INFORMATION PROCESSING APPARATUS, METHOD, AND COMPUTER READABLE MEDIUM

§101 §103

DETAILED ACTION This communication is a first Office Action Non-Final rejection on the merits. Preliminary amendment filed on September 4, 2024 has been acknowledged. Claims 1-15, as amended, are currently pending and have been considered below. Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 1-15 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. The claim recites the actions related to planning a measure against an attack and updating the index, which is a mental process. Under Step 1, claims 14 recite a method or process, claims 15, recite a medium and claims 1-13 recite an apparatus. As such each of the claims falls within one of the statutory categories. Under Step 2(a) – Mental processes – concepts performed in the human mind (including an observation, evaluation, judgment, opinion) (see MPEP § 2106.04(a)(2), subsection III). In the instant case the method limitations require acquiring a result of a risk analysis, planning a measure against an attack and updating an index indicating the effect, which are each part of the abstract idea and part of the mental process. The step of acquiring the result of the risk analysis is merely data gathering. The step of updating is merely updating the data both of which are insignificant extra solution activity steps. The step of planning is generic and provides no specifics as to what is required in the planning other than to state what type of data is being used. That is other than stating “using a measure information table including an index” the claims do not establish how the planning is performed. As such these elements are directed toward the abstract idea and merely applying the abstract idea on a computer, see MPEP 2106.05(f). While the claims recite elements such as medium, processor and memory the claims still allows a person to plan a measure using the data which is acquired. As such the limitation amounts to merely applying the abstract idea to a computer, which is not enough to render the claims into a practical application as shown in MPEP 2106.05(f). As such when considered individually or in combination the elements fail to render the claims into a practical application. Further the limitations themselves are considered to be merely applying the abstract idea of planning a measure against an attack on a computer, as the claims merely recite an outcome and fail to recite any specific details as to how the solution was accomplished, as established in MPEP 2106.05(f). That is the claims recite types of data which are considered but no specific manner of combining that data to achieve the result. While the claims reference that this is a form of risk analysis the limitations fail to recite or establish any specific manner of planning or risk analysis as such this is not considered an improvement. Step 2(a)(II) considers the additional elements of the independent claims with respect to transforming the abstract idea into a practical application. As noted the above the planning is generic and as such cannot be considered to be a practical application. The other steps of the independent claims amount to merely acquiring data and updating the index, which again does not amount to be a practical application. As state above the judicial exception is not integrated into a practical application. In particular, the claim recites additional elements – a processor, a memory, instructions and non-transitory computer readable medium. The hardware in claimed limitations is recited at a high-level of generality (i.e., as a generic component performing a generic functions ) such that it amounts no more than mere instructions to apply the exception using a generic components. Accordingly, this additional element does not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea. The claim is directed to an abstract idea. The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional element of using a processor and memory to receive, plan and update the data amounts to no more than mere instructions to apply the exception using a generic component. Mere instructions to apply an exception using a generic components cannot provide an inventive concept. The claim is not patent eligible. Step 2(b) considers the additional elements of the independent claims with respect to being significantly more than the identified abstract idea. As noted above there are no additional elements which indicate that the claims amount to significantly more than the abstract idea. Claim 2 recites “wherein the measure related information includes at least one of a measure policy for constructing a robust system, a measure policy according to a predetermined security policy, and a measure policy for using a specific measure product” which describes what the information includes but does not establish how the information is used in planning the measure. As such this amounts to merely applying the abstract idea on a computer, see MPEP 2106.05(f). As such this does not render the abstract idea into a practical application. Claim 3 recites “wherein the measure information table includes a measure candidate table containing a plurality of measures introducible against the attack and an index indicating an effect of each measure” which describes what the information includes but does not establish how the information is used in planning the measure. As such this amounts to merely applying the abstract idea on a computer, see MPEP 2106.05(f). As such this does not render the abstract idea into a practical application. Claim 4 recites “wherein the at least one processer is configured to execute the instructions to compare a measure planned according to the measure related information with a measure included in the planned measure, and update the measure candidate table based on a result of the comparison” which describes what the information includes but does not establish how the information is used in planning the measure. Further the limitations while describing a step of comparing do not establish how the comparison is performed or how the results are used. As such this amounts to merely applying the abstract idea on a computer, see MPEP 2106.05(f). As such this does not render the abstract idea into a practical application. Claim 5 recites “wherein the measure information table further includes a measure compatibility table containing a combination of measures in which two or more of the plurality of measures are combined and an index indicating an effect of the combination of measures, and the least one processer is configured to execute the instructions to plan a measure including a plurality of measures by using the measure candidate table and the measure compatibility table” which describes what the information includes but does not establish how the information is used in planning the measure. As such this amounts to merely applying the abstract idea on a computer, see MPEP 2106.05(f). As such this does not render the abstract idea into a practical application. Claim 6 recites “wherein the at least one processer is configured to execute