DETAILED ACTION
The following Non-Final office action is in response to application 18/867,192 filed on 11/19/2024. Examiner notes priority claims to PCT/US2023/067264 filed 5/19/2023, 63/344,613 filed 5/22/2022, and 63/344,483 filed 5/20/2022. IDS filed 11/19/2024 has been considered.
Status of Claims
Claims 1-21 are currently pending and have been rejected as follows.
Claim Objections
Claim 21 is objected to because of the following informalities: Claim 21 recites that it depends on claim 8, while it should recite, and for purposes of compact prosecution is interpreted, that it depends on claim 15. Appropriate correction is required.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-21 are clearly drawn to at least one of the four categories of patent eligible subject matter recited in 35 U.S.C. 101 (method, system, and non-transitory machine readable storage medium). Claims 1-21 are rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without integrating the abstract idea into a practical application or amounting to significantly more than the abstract idea.
Regarding Step 1 of the 2019 Revised Patent Subject Matter Eligibility Guidance (‘2019 PEG”), Claims 1-7 are directed toward the statutory category of a machine (reciting a “system”). Claims 8-14 are directed toward the statutory category of a process (reciting a “method”). Claims 15-21 are directed toward the statutory category of an article of manufacturer (reciting a “non-transitory machine readable storage medium”).
Regarding Step 2A, prong 1 of the 2019 PEG, Claims 1, 8 and 15 are directed to an abstract idea by reciting … to receive incoming event information from a plurality of near-real-time information sources, the … operative to store raw event information … operative to execute a data-mining algorithm on the raw event information to produce a structured output of event information from the plurality of information sources in a common event-information format; … to receive information about an organization from a plurality of different business systems of the organization, … operative to create a structured organization description that includes information about resources of the organization in a common organization-information format; … operative to apply threat assessment criteria to the structured output of the event information and to the structured organization description to produce an event-resource assessment of whether an event is likely to impact a resource of the organization; and … operative to determine a response recommendation for each event-resource assessment based on response criteria, and […] (Example Claim 1).
The claims are considered abstract because these steps recite certain methods of organizing human activity and mental processes. The claims recite steps for receiving and storing event information, executing an algorithm to produce an output, receiving organizational information from business systems, creating a structured organization description, applying threat assessment criteria to determine whether an event is likely to impact a resource, determining a response recommendation, and outputting it for display. It is understood that the claimed steps aim to provide a proactive structured and autonomous response to emergent risks for business organization information technology resources through the various programmed “engines” of the claimed system (Applicant’s Specification, p. 1-6). By this evidence, the claims recite a type of certain methods of organizing human activity and mental processes common to judicial exception to patent-eligibility. By preponderance, the claims recite an abstract idea (e.g., a “system and method” facilitating organization resilience).
Regarding Step 2A, prong 2 of the 2019 PEG, the judicial exception is not integrated into a practical application because the claims (the judicial exception and the additional elements such as an event monitor engine having an input; an event data mining engine communicatively coupled to the event monitor engine; an organization information structuring engine having an input; a threat assessment engine communicatively coupled to the event data mining engine and to the organization information structuring engine; a response advisor engine communicatively coupled to the threat assessment engine; to output the response recommendation to be displayed via a graphical user interface) are not an improvement to a computer or a technology, the claims do not apply the judicial exception with a particular machine, the claims do not effect a transformation or reduction of a particular article to a different state or thing nor do the claims apply the judicial exception in some other meaningful way beyond generally linking the use of the judicial exception to a particular technological environment such that the claims as a whole is more than a drafting effort designed to monopolize the exception (see MPEP §§ 2106.05(a-c, e)).
Dependent claims 2-7, 9-14, and 16-21 do not include additional elements that are sufficient to amount to significantly more than the judicial exception because the limitations recite mere instructions to implement an abstract idea on a computer, or merely uses a computer as a tool to perform an abstract idea ‐ see MPEP 2106.05(f).
Regarding Step 2B of the 2019 PEG, the additional elements have been considered above in Step 2A Prong 2. The claim limitations do not amount to significantly more than the judicial exception because they are directed to limitations referenced in MPEP 2106.05I.A. that are not enough to qualify as significantly more when recited in a claim with an abstract idea because the limitations recite mere instructions to implement an abstract idea on a computer, or merely uses a computer as a tool to perform an abstract idea ‐ see MPEP
2106.05(f).
Applicant's claims mimic conventional, routine, and generic computing by their similarity to other concepts already deemed routine, generic, and conventional [Berkheimer Memorandum, Page 4, item 2] by the following [MPEP § 2106.05(d) Part (II)]. The claims recite steps like: “Receiving or transmitting data over a network, e.g., using the Internet to gather data,” Symantec, “Performing repetitive calculations,” Flook, and “storing and retrieving information in memory,” Versata Dev. Group, Inc. v. SAP Am., Inc. (citations omitted), by performing steps to “receive” event information, “execute” an algorithm, “receive organization information, “apply” threat assessment criteria, “determine” a response recommendation, and “output” the response recommendation (Example Claim 1).
