DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is in response to the Amendment filed on 1/30/2026.
In the instant Amendment, claims 1 and 11 have been amended and claims 1 and 11 are independent claims. Claims 1-18 have been examined and are pending. This Action is made Final.
Response to Arguments
Applicant's arguments filed 1/30/2026 have been fully considered but they are not persuasive and/or are moot in view of new grounds of rejection.
Applicant Argues: “(1) In page 3 of the Office Action, the Examiner stated:
Choi discloses a detection module, adapted to detect the first memory to determine whether the firmware is tampered with ([0007] and [0011] and [0084]) - the firmware validity test may mean an operation of testing the validity of the operational firmware. Specifically, the firmware validity test may be an operation of testing the integrity of the operational firmware data based on the firmware data through an error detection algorithm);...
That is, the Examiner uses the firmware validity test taught by Choi to read on the feature of determining whether the firmware is tampered with. However, firmware validity refers to the rigorous process of ensuring firmware is authentic, secure, and functions correctly with its specific hardware. An invalid firmware is not necessarily a tampered firmware. Thus, Choi fails to disclose the feature of "a detection module, adapted to detect the first memory to determine whether the firmware is tampered with" (emphasis added).”
Examiner’s Response: The examiner respectfully disagrees. As reasonably construed a firmware validity test to test integrity of the operational firmware through an error detection algorithm reasonably reads on “detect the first memory to determine whether the firmware is tampered with”. The examiner notes if integrity is compromised is noted to be tampered (i.e., altered). The crux of Applicant’s argument is that the references fail to show certain features of the invention, it is noted that the features upon which applicant relies (i.e., , firmware validity refers to the rigorous process of ensuring firmware is authentic, secure, and functions correctly with its specific hardware) are not recited in the rejected claim(s). Although the claims are interpreted in light of the specification, limitations from the specification are not read into the claims. See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993).
Applicant Argues: “(2) In page 4 of the Office Action, the Examiner stated:
...Nickerson teaches an encryption module, adapted to generate an encryption key, and encrypt the firmware by using the encryption key to generate encrypted data stored in the second memory ([0165] and [0222] -In some embodiments, the firmware image 33d is stored in memory 68 on the re-flash module 65g in an encrypted form. Further, the firmware image is transferred to the control panel 30 in the encrypted form and the bootloader contains the key to decrypt the image to be stored in the flash memory 33a providing additional security and or protection so that even if the image is intercepted during transfer it is still encrypted...In some embodiments, the firmware image 33d is validated prior to being encrypted and stored in the memory 68 on the module 65g....
However, the encryption operation disclosed by Nickerson is applied to the firmware image stored in memory on the re-flash module, rather than the firmware itself. Thus, Nickerson fails to disclose the feature of "an encryption module, adapted to generate an encryption key, and encrypt the firmware by using the encryption key to generate encrypted data stored in the second memory".
In addition, Nickerson merely discloses that the firmware image 33d is stored in memory 68 on the re-flash module 65g (an expansion module) in encrypted form but fails to state that the re-flash module 65g or the control panel for receiving the encrypted firmware image has an encryption module to encrypt the firmware.
Moreover, Nickerson merely discloses that the bootloader contains the key to decrypt the image to be stored in the flash memory, but fails to teach or suggest that the bootloader or the control panel has additional component which is capable to generate an encryption key, and encrypt the firmware by using the encryption key to generate encrypted data. Thus, Nickerson fails to teach or suggest the feature of "a firmware protection device applied to an electronic device comprises... an encryption module, adapted to generate an encryption key, and encrypt the firmware by using the encryption key to generate encrypted data stored in the second memory".
Examiner’s Response: The examiner respectfully disagrees. The examiner notes Nickerson teaches that the key is stored in flash memory, see [0222]. Further, Nickerson teaches the firmware image is validated prior to being encrypted and stored in the memory and such encryption is applied by key encryption, see [0222]. The examiner notes by “applying” key encryption, it requires a key to be generated and applied to the firmware (i.e., encrypting) thus a key is generated and used to encrypt the firmware, subsequently, the encrypted firmware and key are stored in memories; thus, reading on “a firmware protection device applied to an electronic device comprises... an encryption module, adapted to generate an encryption key, and encrypt the firmware by using the encryption key to generate encrypted data stored in the second memory". Therefore, the examiner finds this argument not persuasive.