the instructions to compare a combination of measures included in the measure planned according to the measure related information with a combination of measures included in the planned measure, and update the measure compatibility table based on a result of the comparison” which describes what the information includes but does not establish how the information is used in planning the measure. Further the limitations while describing a step of comparing do not establish how the comparison is performed or how the results are used. As such this amounts to merely applying the abstract idea on a computer, see MPEP 2106.05(f). As such this does not render the abstract idea into a practical application. Claim 7 recites “wherein the at least one processer is configured to execute the instructions to generate the measure compatibility table based on a plurality of pieces of measure related information that have been input by using the plurality of pieces of measure related information as inputs” which describes what the information includes but does not establish how the information is used in planning the measure. As such this amounts to merely applying the abstract idea on a computer, see MPEP 2106.05(f). As such this does not render the abstract idea into a practical application. Claim 8 recites “wherein the at least one processer is configured to execute the instructions to: initialize the index indicating the effect of the combination of measures contained in the measure compatibility table; and update the index indicating the effect of the combination of measures contained in the measure compatibility table according to whether or not the combination of measures contained in the measure compatibility table is included in a measure planned according to a measure policy included in the measure related information” which describes initializing the index and what it indicates it fails to establish how this data is then used to perform the functions. As such this amounts to merely applying the abstract idea on a computer, see MPEP 2106.05(f). As such this does not render the abstract idea into a practical application. Claim 9 recites “wherein the measure related information includes, in a case where a modification is made to the planned measure, information regarding the modification, and the at least one processer is configured to execute the instructions to update the index indicating the effect of the combination of measures contained in the measure compatibility table based on the planned measure and the information regarding the modification” which describes what the information includes but does not establish how the information is used in planning the measure. As such this amounts to merely applying the abstract idea on a computer, see MPEP 2106.05(f). As such this does not render the abstract idea into a practical application. Claim 10 recites “wherein the at least one processer is configured to execute the instructions to increase or decrease a value of the index indicating the effect of the combination of measures for the combination of measures including a measure that is included in the planned measure and is not included in the modified measure and the combination of measures including a measure that is included in the modified measure and is not included in the planned measure” which describes what the information includes but does not establish how the information is used in planning the measure. As such this amounts to merely applying the abstract idea on a computer, see MPEP 2106.05(f). As such this does not render the abstract idea into a practical application. Claim 11 recites “wherein the measure related information includes a reason for the modification, and the at least one processer is configured to execute the instructions to increase or decrease the value of the index indicating the effect of the combination of measures by a change amount corresponding to the reason for the correction” which describes what the information includes but does not establish how the information is used in planning the measure. As such this amounts to merely applying the abstract idea on a computer, see MPEP 2106.05(f). As such this does not render the abstract idea into a practical application. Claim 12 recites “wherein the at least one processer is configured to execute the instructions to: calculate a risk value of the attack route under an assumption that the planned measure is introduced into the system to be analyzed based on the measure information table; and calculate the effect of the measure under an assumption that the planned measure is introduced for each attack route, and display the calculated effect of the measure in association with the risk value of the attack route” which establishes additional calculations but fails to establish how the calculations are performed or how they used in the planning. As such this amounts to merely applying the abstract idea on a computer, see MPEP 2106.05(f). As such this does not render the abstract idea into a practical application. Claims 13 recites “wherein the index indicating the effect of the measure is set according to the effect of the measure and an introduction cost of the measure” which describes what the information includes but does not establish how the information is used in planning the measure. As such this amounts to merely applying the abstract idea on a computer, see MPEP 2106.05(f). As such this does not render the abstract idea into a practical application. Thus when considered individually or as a combination these elements do not amount to a practical application. As such claims 1-15 recite an abstract idea and without any specifics to how the functions are performed the claims are not found to render the abstract idea into a practical application. Therefore the claims have been rejected under 35 U.S.C. 101. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 1-6, 9, 12, 14 and 15 is/are rejected under 35 U.S.C. 103 as being unpatentable over Basovskiy et al. (US 2022/0014534 A1) hereafter Basovskiy, in view of Trsar et al. (US 2005/0021294 A1) hereafter Trsar. As per claim 1, Basovskiy discloses an information processing apparatus comprising: at least one memory storing instructions; and at least one processor (Basovskiy Paragraph [0121]; discloses that the apparatus includes memory storing instructions and a processor for executing the stored instructions) configured to execute the instructions to: acquire a result of a risk analysis on a system to be analyzed, including an attack route (Basovskiy Paragraph [0028]; discloses acquiring risk analysis data and continuously analyzing the attack data. Paragraph [0030]; discloses that the list of risks is mapped to specific parts of the network. Paragraphs [0049] and [0050]; discloses that the system acquires the results of the risk analysis to determine where the vulnerabilities are those are analyzed to determine attack routes or attack paths. Paragraph [0064]; discloses that data is collected on configurations on each component, the data collected includes existing vulnerabilities, logical rules and processes the logic