By the above, the claimed computing “call[s] for performance of the claimed information collection, analysis, and display functions ‘on a set of generic computer components' and display devices” [Elec. Power Group, 830 F.3d at 1355] operating in a “normal, expected manner” [DDR Holdings, LLC v. Hotels.com, L.P., 773 F.3d at 1245, 1258 (Fed. Cir. 2014)].
Conclusively, Applicant's invention is patent-ineligible. When viewed both individually and as a whole, Claims 1-21 are directed toward an abstract idea without integration into a practical application and lacking an inventive concept.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-21 are rejected under 35 USC 103 as being unpatentable over the teachings of
De Assuncao et al., US 20140358609 A1, hereinafter Assuncao, in view of
Williams et al., US 20130253979 A1, hereinafter Williams, in view of
Refsland et al., US 20090063234 A1, hereinafter Refsland. As per,
Claims 1, 8, 15
Assuncao teaches
A system for facilitating organizational resilience, comprising: /
An automated method for facilitating organizational resilience, comprising: by an automated system /
At least one non-transitory machine-readable storage medium containing instructions that, when executed on a computing system, causes the computing system to: (Assuncao fig. 1; [0004] “the process of monitoring the infrastructure and creating tickets is typically automated;” [0006]; [0024]; [0044]-[0045])
an event monitor engine having an input to receive incoming event information from a plurality of near-real-time information sources, the event monitor engine operative to store raw event information; (Assuncao [0015] “the system 100 generally comprises an incident management system 102, an infrastructure monitoring and management system 104, an asset and configuration system 106, and customer support system 108;” [0016] “The infrastructure monitoring and management system 104 is responsible for monitoring a managed infrastructure 110, such as an information technology (IT) infrastructure). … the infrastructure monitoring and management system 104 identifies potential failures … and creates tickets in response to these potential failures;” [0021] “The incident history database 116 stores all tickets that are created as a result of problems detected by the infrastructure monitoring and management system 104 or reported via the customer support system 108” note the monitoring and receipt of event information from multiple sources and storing the incoming information)
an event data mining engine communicatively coupled to the event monitor engine, the event data mining engine operative to execute a data-mining algorithm on the raw event information to produce a structured output of event information from the plurality of information sources in a common event-information format; (Assuncao [0021] “this data may help to resolve future tickets and is thus stored for data mining purposes;” [0022] “The ticket dependency discovery engine 118 infers a ticket dependency graph 122 from messages exchanged by the analysts 120, information contained in the tickets, and the asset configuration data. Thus, the ticket dependency discovery engine 118 cross references information from various sources” noting the system mining the stored data from multiple data sources to infer structured dependency relationships; the dependency graph corresponding to the output in a common event-information format)
an organization information structuring engine having an input to receive information about an organization from a plurality of different business systems of the organization, the organization information structuring engine operative to create a structured organization description that includes information about resources of the organization in a common organization-information format; (Assuncao [0017] “The asset and configuration system 106 discovers, stores, and manages information about the equipment, software, and systems that comprise the managed infrastructure 110, as well as the configurations of the equipment, software, and systems. The asset and configuration system 106 may also store the configuration map of the servers and application components, including their interdependence graphs (e.g., component graphs). This information is stored in an asset information repository or database 112 for use by other components of the system 100. The stored information may be discovered automatically by the asset and configuration system 106 or entered manually by the personnel responsible for asset configuration management” note the structured organization information including resources such as equipment, software, and systems and their dependencies; note the system receiving the information automatically or manually)
a threat assessment engine communicatively coupled to the event data mining engine and to the organization information structuring engine, the threat assessment engine operative to […] to the structured output of the event information and to the structured organization description to produce an event-resource assessment of whether an event is likely to impact a resource of the organization; and (Assuncao [0005] “obtaining a component dependency graph that infers dependencies between a plurality of components of the managed infrastructure, and inferring a dependency graph from the component dependency graph;” [0022] “The ticket dependency discovery engine 118 infers a ticket dependency graph 122 from messages exchanged by the analysts 120, information contained in the tickets, and the asset configuration data. Thus, the ticket dependency discovery engine 118 cross references information from various sources” noting the event and ticket information along with the asset configuration data used to infer whether incidents are related to affected components)
[…].
Assuncao does not explicitly teach, Williams however in the analogous art of risk management teaches
[…] apply threat assessment criteria […]; (Williams [0042] “the Risk Management Index 104 is developed for each component of a given business capability 102. The analysis includes a development of a scenario 110 exercising one of more vulnerabilities of the component under consideration. In some embodiments, a basis of the calculation comprises a combination of three elements, including an impact score 112, a likelihood score 114, and a maturity score 116” note the threat assessment criteria)
Before the effective filing date of the claimed invention, it would have been obvious for one of ordinary skill in the art to modify Assuncao’s proactive incident monitoring to include applying threat assessment criteria in view of Williams in an effort to improve the business capability and components’ resilience to threats through a reduction in the risk indices (see Williams ¶ [0098] & MPEP 2143G).