Applicant Argues: (3) In the Office Action, the Examiner uses the volatile memory device 220 disclosed by Choi to read on the first memory of the claimed invention and the nonvolatile memory device 100 disclosed by Choi to read on the second memory of the claimed invention.
Because the volatile memory device cannot be deemed as a read only memory (ROM), and the characteristics of nonvolatile memory device and volatile memory device are very much different during the booting process. It would not be adequate to use volatile memory device to read on the first memory (which is a ROM) of the claimed invention. Thus, Choi fails to teach the feature "wherein both the first memory and the second memory are ROMs".
Based on the disclosure of Choi, when power is applied to the storage device, the firmware controller loads firmware data stored in the nonvolatile memory device 100 and stores the firmware data as operational firmware data in the volatile memory device 220 (in the memory controller 200, for storing firmware data temporarily).
In contrast, the claimed invention is to generate an encryption key after the electronic device is turned on for the first time, and encrypt the firmware by using the encryption key to generate encrypted data stored in the second memory permanently. Thus, the firmware stored in the first memory should be deemed as corresponding to the firmware data stored in the
nonvolatile memory device 100 disclosed by Choi, rather than the operational firmware data temporarily stored in the volatile memory device 220.
Choi and Nickerson, either individually or in combination, fail to teach or suggest each and every feature of claim 1. As such, claim 1 is patentably distinct from Choi and Nickerson.
Independent claim 11 recites features similar to those recited in claim 1. Therefore, claim 11 is also patentably distinct from Choi and Nickerson.
The dependent claims set forth additional limitations not found in the prior art, and are also allowable based at least on their dependency from allowable independent claims 1 and 11.
In view of the foregoing amendments and remarks, reconsideration and withdrawal of the 35 USC 103 rejections are respectfully requested.”
Examiner’s Response: The examiner respectfully notes in light of the amendment; this argument is moot in view of new grounds of rejection
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1-5, 7, 8, 10-15 and 17-18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Choi et al. (US 2022/0107737 A1) in view of Nickerson et al. (US 2008/0027587 A1) and Chen (US 2009/0144455 A1).
Regarding Claim 1;
Choi discloses a firmware protecting device, applied to an electronic device to protect firmware ([0084] - The firmware validity test may mean an operation of testing the validity of the operational firmware. Specifically, the firmware validity test may be an operation of testing the integrity of the operational firmware data based on the firmware data through an error detection algorithm), the firmware protecting device comprising:
a first memory, adapted to store the firmware (FIG. 4 – Volatile Memory Device w/ Operational Firmware Data Storage and [0007] - ...a volatile memory device configured to store operational firmware data... and [0011]);
a second memory (FIG. 4 and Nonvolatile Memory Device w/ Firmware Data and [0007] - a volatile memory device configured to store operational firmware data and [0011]) ;
and a control unit (FIG. 4 – Firmware controller and [0096]-[0097] - The firmware controller 210 may execute operational firmware based on the operational firmware data. When power is applied to the storage device 1000, the firmware controller 210 may load firmware data stored in the nonvolatile memory device 100, and store the firmware data as operational firmware data in the volatile memory device 220), and the control unit comprising:
a detection module, adapted to detect the first memory to determine whether the firmware is tampered with ([0007] and [0011] and [0084] - The firmware validity test may mean an operation of testing the validity of the operational firmware. Specifically, the firmware validity test may be an operation of testing the integrity of the operational firmware data based on the firmware data through an error detection algorithm); and
...when it is detected that the firmware is tampered with, ....using the ... original firmware to replace the tampered firmware ([0011] - the method including: loading firmware onto each of first and second memory regions; running the firmware loaded onto the first memory region; determining the running firmware as corrupted with reference to the firmware loaded onto the second memory region; and replacing the corrupted firmware with the firmware loaded onto the second memory region).