rules using a rule engine); plan a measure against an attack used in the attack route by using a measure information table including an index (Basovskiy Paragraph [0051]; discloses that the system plans or evaluates against an attack used in the attack route or attack path. Paragraph [0056]; discloses that the system can prioritize calculated risks to prioritize remediation actions to reduce risks. Paragraph [0067]; discloses that the values are stored within an information table which includes an index. Paragraph [0077]; disclose that fact or rule clauses are each listed in the table as indexes); and update the data indicating the effect included in the measure information table based on the planned measure and measure related information (Basovskiy Paragraph [0053]; discloses that the system will update or recalculate the values as planned measures are implemented. Paragraph [0107]; discloses that each iteration is stored within the repository using the indexes. As each measure or resolution is applied the table and are updated to reflect the changes). While Basovskiy discloses storing the data in a table including indexes it is not explicit that the indexes are used to indicate an effect of the measure introduced against the attack and update the indexes based on the planned measure and measure related information. Trsar, which like Basovskiy discusses diagnosing symptoms and faults, teaches it is known to use the indexes to indicate the effect of the measure or fix which is introduced against the fault or symptom and update the indexes based on the planned measure and measure related information (Trsar paragraph [0049]; teaches it is known for the indices to be indicative of the effectiveness of each fix/test. From this the indexes indicate the effectiveness of each measure or fix which would be introduced. The system updates the recommendations stored in the database based on the ranking of the index. As such when each fix is applied the values change and the indexes are updated. Since Basovskiy establishes that the values can prioritized it would have been obvious to rank the recommendations based on effectiveness as shown in Trsar and to update those values as the fixes are applied again as shown in Trsar. This would ensure that the system identifies the most effective solution). Basovskiy discloses an information processing apparatus which acquires risk analysis information, including an attack route or path. Basovskiy discloses planning measures against the attack and indexing an effect of the measure or resolutions. Basovskiy discloses updating the index indicating the effect of the resolutions. While Basovskiy discloses storing the data in a table including indexes it is not explicit that the indexes are used to indicate an effect of the measure introduced against the attack and update the indexes based on the planned measure and measure related information. The sole difference between the primary reference Basovskiy and the claimed subject matter is that the Basovskiy reference does not explicitly disclose that the index is used to indicate an effect of the measure introduced against the attack and update the indexes based on the planned measure and measure related information. The Trsar reference teaches that it is known to for the index is used to indicate an effect of the measure introduced against the attack and update the indexes based on the planned measure and measure related information. Trsar establishes that it is known in the prior art at the time of the invention to utilize indexes to indicate the effectiveness of recommendations and to update those indexes based on the applied solutions. Since each individual element and its function are shown in the prior art, albeit shown in separate references, the difference between the claimed subject matter and the prior art rests not on any individual element or function but in the very combination itself- that is in the substitution of the indexes shown in Basovskiy with the indexes used to indicate the effect of the measure or fix which is introduced against the fault or symptom as taught by Trsar. Thus, the simple substitution of one known element for another producing a predictable result renders the claim obvious. Therefore, from this teaching of Trsar, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify the information processing apparatus provided by Basovskiy, with the indexes used to indicate the effect of the measure or fix which is introduced against the fault or symptom as taught by Trsar, for the purposes of listing the most effective recommendations. Since Basovskiy establishes that the values can prioritized it would have been obvious to rank the recommendations based on effectiveness as shown in Trsar and to update those values as the fixes are applied again as shown in Trsar. This would ensure that the system identifies the most effective solution. As per claim 2, the combination of Basovskiy and Trsar teaches the information processing apparatus according to claim 1, Basovskiy further discloses wherein the measure related information includes at least one of a measure policy for constructing a robust system, a measure policy according to a predetermined security policy, and a measure policy for using a specific measure product (Basovskiy Paragraph [0068]; discloses that the related information includes a set of rules or policies which are constructed to implement the security on the system. Paragraphs [0108] and [0110]; discloses that policies are rules are used to evaluate goals or measurements in the system to ensure the goals are met and the rules are complied with). As per claim 3, the combination of Basovskiy and Trsar teaches the information processing apparatus according to claim 1, Basovskiy further discloses wherein the measure information table includes a measure candidate table containing a plurality of measures introducible against the attack and an index (Basovskiy Paragraph [0049]; discloses that the table includes remediation options. Paragraph [0053]; discloses that system identifies the impacts to the system. The system will report each issue the system will establish recommendations and courses of actions. The system will re-calculate paths based on the remediation options Paragraph [0054]; discloses comparing the different remediation options and conditions what-if predictions. Paragraph [0107]; discloses that the impacts that are resolved are stored and indexed in the system). Trsar teaches it is known to use the indexes to indicate the effect of the measure or fix which is introduced against the fault or symptom (Trsar paragraph [0049]; teaches it is known for the indices to be indicative of the effectiveness of each fix/test. From this the indexes indicate the effectiveness of each measure or fix which would be introduced. The system updates the recommendations stored in the database based on the ranking of the index. As such when each fix is applied the values change and the indexes are updated). As per claim 4, the combination of Basovskiy and Trsar teaches the information processing apparatus according to claim 3, Basovskiy