may refer to any preceding independent claim. In general, applicant's sequence will not be changed. See MPEP § 608.01(n).
Claims 3 and 7 are dependent on dependent claim 2, and are separated by claims 4-6 which do not also depend on claim 2.
Examiner notes that should the application be deemed ready for allowance, the examiner will renumber the claims as necessary to ensure compliance.
Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.
The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art. The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is invoked.
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph:
the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function;
the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and
the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function.
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function.
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function.
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier. Such claim limitation(s) is/are:
Claim 1:
“the management system [means] is adapted to tamper with a part of the verification software [function]”
“the management system [means] is adapted to … install the verification software tampered with [function]”
“the storage controller [means] is adapted to activate the verification software [function]”
“the management system [means] is adapted to present, to the user, a result of verification of tampering by the verification software [function]”
Claim 5:
“the storage controller [means] is adapted to activate the A-side software [function]”
Claim 7:
“the management system is adapted to receive information about a current verification status of the verification software [function]”
Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, applicant may:
amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) (e.g., by reciting sufficient structure to perform the claimed function); or
present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f).
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
Claim(s) 1-8 are rejected under 35 U.S.C. 112(b) as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor regards as the invention.
Regarding claim(s) 1 and 8:
Claim 1 recites, “the management system is adapted to … install the verification software tampered with at the part in the storage controller” Claim(s) 8 recite similar language. The claims are indefinite because what “part” of or in the “storage controller” is being described. No previous recitation defines in what part of the storage controller the tampered-with verification software is being installed. This rejection can be overcome by amending the claims such that it is clear what “part” is referred to by the limitation.
Regarding claim 4:
The recites, “… in the verification software, some of functions of normal software to be executed by the storage controller are omitted.” The claim is indefinite because it is unclear to what “normal software” is being referred. There is no previous recitation of “normal software” to inform one skilled in the art as to what functions may be omitted. This rejection can be overcome by amending the claim such that the term “normal software” is made clear.
Regarding claims 2, 3, and 5-7:
They are dependent on one or more rejected claims, and thus inherit those rejections. This rejection could be overcome by overcoming the rejection(s) to any claims upon which these claims depend, or by amending the claims such that they are no longer dependent on any rejected claim.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1 and 8 are rejected under 35 U.S.C. 103 as being unpatentable over ZIESE (Doc ID US 6567917 B1), and further in view of POH et al (Doc ID WO 2013009262 A1).
Regarding claim 1:
ZIESE teaches:
A system for performing test for tampering verification in activation of software to be executed by a storage controller, the system comprising: a management system; and a storage controller, wherein the management system stores verification software to be executed by the storage controller ((9) Col 4 lines 16-18 "Referring to FIG. 2, a computer method is illustrated for generating the tamper-resistant software. The method begins at step 50 in which an executable file 34 is received."),
the verification software includes a program for detecting tampering in the verification software ((11) Col 2 lines 24-27 "… software … self-determines whether or not unauthorized tampering has occurred."),
the storage controller is adapted to activate the verification software((16) Col 5 lines 32-37 "... a request is received to execute the executable file 34. In response, the tamper-resistant file 30 executes the security file 32 to first determine whether the executable file 34 has been tampered with ..."), and
the management system is adapted to present, to the user, a result of verification of tampering by the verification software, which is received from the storage controller ((18) Col 5 lines 55-57 "At step 112, the security file 32 generates an alarm to indicate to an operator that tampering with the executable file 34 has occurred.").
POH teaches the following limitation(s) not taught by ZIESE:
the management system is adapted to tamper with a part of the verification software according to an instruction from a user, and to install the verification software tampered with at the part in the storage controller (Page 25, lines 12-16: "Tamper detection capability is evaluated by performing both systematic tampering and real-case tampering."),
Activating verification software to detect whether software has been tampered with is a known technique in the art, as demonstrated by ZIESE. Further, evaluating tamper protection by tampering with protected software is a known technique in the art, as demonstrated by POH. It would have been obvious to a person having ordinary skill in the art (PHOSITA) before the effective filing date of the claimed invention to modify the tamper protection of ZIESE with the tamper protection verification of POH with the motivation to ensure the supplied tamper protection is capable of detecting tampering to the software.
Regarding claim 8:
This claim is rejected with the same justification, mutatis mutandis, as its counterpart claim 1 above.
Claims 2-4 are rejected under 35 U.S.C. 103 as being unpatentable over ZIESE (Doc ID US 6567917 B1) and POH et al (Doc ID WO 2013009262 A1) as applied to claim 1 above, and further in view of SPANIER et al (Doc ID US 20170180137 A1).
Regarding claim 2:
The combination of ZIESE and POH teaches:
The system according to claim 1, wherein the verification software includes a plurality of programs, and in the plurality of programs, a preceding program verifies a subsequent program (ZIESE (16) Col 5 lines 32-37 "... a request is received to execute the executable file 34. In response, the tamper-resistant file 30 executes the security file 32 to first determine whether the executable file 34 has been tampered with ..."), and
in a case where there is no tampering, the subsequent program is activated(ZIESE (19) Col 5 lines 58-62 "... if the execution-time and initial hash values match, then it is determined that tampering with executable file 34 has not occurred and … leads to step 114. At step 114, the security file 32 executes the executable file 34."), and
SPANIER teaches the following limitation(s) not taught by the combination of ZIESE and POH:
the management system receives, from the user, designation of a program to be tampered with in the verification software ([0188] "... FIG. 7, method 700 for testing the authenticity of a firmware on the IED is shown .... Initially, a remote computer … in communication with an IED … is configured to enable a user to select a firmware included in a memory of the IED, in step 702.).