Choi fails to explicitly disclose:
an encryption module, adapted to generate an encryption key, and encrypt the firmware by using the encryption key to generate encrypted data stored in the second memory;
[...]
a decryption module, adapted to decrypt, when it is detected that the firmware is tampered with, the encrypted data by using the encryption key to generate original firmware to replace the tampered firmware;
wherein both the first memory and the second memory are read-only memories (ROMs).
However, in an analogous art, Nickerson teaches
an encryption module, adapted to generate an encryption key, and encrypt the firmware by using the encryption key to generate encrypted data stored in the second memory ([0165] and [0222] - In some embodiments, the firmware image 33d is stored in memory 68 on the re-flash module 65g in an encrypted form. Further, the firmware image is transferred to the control panel 30 in the encrypted form and the bootloader contains the key to decrypt the image to be stored in the flash memory 33a providing additional security and/or protection so that even if the image is intercepted during transfer it is still encrypted.... In some embodiments, the firmware image 33d is validated prior to being encrypted and stored in the memory 68 on the module 65g.... which is then protected, such as by providing password protections, encrypting or otherwise protecting, for example by applying convolution (bit, byte, block or the like), applying exclusive OR (bit, byte, block level or the like), data encryption standard (DES), triple DES (3DES), substitution, RSA (Ron Rivest, Adi Shamir, and Leonard Adleman), digital signature standard (DSS), scrambling, digital signature algorithm (DSA), key encryption, public key encryption (PKI), CipherSaber, Rivest Cipher 2 (RC2), Rivest Cipher 4 (RC4), rearranging, content scrambling system (CSS), transposition, a combination of substitution and transposition, advanced encryption standard (AES), Diffe-Hellman (DH), secure hash algorithm (SHA), message digest algorithm (MD5), pretty good protection (PGP), and/or other such protections and/or combinations of protections.)
[...]
a decryption module, adapted to decrypt, when it is detected that the firmware is tampered with, the encrypted data by using the encryption key to generate original firmware to replace the tampered firmware ([0165] and [0222] - In some embodiments, the firmware image 33d is stored in memory 68 on the re-flash module 65g in an encrypted form.... Maintaining the firmware image 33d in the module 65g in an encrypted form provides protection of the firmware image... Further, the firmware image is transferred to the control panel 30 in the encrypted form and the bootloader contains the key to decrypt the image to be stored in the flash memory 33a providing additional security and/or protection so that even if the image is intercepted during transfer it is still encrypted.... [0223] – Additionally... The version of the firmware 33d can replace the firmware 33a of the control panel 30, which can provide the control panel with enhanced features, fix problems with a prior version of firmware, provide additional communication capabilities and the like.)
Therefore, it would have been obvious to one of ordinarily skill in the art before the effective filing date of the claimed invention to combine the teachings of Nickerson to the firmware protecting device of Choi to include an encryption module, adapted to generate an encryption key, and encrypt the firmware by using the encryption key to generate encrypted data stored in the second memory; [...] a decryption module, adapted to decrypt, when it is detected that the firmware is tampered with, the encrypted data by using the encryption key to generate original firmware to replace the tampered firmware.
One would have been motivated to combine the teachings of Nickerson to Choi to do so as it provides / allows providing additional security and/or protection so that even if the image is intercepted ... it is still encrypted (Nickerson, [0222]).
However, in an analogous art, Chen teaches [concepts of] wherein both a first memory and a second memory are read-only memories (ROMs) (FIG. 2 and [0014] - The first memory 66 can be a flash ROM for storing firmware data of the display device 62. The second memory 68 stores specification information of the display device 62, such as model or serial number of the display device 62. The second memory 68 can be an electrically erasable programmable read-only memory (EEPROM). The third memory 70 backs up old firmware of the display device 62, in which the third memory 70 can be a read only memory (ROM)).