further discloses wherein the at least one processor is configured to execute the instructions to compare a measure planned according to the measure related information with a measure included in the planned measure, and update the measure candidate table based on a result of the comparison (Basovskiy Paragraphs [0053]-[0056]; discloses that the system will compare different remediation options, as well as the order in which they are performed to minimize cost and minimizing effort. The system can provide feedback and update the tables or databases when new information is calculated). As per claim 5, the combination of Basovskiy and Trsar teaches the information processing apparatus according to claim 3, Basovskiy further discloses wherein the measure information table further includes a measure compatibility table containing a combination of measures in which two or more of the plurality of measures are combined and an index indicating an effect of the combination of measures (Basovskiy Paragraph [0076]; discloses that the system can combine resolutions which would include two or more and index a combination of elements), and the at least one processor is configured to execute the instructions to plan a measure including a plurality of measures by using the measure candidate table and the measure compatibility table (Basovskiy Paragraph [0076]; discloses that the combined instructions are implemented by the system. Paragraph [0120]; discloses that the logic is carried out by a processor executing the instructions). As per claim 6, the combination of Basovskiy and Trsar teaches the information processing apparatus according to claim 5, Basovskiy further discloses wherein the at least one processor is configured to execute the instructions to compare a combination of measures included in the measure planned according to the measure related information with a combination of measures included in the planned measure, and update the measure compatibility table based on a result of the comparison (Basovskiy Paragraphs [0053]-[0056]; discloses that the system will compare different remediation options, as well as the order in which they are performed to minimize cost and minimizing effort. The system can provide feedback and update the tables or databases when new information is calculated). As per claim 9, the combination of Basovskiy and Trsar teaches the information processing apparatus according to claim 5, Basovskiy further discloses wherein the measure related information includes, in a case where a modification is made to the planned measure, information regarding the modification (Paragraph [0090]; discloses that as the measure is applied the values are updated), and the at least one processor is configured to execute the instructions to update the index indicating the effect of the combination of measures contained in the measure compatibility table based on the planned measure and the information regarding the modification (Basovskiy Paragraph [0053]; discloses that the system will update or recalculate the values as planned measures are implemented. Paragraph [0107]; discloses that each iteration is stored within the repository using the indexes. As each measure or resolution is applied the table and indexes are updated to reflect the changes). As per claim 12, the combination of Basovskiy and Trsar teaches the information processing apparatus according to claim 1, Basovskiy further discloses wherein the at least one processor is configured to execute the instructions to: calculate a risk value of the attack route under an assumption that the planned measure is introduced into the system to be analyzed based on the measure information table (Basovskiy Paragraph [0053]-[0056]; discloses that the risk value for each attack route being analyzed is considered and each remediation action is considered as part of the what-if predictions) and calculate the effect of the measure under an assumption that the planned measure is introduced for each attack route, and display the calculated effect of the measure in association with the risk value of the attack route (Basovskiy Paragraph [0053]-[0056]; discloses that each measure is calculated and recalculated based on remediation options for each attack route or path. Paragraph [0122]; discloses that the system includes a display for displaying the information as discussed in paragraph [0053]. The purposes of this is to prioritize remediation actions to reduce risk and minimize cost). As per claim 14, Basovskiy discloses an information processing method comprising: acquiring a result of a risk analysis on a system to be analyzed, including an attack route (Basovskiy Paragraph [0028]; discloses acquiring risk analysis data and continuously analyzing the attack data. Paragraph [0030]; discloses that the list of risks is mapped to specific parts of the network. Paragraphs [0049] and [0050]; discloses that the system acquires the results of the risk analysis to determine where the vulnerabilities are those are analyzed to determine attack routes or attack paths. Paragraph [0064]; discloses that data is collected on configurations on each component, the data collected includes existing vulnerabilities, logical rules and processes the logic rules using a rule engine); planning a measure against an attack used in the attack route by using a measure information table including an index (Basovskiy Paragraph [0051]; discloses that the system plans or evaluates against an attack used in the attack route or attack path. Paragraph [0056]; discloses that the system can prioritize calculated risks to prioritize remediation actions to reduce risks. Paragraph [0067]; discloses that the values are stored within an information table which includes an index. Paragraph [0077]; disclose that fact or rule clauses are each listed in the table as indexes); and updating the data indicating the effect included in the measure information table based on the planned measure and measure related information (Basovskiy Paragraph [0053]; discloses that the system will update or recalculate the values as planned measures are implemented. Paragraph [0107]; discloses that each iteration is stored within the repository using the indexes. As each measure or resolution is applied the table and are updated to reflect the changes). While Basovskiy discloses storing the data in a table including indexes it is not explicit that the indexes are used to indicate an effect of the measure introduced against the attack and update the indexes based on the planned measure and measure related information. Trsar, which like Basovskiy discusses diagnosing symptoms and faults, teaches it is known to use the indexes to indicate the effect of the measure or fix which is introduced against the fault or symptom and update the indexes based on the planned measure and measure related information (Trsar paragraph [0049]; teaches it is known for the indices to be indicative of the effectiveness of each fix/test. From this the indexes indicate the effectiveness of each measure or fix which would be introduced. The system updates the recommendations stored in the