Assuncao / Williams do not explicitly teach, Refsland however in the analogous art of risk management teaches
a response advisor engine communicatively coupled to the threat assessment engine, the response advisor engine operative to determine a response recommendation for each event-resource assessment based on response criteria, and to output the response recommendation to be displayed via a graphical user interface. (Refsland [0015] “The system provides interactive, best practice guidance for all stages of an incident … dynamically responds in real-time to the specific incident and role being performed;” [0105] “Everyone on the system then receives appropriate alerts (email, pager, sms, etc as configured for each person), an incident-specific job action sheet (step 3) customized to their role and their own “Dashboard” (FIG. 1) that provides the tools and information they need to perform effectively in their role” note the determination of a response and outputting the response to a dashboard)
Before the effective filing date of the claimed invention, it would have been obvious for one of ordinary skill in the art to modify Assuncao’s proactive incident monitoring and Williams’s threat assessment criteria to include determine a response recommendation and presenting it in view of Refsland in an effort to improve the response time and quality of the response (see Refsland ¶ [0015] & MPEP 2143G).
Claims 2, 9, 16
Assuncao teaches
wherein the event monitor engine is operative to store the raw event information in formats provided by the respective information sources. (Assuncao [0003] “A potential issue is generally reported in a semi-structured document (e.g., a "ticket") containing details about the affected hardware components or services and a textual description explaining the issue.” Noting the source generated and stored tickets containing details and a text description)
Claims 3, 10, 17
Assuncao / Refsland do not explicitly teach, Williams however in the analogous art of risk management teaches
wherein the threat assessment engine is operative to compute a criticality score that represents a degree of impact that an event is likely to have upon a resource of the organization. (Williams [0004] “an organizational impact score is determined from an aggregate of scenario impact scores;” [0043] “impact 112 represents the consequence to the organization … Likelihood 114 is based on a … the particular threat and likely target” note the computed score corresponding to the criticality score)
The motivations/rationales to combine Assuncao / Refsland with Williams persists.
Claims 4, 11, 18
Assuncao / Refsland do not explicitly teach, Williams however in the analogous art of risk management teaches
wherein the response advisor engine is operative to de-prioritize processing of event-resource assessments that have relatively lower criticality scores in favor of processing other event-resource assessments that have relatively higher criticality scores. (Williams [0042] “application of this calculation enables a consistent approach in prioritizing mitigations and corrective actions across various business units;” [0157] “ the range of scores for the Risk Index 104 effectively ranges from 0 to 4680. As these numbers are not immediately intuitive in a risk management arena, it is typical to normalize these scores into tiers, High, Medium, and Low.” Note the prioritizing based on the risk scores)
The motivations/rationales to combine Assuncao / Refsland with Williams persists.
Claims 5, 12, 19
Assuncao / Refsland do not explicitly teach, Williams however in the analogous art of risk management teaches
wherein the criticality score is a single value that is computed from a plurality of categorized impact scores. (Williams [0004] “an organizational impact score is determined from an aggregate of scenario impact scores;” [0138] “an overall impact score being the sum of the score for each row for each scenario 110 for a group of components” note the single overall impact score computed from a plurality of category impact scores)
The motivations/rationales to combine Assuncao / Refsland with Williams persists.
Claims 6, 13, 20
Assuncao / Refsland do not explicitly teach, Williams however in the analogous art of risk management teaches
wherein the threat assessment engine is operative to compute a risk index for a resource of the organization based on historical data about that resource, the risk index representing a measure of susceptibility that resource has to events. (Williams [0039] “the Risk Management Framework 100 further includes components that document a history of scenarios and threats;” [0042] “the Risk Management Index 104 is developed for each component of a given business capability 102;” [0132] “Over time, as each new set of risk/threat scenarios, vulnerabilities findings, state of controls, and impact/likelihood changes, the risk profile may be updated” note the computed risk index for components including historical information and likelihood)
The motivations/rationales to combine Assuncao / Refsland with Williams persists.
Claims 7, 14, 21
Assuncao / Williams do not explicitly teach, Refsland however in the analogous art of risk management teaches
further comprising: a notifier engine communicatively coupled to the response advisor engine and to the organization information structuring engine, the notifier engine operative to generate notifications to specific personnel of the organization that are assigned responsibility for responding to event-resource incidents. (Refsland [0014] “The system can note when expected responders are not active and page backup responders or re-assign tasks to appropriate personnel to ensure adequate response to an incident;” [0105] “Everyone on the system then receives appropriate alerts (email, pager, sms, etc as configured for each person), an incident-specific job action sheet (step 3) customized to their role and their own "Dashboard"” noting the personnel responsible for a resource notified)
The motivations/rationales to combine Assuncao / Williams with Refsland persists.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. US-20210034448-A1; WO-2014145579-A2; WO-2021154460-A1; Zahoransky et al., Towards a Process-Centered Resilience Framework (Year: 2015).
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOHAMED EL-BATHY whose telephone number is (571)270-5847. The examiner can normally be reached on M-F 8AM-4:30PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, PATRICIA MUNSON can be reached on (571) 270-5396. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/MOHAMED N EL-BATHY/Primary Examiner, Art Unit 3624