A person of ordinary skill in the art would have the technical skills to make the mere substitution and the outcome would be predictable. Mainly, substituting one for the other achieves a predictable result because Chen uses a first memory and a second memory as read-only memories (ROMs) in the same role as Choi’s first memory and second memory. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to substitute a first memory and a second memory as read-only memories (ROMs) of Chen for the first memory and second memory of Choi in view of Nickerson to arrive at the claimed invention because such a step is known and results of the substitution would have been predictable (i.e., use of different variations of memories to store).
Regarding Claim 2;
Choi in view of Nickerson and Chen disclose the device to Claim 1.
Choi further discloses wherein the ... key is stored in a hardware security module (HSM) ((FIG. 4 and [0037]-[0038] and [0105] - In an embodiment, the volatile memory device 220 may be implemented as a tightly coupled memory (TCM). The TCM may mean a memory which only the firmware controller 210 having authority can access. For example, only a firmware controller having authority among a plurality of firmware controllers (not shown) may acquire data stored in the TCM, and a firmware controller having no authority may not acquire the data stored in the TCM and [0140] - For example, the volatile memory device 220 may store a signature 11 and an authentication key (i.e., a public key) 12, which are loaded from the nonvolatile memory device 100, in response to the power being applied to the storage device 1000).
Nickerson further teaches wherein the encryption key is stored in a hardware security module (HSM) (FIG. 11 – Control Panel Circuitry w/ Microcontroller and Flash Memory and [0103] – ...embedded... and [0165] - In some embodiments, the firmware 33a of the control unit 30 includes a dedicated code, application and/or program, referred to below as bootloader code 33c (see FIG. 76, for example). The bootloader code 33c can be a limited functionality code that implements a re-flash of the firmware 33a and/or activates the irrigation controller to operate according to currently store firmware. For example, the flash memory 33 of the control unit 30 can store a version of the firmware that is about a 128 Kbyte image of the firmware code and [0222] - In some embodiments, the firmware image 33d is stored in memory 68 on the re-flash module 65g in an encrypted form. Further, the firmware image is transferred to the control panel 30 in the encrypted form and the bootloader contains the key to decrypt the image to be stored in the flash memory 33a providing additional security and/or protection so that even if the image is intercepted during transfer it is still encrypted....).
Similar rationale and motivation is noted for the combination of Nickerson to Choi in view of Nickerson and Chen, as per Claim 1, above.
Regarding Claim 3;
Choi in view of Nickerson and Chen disclose the device to Claim 1.
Nickerson further teaches wherein the firmware is a basic input/output system (BIOS) ([0112] - In preferred form, the communication bus is a multi-drop serial bus and is described further below. It is also noted that as used throughout this specification, the term "microcontroller" refers to an electrical device that minimally includes a processor logic (e.g., one or more microprocessors), memory (e.g., one or more memory devices), and inputs and outputs and is adapted to execute instructions based on information stored in memory either within the microcontroller or external to the microcontroller and [0103] - Some embodiments further provide abilities to provide new or revised operating code, instructions, software, programs and/or firmware to an irrigation controller without having to replace a processor or memory, and/or without having to take apart the irrigation controller. Firmware generally is a set of instructions, code and/or software that is embedded in a hardware device or memory).
Similar rationale and motivation is noted for the combination of Nickerson to Choi in view of Nickerson and Chen as per Claim 1, above.
Regarding Claim 4;
Choi in view of Nickerson and Chen disclose the device to Claim 1. Choi further discloses wherein the control unit is an embedded controller (EC), and the ... key is stored in the embedded controller (FIG. 4 and [0037]-[0038] – The storage device 1000 may be a device including an embedded system and [0105] - In an embodiment, the volatile memory device 220 may be implemented as a tightly coupled memory (TCM). The TCM may mean a memory which only the firmware controller 210 having authority can access. For example, only a firmware controller having authority among a plurality of firmware controllers (not shown) may acquire data stored in the TCM, and a firmware controller having no authority may not acquire the data stored in the TCM and [0140] - For example, the volatile memory device 220 may store a signature 11 and an authentication key (i.e., a public key) 12, which are loaded from the nonvolatile memory device 100, in response to the power being applied to the storage device 1000).