database based on the ranking of the index. As such when each fix is applied the values change and the indexes are updated. Since Basovskiy establishes that the values can prioritized it would have been obvious to rank the recommendations based on effectiveness as shown in Trsar and to update those values as the fixes are applied again as shown in Trsar. This would ensure that the system identifies the most effective solution). Basovskiy discloses an information processing apparatus which acquires risk analysis information, including an attack route or path. Basovskiy discloses planning measures against the attack and indexing an effect of the measure or resolutions. Basovskiy discloses updating the index indicating the effect of the resolutions. While Basovskiy discloses storing the data in a table including indexes it is not explicit that the indexes are used to indicate an effect of the measure introduced against the attack and update the indexes based on the planned measure and measure related information. The sole difference between the primary reference Basovskiy and the claimed subject matter is that the Basovskiy reference does not explicitly disclose that the index is used to indicate an effect of the measure introduced against the attack and update the indexes based on the planned measure and measure related information. The Trsar reference teaches that it is known to for the index is used to indicate an effect of the measure introduced against the attack and update the indexes based on the planned measure and measure related information. Trsar establishes that it is known in the prior art at the time of the invention to utilize indexes to indicate the effectiveness of recommendations and to update those indexes based on the applied solutions. Since each individual element and its function are shown in the prior art, albeit shown in separate references, the difference between the claimed subject matter and the prior art rests not on any individual element or function but in the very combination itself- that is in the substitution of the indexes shown in Basovskiy with the indexes used to indicate the effect of the measure or fix which is introduced against the fault or symptom as taught by Trsar. Thus, the simple substitution of one known element for another producing a predictable result renders the claim obvious. Therefore, from this teaching of Trsar, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify the information processing apparatus provided by Basovskiy, with the indexes used to indicate the effect of the measure or fix which is introduced against the fault or symptom as taught by Trsar, for the purposes of listing the most effective recommendations. Since Basovskiy establishes that the values can prioritized it would have been obvious to rank the recommendations based on effectiveness as shown in Trsar and to update those values as the fixes are applied again as shown in Trsar. This would ensure that the system identifies the most effective solution. As per claim 15, Basovskiy discloses a non-transitory computer readable medium storing a program for causing a computer to perform processes (Basovskiy Paragraph [0121]; discloses that the apparatus includes memory storing instructions and a processor for executing the stored instructions) including: acquiring a result of a risk analysis on a system to be analyzed, including an attack route (Basovskiy Paragraph [0028]; discloses acquiring risk analysis data and continuously analyzing the attack data. Paragraph [0030]; discloses that the list of risks is mapped to specific parts of the network. Paragraphs [0049] and [0050]; discloses that the system acquires the results of the risk analysis to determine where the vulnerabilities are those are analyzed to determine attack routes or attack paths. Paragraph [0064]; discloses that data is collected on configurations on each component, the data collected includes existing vulnerabilities, logical rules and processes the logic rules using a rule engine); planning a measure against an attack used in the attack route by using a measure information table including an index (Basovskiy Paragraph [0051]; discloses that the system plans or evaluates against an attack used in the attack route or attack path. Paragraph [0056]; discloses that the system can prioritize calculated risks to prioritize remediation actions to reduce risks. Paragraph [0067]; discloses that the values are stored within an information table which includes an index. Paragraph [0077]; disclose that fact or rule clauses are each listed in the table as indexes); and updating the data indicating the effect included in the measure information table based on the planned measure and measure related information (Basovskiy Paragraph [0053]; discloses that the system will update or recalculate the values as planned measures are implemented. Paragraph [0107]; discloses that each iteration is stored within the repository using the indexes. As each measure or resolution is applied the table and are updated to reflect the changes). While Basovskiy discloses storing the data in a table including indexes it is not explicit that the indexes are used to indicate an effect of the measure introduced against the attack and update the indexes based on the planned measure and measure related information. Trsar, which like Basovskiy discusses diagnosing symptoms and faults, teaches it is known to use the indexes to indicate the effect of the measure or fix which is introduced against the fault or symptom and update the indexes based on the planned measure and measure related information (Trsar paragraph [0049]; teaches it is known for the indices to be indicative of the effectiveness of each fix/test. From this the indexes indicate the effectiveness of each measure or fix which would be introduced. The system updates the recommendations stored in the database based on the ranking of the index. As such when each fix is applied the values change and the indexes are updated. Since Basovskiy establishes that the values can prioritized it would have been obvious to rank the recommendations based on effectiveness as shown in Trsar and to update those values as the fixes are applied again as shown in Trsar. This would ensure that the system identifies the most effective solution). Basovskiy discloses an information processing apparatus which acquires risk analysis information, including an attack route or path. Basovskiy discloses planning measures against the attack and indexing an effect of the measure or resolutions. Basovskiy discloses updating the index indicating the effect of the resolutions. While Basovskiy discloses storing the data in a table including indexes it is not explicit that the indexes are used to indicate an effect of the measure introduced against the attack and update the indexes based on the planned measure and measure related information. The sole difference between the primary reference Basovskiy and the claimed subject matter is that the Basovskiy reference does not explicitly disclose that the index is used to indicate an effect of the measure introduced against