Allowing a user to choose the program to be tested is a known technique in the art, as demonstrated by SPANIER. It would have been obvious to a PHOSITA before the effective filing date of the claimed invention to modify the tamper protection and verification of ZIESE and POH with the target selection of SPANIER with the motivation to give the user the freedom to choose which pieces of software they do and do not wish to be tested for tamper-proofing.
Regarding claim 3:
The combination of ZIESE, POH, and SPANIER teaches:
The system according to claim 2, wherein the management system receives selection of a digital signature part or a binary part, in the program to be tampered with (SPANIER [0189] "… the software of the remote computer is configured to allow a user to select a data block of the selected firmware to be tested, where a data block is a subset of the raw firmware data of the selected firmware.").
Allowing a user to choose the portion of a program to be tested is a known technique in the art, as demonstrated by SPANIER. It would have been obvious to a PHOSITA before the effective filing date of the claimed invention to modify the tamper protection and verification of ZIESE, POH, and SPANIER with the target selection of SPANIER with the motivation to give the user the freedom to choose which pieces of software they do and do not wish to be tested for tamper-proofing.
Regarding claim 4:
The combination of ZIESE and POH teaches:
The system according to claim 1,
SPANIER teaches the following limitation(s) not taught by the combination of ZIESE and POH:
wherein in the verification software, some of functions of normal software to be executed by the storage controller are omitted ([0189] "… the software of the remote computer is configured to allow a user to select a number of data blocks of the selected firmware to be tested, where each block will be tested separately.").
Omitting portions of a program from testing is a known technique in the art, as demonstrated by SPANIER. It would have been obvious to a PHOSITA before the effective filing date of the claimed invention to modify the tamper protection and verification of ZIESE and POH with the target selection of SPANIER with the motivation to not waste processing resources on portions of a program that do not need to be tested.
Claims 5 and 6 are rejected under 35 U.S.C. 103 as being unpatentable over ZIESE (Doc ID US 6567917 B1) and POH et al (Doc ID WO 2013009262 A1) as applied to claim 1 above, and further in view of URAGAKI (Doc ID US 20210224387 A1).
Regarding claim 5:
The combination of ZIESE and POH teaches:
The system according to claim 1,
URAGAKI teaches the following limitation(s) not taught by the combination of ZIESE and POH:
wherein the storage controller stores A-side software and B-side software ([0023] "… The multifunctional peripheral 100 further includes ... a native program 213, a Java® program 214 …"),
the storage controller is adapted to activate the A-side software ([0029] "The activation program is called from the native program 213 by the kernel 212, so that activation processing is executed."),
the verification software is installed as the A-side software, and the B-side software is normal software ([0030] "The Java program 214 is a program executed by the CPU 101, and provides each function in cooperation with the native program 213 of the multifunctional peripheral 100.").
Storing multiple programs, one of which being verification software, is a known technique in the art, as demonstrated by URAGAKI. It would have been obvious to a PHOSITA before the effective filing date of the claimed invention to modify the tamper protection and verification of ZIESE and POH with the multiple program storage of URAGAKI with the motivation to allow for programs other than the verification software to be stored in the system, giving it wider functionality.
Regarding claim 6:
The combination of ZIESE, POH, and URAGAKI teaches:
The system according to claim 5, wherein the storage controller updates the verification software subjected to the detection of tampering, with the normal software as the B-side software (URAGAKI [0032] "… The native program 222 is called by the kernel 220, and provides a function of updating the kernel 212, the native program 213, and the Java program 214.").
Updating stored software, including verification software, is a known technique in the art, as demonstrated by URAGAKI. It would have been obvious to a PHOSITA before the effective filing date of the claimed invention to modify the tamper protection and verification of ZIESE, POH, and URAGAKI with the program updating of URAGAKI with the motivation to ensure stored programs are kept up-to-date so that any latest security updates are included in the programs.
Claim 7 is rejected under 35 U.S.C. 103 as being unpatentable over ZIESE (Doc ID US 6567917 B1), POH et al (Doc ID WO 2013009262 A1), and SPANIER et al (Doc ID US 20170180137 A1) as applied to claim 2 above, and further in view of UNAGAMI et al (Doc ID US 20130039491 A1).
Regarding claim 7:
The combination of ZIESE, POH, and SPANIER teaches:
The system according to claim 1,
UNAGAMI teaches the following limitation(s) not taught by the combination of ZIESE, POH, and SPANIER:
The system according to claim 2, wherein the management system is adapted to receive information about a current verification status of the verification software from the storage controller, and to present information about the current verification status to the user ([0439] "When the device 100 is used by the user, the protection control module 120 … performs detection processing so as to protect the applications ..., and executes the applications. … The device 100 may display ... the notification indicating that the computer programs have been tampered with (step S200).").
Providing feedback regarding the current status of tamper protection is a known technique in the art, as demonstrated by UNAGAMI. It would have been obvious to a PHOSITA before the effective filing date of the claimed invention to modify the tamper protection and verification of ZIESE, POH, and SPANIER with the tamper protection feedback of UNAGAMI with the motivation to ensure the user or operator is kept up-to-date about any detected tampering in the system, so that they might immediately take remedial actions.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRANDON BINCZAK whose telephone number is (703)756-4528. The examiner can normally be reached M-F 0800-1700.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Alexander Lagor can be reached on (571) 270-5143. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/BB/Examiner, Art Unit 2437
/BENJAMIN E LANIER/Primary Examiner, Art Unit 2437