Nickerson further teaches wherein the control unit is an embedded controller (EC), and the encryption key is stored in the embedded controller (FIG. 11 – Control Panel Circuitry w/ Microcontroller and Flash Memory and [0103] – ...embedded... and [0165] - In some embodiments, the firmware 33a of the control unit 30 includes a dedicated code, application and/or program, referred to below as bootloader code 33c (see FIG. 76, for example). The bootloader code 33c can be a limited functionality code that implements a re-flash of the firmware 33a and/or activates the irrigation controller to operate according to currently store firmware. For example, the flash memory 33 of the control unit 30 can store a version of the firmware that is about a 128 Kbyte image of the firmware code and [0222] - In some embodiments, the firmware image 33d is stored in memory 68 on the re-flash module 65g in an encrypted form. Further, the firmware image is transferred to the control panel 30 in the encrypted form and the bootloader contains the key to decrypt the image to be stored in the flash memory 33a providing additional security and/or protection so that even if the image is intercepted during transfer it is still encrypted....).
Similar rationale and motivation is noted for the combination of Nickerson to Choi in view of Nickerson and Chen, as per Claim 1, above.
Regarding Claim 5;
Choi in view of Nickerson and Chen disclose the device to Claim 4.
Choi further discloses wherein the embedded controller comprises a common access area and a safe access area, and the ... key is stored in the safe access area (FIG. 4 and [0037]-[0038] – The storage device 1000 may be a device including an embedded system and [0105] - In an embodiment, the volatile memory device 220 may be implemented as a tightly coupled memory (TCM). The TCM may mean a memory which only the firmware controller 210 having authority can access. For example, only a firmware controller having authority among a plurality of firmware controllers (not shown) may acquire data stored in the TCM, and a firmware controller having no authority may not acquire the data stored in the TCM and [0140] - For example, the volatile memory device 220 may store a signature 11 and an authentication key (i.e., a public key) 12, which are loaded from the nonvolatile memory device 100, in response to the power being applied to the storage device 1000).
Nickerson further teaches wherein the embedded controller comprises ... the encryption key is stored in the safe access area ([0165] and [0222] - In some embodiments, the firmware image 33d is stored in memory 68 on the re-flash module 65g in an encrypted form. Further, the firmware image is transferred to the control panel 30 in the encrypted form and the bootloader contains the key to decrypt the image to be stored in the flash memory 33a providing additional security and/or protection so that even if the image is intercepted during transfer it is still encrypted.... In some embodiments, the firmware image 33d is validated prior to being encrypted and stored in the memory 68 on the module 65g.... which is then protected, such as by providing password protections, encrypting or otherwise protecting, for example by applying convolution (bit, byte, block or the like), applying exclusive OR (bit, byte, block level or the like), data encryption standard (DES), triple DES (3DES), substitution, RSA (Ron Rivest, Adi Shamir, and Leonard Adleman), digital signature standard (DSS), scrambling, digital signature algorithm (DSA), key encryption, public key encryption (PKI), CipherSaber, Rivest Cipher 2 (RC2), Rivest Cipher 4 (RC4), rearranging, content scrambling system (CSS), transposition, a combination of substitution and transposition, advanced encryption standard (AES), Diffe-Hellman (DH), secure hash algorithm (SHA), message digest algorithm (MD5), pretty good protection (PGP), and/or other such protections and/or combinations of protections.)
Similar rationale and motivation is noted for the combination of Nickerson to Choi in view of Nickerson and Chen, as per Claim 1, above.
Regarding Claim 7;
Choi in view of Nickerson and Chen disclose the device to Claim 1.
Choi further discloses wherein the first memory, the second memory, and the control unit are arranged on a motherboard (FIG. 4 – Memory Controller and Volatile Memory Device and Nonvolatile Memory Device and [0037]-[0038] – The storage device 1000 may be a device including an embedded system and [0039] - The storage device 1000 may be manufactured as one of various kinds of package types. For example, the storage device 1000 may be manufactured as any one of various kinds of package types such as a Package-On-Package (POP), a System-In-Package (SIP), a System-On-Chip (SOC), a Multi-Chip Package (MCP), a Chip-On-Board (COB), a Wafer-level Fabricated Package (WFP), and a Wafer-level Stack Package (WSP).