the attack and update the indexes based on the planned measure and measure related information. The Trsar reference teaches that it is known to for the index is used to indicate an effect of the measure introduced against the attack and update the indexes based on the planned measure and measure related information. Trsar establishes that it is known in the prior art at the time of the invention to utilize indexes to indicate the effectiveness of recommendations and to update those indexes based on the applied solutions. Since each individual element and its function are shown in the prior art, albeit shown in separate references, the difference between the claimed subject matter and the prior art rests not on any individual element or function but in the very combination itself- that is in the substitution of the indexes shown in Basovskiy with the indexes used to indicate the effect of the measure or fix which is introduced against the fault or symptom as taught by Trsar. Thus, the simple substitution of one known element for another producing a predictable result renders the claim obvious. Therefore, from this teaching of Trsar, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify the information processing apparatus provided by Basovskiy, with the indexes used to indicate the effect of the measure or fix which is introduced against the fault or symptom as taught by Trsar, for the purposes of listing the most effective recommendations. Since Basovskiy establishes that the values can prioritized it would have been obvious to rank the recommendations based on effectiveness as shown in Trsar and to update those values as the fixes are applied again as shown in Trsar. This would ensure that the system identifies the most effective solution. Claim(s) 7 and 8 is/are rejected under 35 U.S.C. 103 as being unpatentable over Basovskiy et al. (US 2022/0014534 A1) hereafter Basovskiy, in view of Trsar et al. (US 2005/0021294 A1) hereafter Trsar, further in view of Cao et al. (US 2018/0225548 A1) hereafter Cao. As per claim 7, the combination of Basovskiy and Trsar teaches the information processing apparatus according to claim 5, While Basovskiy discloses generating a compatibility it is not explicit wherein the at least one processor is configured to execute the instructions to generate the measure compatibility table based on a plurality of pieces of measure related information that have been input by using the plurality of pieces of measure related information as inputs. Cao, which like Basovskiy talks pattern recognition and cyber security, teaches it is known wherein the at least one processor is configured to execute the instructions to generate the measure compatibility table based on a plurality of pieces of measure related information that have been input by using the plurality of pieces of measure related information as inputs (Cao Paragraphs [0078]-[0079]; teaches that when determine patterns and checking for compatibility it is known to measure related information using a plurality of pieces of related information as inputs. Specifically to perform a compatibility function by using multiple input instance indexes. Since Basovskiy already checks for patterns and similar operations it would have been obvious to using a compatibility function based on a plurality of pieces as shown in Cao as this is a known function to determine patterns). Basovskiy discloses an information processing apparatus which acquires risk analysis information, including an attack route or path. Basovskiy discloses planning measures against the attack and indexing an effect of the measure or resolutions. Basovskiy discloses updating the index indicating the effect of the resolutions. The Trsar reference teaches that it is known to for the index is used to indicate an effect of the measure introduced against the attack and update the indexes based on the planned measure and measure related information. However, while Basovskiy discloses determining similar patterns and equality, it is not explicit it generates the measure compatibility table based on a plurality of pieces of measure related information that have been input by using the plurality of pieces of measure related information as inputs. Cao, teaches it is known to generate the measure compatibility table based on a plurality of pieces of measure related information that have been input by using the plurality of pieces of measure related information as inputs. It would have been obvious to one of ordinary skill in the art to include in the information processing apparatus of Basovskiy and Trsar the ability to generate the measure compatibility table based on a plurality of pieces of measure related information that have been input by using the plurality of pieces of measure related information as inputs at taught by Cao since the claimed invention is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the results of the combination were predictable. Therefore, from this teaching of Cao, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify the information processing apparatus provided by Basovskiy and Trsar, with the ability to generate the measure compatibility table based on a plurality of pieces of measure related information that have been input by using the plurality of pieces of measure related information as inputs at taught by Cao, for the purposes of identifying patterns. Since Basovskiy already checks for patterns and similar operations it would have been obvious to using a compatibility function based on a plurality of pieces as shown in Cao as this is a known function to determine patterns. As per claim 8, the combination of Basovskiy, Trsar and Cao teaches the information processing apparatus according to claim 7, Basovskiy further discloses wherein the at least one processor is configured to execute the instructions to: initialize the index indicating the of the combination of measures contained in the measure compatibility table (Basovskiy Paragraph [0076]; discloses that the index indicates the effect of the combination of resolutions in the table); and update the data indicating the effect of the combination of measures contained in the measure compatibility table according to whether or not the combination of measures contained in the measure compatibility table is included in a measure planned according to a measure policy included in the measure related information (Basovskiy Paragraph [0053]; discloses that the system will update or recalculate the values as planned measures are implemented. Paragraph [0107]; discloses that each iteration is stored within the repository using the indexes. As each measure or resolution is applied the table and indexes are updated to reflect the changes). Trsar teaches it is known to use the indexes to indicate the effect of the measure or fix which is introduced against the fault or symptom and to update that value (Trsar paragraph [0049]; teaches it is known for the indices to be indicative of the effectiveness of each fix/test. From this the indexes indicate the effectiveness of each measure or fix which would be introduced. The system updates the recommendations stored in the database based on the ranking of the index. As such when each fix is applied the values change and the indexes are updated). Claim(s) 10, 11 and 13 is/are rejected under 35 U.S.C. 103 as being unpatentable over Basovskiy et al. (US 2022/0014534 A1) hereafter Basovskiy, in view of Trsar et al. (US 2005/0021294 A1) hereafter Trsar, further in view of Frey et al. (EP 3783514 A1) hereafter Frey. As per claim 10, Basovskiy discloses the information processing apparatus according to claim 9, Basovskiy further discloses wherein the at least one processor is configured to execute the instructions to indicate a value of the index indicating the effect of the combination of measures of the combination of measures including a measure that is included in the planned measure and is not included in the modified measure and the combination of measures including a measure that is included in the modified measure and is not included in the planned measure (Basovskiy Paragraphs [0053]-[0056]; discloses that the system will compare different remediation options, as well as the order in which they are performed to minimize cost and minimizing effort. The system can provide feedback and update the tables or databases when new information is calculated. Paragraph [0090]; discloses that the combination of measures. These can be the initially planned resolutions and other what-if scenarios as shown in [0054]). While Basovskiy establishes updating the index it is not explicit that the value is increased or decreased. Frey, which like Basovskiy talks about risk control in cyber security, teaches it is known to increase or decrease the index values to reflect the changes of risk in the system (Frey Paragraph [0029]; teaches that the index can be modified specifically decreased to reflect updates in the system. Specifically as remediations are applied the risk is reduced and the index is decreased to reflect those changes. Since Basovskiy already discloses modifying the index values it would have been obvious to decrease the values to reflect the changes to risk as shown in Frey). Basovskiy discloses an information processing apparatus which acquires risk analysis information, including an attack route or path. Basovskiy discloses planning measures against the attack and indexing an effect of the measure or resolutions. Basovskiy discloses updating the index indicating the effect of the resolutions. However, while Basovskiy discloses modifying the index values, it is not explicit the values are increased or decreased. Frey, teaches it is known increase or decrease the index values. It would have been obvious to one of ordinary skill in the art to include in the information processing apparatus of Basovskiy the ability to increase or decrease the index values at taught by Frey since the claimed invention is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the results of the combination were predictable. Therefore, from this teaching of Frey, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify the information processing apparatus provided by Basovskiy, with the ability to increase or decrease the index values at taught by Frey, for the purposes of reflecting the changes in the risk. Since Basovskiy already discloses modifying the index values it would have been obvious to decrease the values to reflect the changes to risk as shown in Frey. As per claim 11, the combination of Basovskiy and Frey teaches the information processing apparatus according to claim 10, Frey further teaches wherein the measure related information includes a reason for the modification, and the at least one processor is configured to execute the instructions to increase or decrease the value of the index indicating the effect of the combination of measures by a change amount corresponding to the reason for the correction (Frey Paragraph [0029]; teaches that the value is decreased based on specific training being taken or other remediation being applied. The index is updated to reflect this change). As per claim 13, Basovskiy discloses the information processing apparatus according to claim 1, Basovskiy fails to further disclose wherein the index indicating the effect of the measure is set according to the effect of the measure and an introduction cost of the measure. Frey, which like Basovskiy talks about risk control in cyber security, teaches it is known wherein the index indicating the effect of the measure is set according to the effect of the measure and an introduction cost of the measure (Frey Paragraph [0029]; teaches that the index can be modified specifically decreased to reflect updates in the system. Specifically as remediations are applied the risk is reduced and the index is decreased to reflect those changes. Since Basovskiy already discloses modifying the index values it would have been obvious to decrease the values to reflect the changes to risk as shown in Frey). Basovskiy discloses an information processing apparatus which acquires risk analysis information, including an attack route or path. Basovskiy discloses planning measures against the attack and indexing an effect of the measure or resolutions. Basovskiy discloses updating the index indicating the effect of the resolutions. However, while Basovskiy discloses modifying the index values, it is not explicit wherein the index indicating the effect of the measure is set according to the effect of the measure and an introduction cost of the measure. Frey, teaches it is known wherein the index indicating the effect of the measure is set according to the effect of the measure and an introduction cost of the measure. It would have been obvious to one of ordinary skill in the art to include in the information processing apparatus of Basovskiy the ability for the index indicating the effect of the measure is set according to the effect of the measure and an introduction cost of the measure at taught by Frey since the claimed invention is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the results of the combination were predictable. Therefore, from this teaching of Frey, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify the information processing apparatus provided by Basovskiy, with the ability for the index indicating the effect of the measure is set according to the effect of the measure and an introduction cost of the measure at taught by Frey, for the purposes of reflecting the changes in the risk. Since Basovskiy already discloses modifying the index values it would have been obvious to decrease the values to reflect the changes to risk as shown in Frey. As per claim 10, the combination of Basovskiy and Trsar teaches the information processing apparatus according to claim 9, Basovskiy further discloses wherein the at least one processor is configured to execute the instructions to indicate a value of the index indicating the effect of the combination of measures of the combination of measures including a measure that is included in the planned measure and is not included in the modified measure and the combination of measures including a measure that is included in the modified