Regarding Claim 8;
Choi in view of Nickerson and Chen disclose the device to Claim 1.
Choi further discloses wherein the control unit calculates a calculated value by using a hash algorithm for the firmware in the first memory, and compares the calculated value with a preset value to determine whether the firmware is tampered with ([0084]-[0085] - The firmware validity test may mean an operation of testing the validity of the operational firmware. Specifically, the firmware validity test may be an operation of testing the integrity of the operational firmware data based on the firmware data through an error detection algorithm. The error detection algorithm may mean, for example, a cyclic redundancy check (CRC), a checksum, a hash-based message authentication code (HMAC), an advanced encryption standard (AES), a Rivest Shamir Adleman-probabilistic signature scheme (RSA-PSS), and the like)
Regarding Claim 10;
Choi in view of Nickerson and Chen disclose the device to Claim 1.
Choi further discloses wherein the electronic device comprises a trusted platform module (TPM) (FIG. 4. - Memory controller and [0084] - Specifically, the firmware validity test may be an operation of testing the integrity of the operational firmware data based on the firmware data through an error detection algorithm and [0092]), the trusted platform module is adapted to communicate with the first memory to determine whether the firmware is tampered with (FIG. 4 and [0105] - In an embodiment, the volatile memory device 220 may be implemented as a tightly coupled memory (TCM). The TCM may mean a memory which only the firmware controller 210 having authority can access. For example, only a firmware controller having authority among a plurality of firmware controllers (not shown) may acquire data stored in the TCM, and a firmware controller having no authority may not acquire the data stored in the TCM and [0084]-[0085] The firmware validity test may mean an operation of testing the validity of the operational firmware. Specifically, the firmware validity test may be an operation of testing the integrity of the operational firmware data based on the firmware data through an error detection algorithm and 0092] - memory controller 200 to perform the firmware validity test) As noted the error detection algorithm is a form of a trusted platform module, and notify, when the firmware is tampered with, the control unit ... use[s]... the original firmware to replace the tampered firmware ([0011] - the method including: loading firmware onto each of first and second memory regions; running the firmware loaded onto the first memory region; determining the running firmware as corrupted with reference to the firmware loaded onto the second memory region; and replacing the corrupted firmware with the firmware loaded onto the second memory region).
Nickerson further teaches wherein the electronic device comprises... a platform controller hub (PCH), when the firmware is tampered with, the control unit through the platform controller hub to use the encryption key to decrypt the encrypted data to generate the original firmware to replace the tampered firmware ([0165] and [0222] - In some embodiments, the firmware image 33d is stored in memory 68 on the re-flash module 65g in an encrypted form. Further, the firmware image is transferred to the control panel 30 in the encrypted form and the bootloader contains the key to decrypt the image to be stored in the flash memory 33a (i.e., as noted a form of a PCH) providing additional security and/or protection so that even if the image is intercepted during transfer it is still encrypted.... In some embodiments, the firmware image 33d is validated prior to being encrypted and stored in the memory 68 on the module 65g.... which is then protected, such as by providing password protections, encrypting or otherwise protecting, for example by applying convolution (bit, byte, block or the like), applying exclusive OR (bit, byte, block level or the like), data encryption standard (DES), triple DES (3DES), substitution, RSA (Ron Rivest, Adi Shamir, and Leonard Adleman), digital signature standard (DSS), scrambling, digital signature algorithm (DSA), key encryption, public key encryption (PKI), CipherSaber, Rivest Cipher 2 (RC2), Rivest Cipher 4 (RC4), rearranging, content scrambling system (CSS), transposition, a combination of substitution and transposition, advanced encryption standard (AES), Diffe-Hellman (DH), secure hash algorithm (SHA), message digest algorithm (MD5), pretty good protection (PGP), and/or other such protections and/or combinations of protections.)