measure and is not included in the planned measure (Basovskiy Paragraphs [0053]-[0056]; discloses that the system will compare different remediation options, as well as the order in which they are performed to minimize cost and minimizing effort. The system can provide feedback and update the tables or databases when new information is calculated. Paragraph [0090]; discloses that the combination of measures. These can be the initially planned resolutions and other what-if scenarios as shown in [0054]). While Basovskiy establishes updating the index it is not explicit that the value is increased or decreased. Frey, which like Basovskiy talks about risk control in cyber security, teaches it is known to increase or decrease the index values to reflect the changes of risk in the system (Frey Paragraph [0029]; teaches that the index can be modified specifically decreased to reflect updates in the system. Specifically as remediations are applied the risk is reduced and the index is decreased to reflect those changes. Since Basovskiy already discloses modifying the index values it would have been obvious to decrease the values to reflect the changes to risk as shown in Frey). Basovskiy discloses an information processing apparatus which acquires risk analysis information, including an attack route or path. Basovskiy discloses planning measures against the attack and indexing an effect of the measure or resolutions. Basovskiy discloses updating the index indicating the effect of the resolutions. The Trsar reference teaches that it is known to for the index is used to indicate an effect of the measure introduced against the attack and update the indexes based on the planned measure and measure related information. However, while Basovskiy discloses modifying the index values, it is not explicit the values are increased or decreased. Frey, teaches it is known increase or decrease the index values. It would have been obvious to one of ordinary skill in the art to include in the information processing apparatus of Basovskiy and Trsar the ability to increase or decrease the index values at taught by Frey since the claimed invention is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the results of the combination were predictable. Therefore, from this teaching of Frey, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify the information processing apparatus provided by Basovskiy and Trsar, with the ability to increase or decrease the index values at taught by Frey, for the purposes of reflecting the changes in the risk. Since Basovskiy already discloses modifying the index values it would have been obvious to decrease the values to reflect the changes to risk as shown in Frey. As per claim 11, the combination of Basovskiy, Trsar and Frey teaches the information processing apparatus according to claim 10, Frey further teaches wherein the measure related information includes a reason for the modification, and the at least one processor is configured to execute the instructions to increase or decrease the value of the index indicating the effect of the combination of measures by a change amount corresponding to the reason for the correction (Frey Paragraph [0029]; teaches that the value is decreased based on specific training being taken or other remediation being applied. The index is updated to reflect this change). As per claim 13, the combination of Basovskiy and Trsar teaches the information processing apparatus according to claim 1, Basovskiy fails to further disclose wherein the index indicating the effect of the measure is set according to the effect of the measure and an introduction cost of the measure. Frey, which like Basovskiy talks about risk control in cyber security, teaches it is known wherein the index indicating the effect of the measure is set according to the effect of the measure and an introduction cost of the measure (Frey Paragraph [0029]; teaches that the index can be modified specifically decreased to reflect updates in the system. Specifically as remediations are applied the risk is reduced and the index is decreased to reflect those changes. Since Basovskiy already discloses modifying the index values it would have been obvious to decrease the values to reflect the changes to risk as shown in Frey). Basovskiy discloses an information processing apparatus which acquires risk analysis information, including an attack route or path. Basovskiy discloses planning measures against the attack and indexing an effect of the measure or resolutions. Basovskiy discloses updating the index indicating the effect of the resolutions. The Trsar reference teaches that it is known to for the index is used to indicate an effect of the measure introduced against the attack and update the indexes based on the planned measure and measure related information. However, while Basovskiy discloses modifying the index values, it is not explicit wherein the index indicating the effect of the measure is set according to the effect of the measure and an introduction cost of the measure. Frey, teaches it is known wherein the index indicating the effect of the measure is set according to the effect of the measure and an introduction cost of the measure. It would have been obvious to one of ordinary skill in the art to include in the information processing apparatus of Basovskiy and Trsar the ability for the index indicating the effect of the measure is set according to the effect of the measure and an introduction cost of the measure at taught by Frey since the claimed invention is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the results of the combination were predictable. Therefore, from this teaching of Frey, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify the information processing apparatus provided by Basovskiy and Trsar, with the ability for the index indicating the effect of the measure is set according to the effect of the measure and an introduction cost of the measure at taught by Frey, for the purposes of reflecting the changes in the risk. Since Basovskiy already discloses modifying the index values it would have been obvious to decrease the values to reflect the changes to risk as shown in Frey. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Carmichael (US 11,574,071 B2) – discusses security controls for attack readiness. Moritz et al. (US 11,507,671 B1) – discusses detecting vulnerabilities in computer code. Hadar et al. (US 2020/0177619 A1) – discusses generating attack graphs in security platforms. Chen et al. (US 2009/0077666 A1) – discusses security threat modeling. Kravchenko et al. (EP 3872665 A1) – discusses a cyber digital twin for security controls. Any inquiry concerning this communication or earlier communications from the examiner should be directed to PAUL R FISHER whose telephone number is (571)270-5097. The examiner can normally be reached Monday - Friday 9 am to 5:30 pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached at (571)272-8878. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. PAUL R. FISHER Primary Examiner Art Unit 2498 /PAUL R FISHER/ Primary Examiner, Art Unit 2498 12/13/2025