Similar rationale and motivation is noted for the combination of Nickerson to Choi in view of Nickerson and Chen, as per Claim 1, above.
Regarding Claim(s) 11-15 and 17-18; claim(s) 11-15 and 17-18 is/are directed to a/an method associated with the device claimed in claim(s) 1-5, 7, 8, and 10. Claim(s) 11-15 and 17-18 is/are similar in scope to claim(s) 1-5, 7, 8, and 10, and is/are therefore rejected under similar rationale.
Claim(s) 6 and 16 is/are rejected under 35 U.S.C. 103 as being unpatentable over Choi et al. (US 2022/0107737 A1) in view of Nickerson et al. (US 2008/0027587 A1) and Chen (US 2009/0144455 A1) and further in view of Kato (US 2012/0054501 A1).
Regarding Claim 6;
Choi in view of Nickerson and Chen disclose the device to Claim 1.
Choi in view of Nickerson and Chen fail to explicitly disclose wherein the control unit generates the encryption key after the electronic device is turned on for the first time.
However, in an analogous art, Kato teaches wherein [a] control unit generates the encryption key after the electronic device is turned on for the first time ([0020] - Next, the processor 101 determines whether or not generation of an encrypting key is necessary (Act 102). In Act 102, the processor 101 detects, for example, an initial activation of the image processing apparatus 1, and determines that the generation of an encrypting key is necessary if detecting that an encrypting key is not stored on the FROM 107 and Claim 2).
Therefore, it would have been obvious to one of ordinarily skill in the art before the effective filing date of the claimed invention to combine the teachings of Kato to the firmware protecting device w/ control unit of Choi in view of Nickerson and Chen to include wherein [a] control unit generates the encryption key after the electronic device is turned on for the first time.
One would have been motivated to combine the teachings of Kato to Choi in view of Nickerson and Chen to do so as it provides / allows stor[ing] an encrypting key for encrypting ... data. (Nickerson, [0222]).
Regarding Claim(s) 16; claim(s) 16 is/are directed to a/an method associated with the device claimed in claim(s) 6. Claim(s) 16 is/are similar in scope to claim(s) 6, and is/are therefore rejected under similar rationale.
Claim(s) 9 is/are rejected under 35 U.S.C. 103 as being unpatentable over Choi et al. (US 2022/0107737 A1) in view of Nickerson et al. (US 2008/0027587 A1) and Chen (US 2009/0144455 A1) and further in view of Hung et al. (US 2018/0293192 A1).
Regarding Claim 9;
Choi in view of Nickerson and Chen disclose the device to Claim 1.
Choi in view of Nickerson and Chen fail to explicitly disclose wherein the control unit communicates with the first memory and the second memory respectively through two serial peripheral interfaces (SPIs).
However, in an analogous art, Hung teaches wherein the control unit communicates with the first memory and the second memory respectively through two serial peripheral interfaces (SPIs) ([0010] - Referring to FIGS. 2 and 3, FIG. 2 is a schematic diagram showing a basic architecture of a multi-memory collaboration structure based on SPI interface according to first and second embodiments of the invention, and FIG. 3 is a schematic diagram showing data transmission between a control module and first and second memories according to the first embodiment of the invention).
Therefore, it would have been obvious to one of ordinarily skill in the art before the effective filing date of the claimed invention to combine the teachings of Hung to the firmware protecting device of Choi in view of Nickerson and Chen to include wherein the control unit communicates with the first memory and the second memory respectively through two serial peripheral interfaces (SPIs).
One would have been motivated to combine the teachings of Hung to Choi in view of Nickerson and Chen to do so as it provides / allows use of a SPI interface, which may reduce the fabrication costs and reduce the package size (Hung, [0009]).
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KARI L SCHMIDT whose telephone number is (571)270-1385. The examiner can normally be reached Monday-Friday 10am - 6pm (MDT).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached at (571)270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/KARI L SCHMIDT/Primary Examiner, Art Unit 2439