METHOD FOR DETERMINING AN ANOMALY IN A COMMUNICATION CHANNEL

§102 §103

Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Detail Action This office action is response to the application 18/904,485 filed on 10/02/2024. Claims 13-23 are pending in this communication. Claims 1-12 have been canceled. Priority This application claims priority from GERMANY 10 2023 210 037.1 10/12/2023. Priority date has been accepted. Examiner’s Note The examiner is requesting the applicant’s representative to provide direct phone number and/or mobile phone number in next communication, which will be very helpful to advance the prosecution. Generally the text that are italicized are claims; the text that are in bold are reference citations (with some obvious exception); the text which is neither italicized nor bolded are by the examiner. The Examiner used figures, paragraph and line numbers from the instant application’s pre-grant publication or pdf copy of allowance. In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. Claim Rejections - 35 USC § 102 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – (a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention. OR (a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention. Claims 13-16 and 20-23 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by BASSI; Atul et al., Pub. No.: US 2023/0156030 A1. Regarding Claim 13, BASSI anticipated a method for determining whether in a communication channel within at least one multi core processor or multi core microcontroller {Fig.18 & [0085], the processor 310 is a single core processor, a multi-core processor, multiple processors internal to the asset vulnerability assessment computer system 302, a remote processor (e.g., a processor implemented on a server), and/or a virtual machine”} within a vehicle {[0056], “vehicles … aircraft, spacecraft, automobiles, ships, boats, military vehicles”}, an anomaly is present, the at least one multi core processor or multi core microcontroller includes a plurality of cores {ABS., “the asset vulnerability assessment is performed based on the aggregated asset property data and asset vulnerability signature data stored in an asset vulnerability signature repository”}, the method comprising the following steps: monitoring a communication between at least two of the plurality of cores {[0002], “a deep vulnerabilities scanner with respect to assets in an industrial network” … Fig.6 & [0102], “The asset property data 620 includes information such as, for example, availability, configured services, CPU information, storage information, installed software information, log analyzer information, data transfer information, virus scan information …”}; and based on a monitoring result, deciding whether the anomaly is present or not {Fig. 3, 19 & ABS. “In response to determining that the asset vulnerability assessment satisfies a defined criterion, one or more actions associated with the network are performed”}. Regarding Claim 14, BASSI anticipates all the features of claim 13 and BASSI further anticipates wherein the monitoring of the communication including at least one of the following steps: monitoring whether at least one frame of the data being sent between the at least two of the plurality of cores was tampered {[0092], “the request 320 includes a request to generate a dashboard visualization associated with the asset vulnerability assessment. In one or more embodiments, the request 320 is received in response to an action (e.g., a user-initiated action, modification of an interactive graphical element, etc.) initiated via an electronic interface of a computing device. In one or more embodiments, the request 320 is received in response to an action initiated via a processing unit (e.g., an edge device, a controller, etc.) associated with the one or more assets”. Examiner’s note: modifying a graphical element is functioning as claimed tampering of a frame}; monitoring whether a buffer overflow is present; monitoring whether a port scanning attack is present; monitoring whether an invalid remote processor authentication is present; monitoring whether data being sent between the at least two of the plurality of cores was modified by checking a cyclic check sum value. Regarding Claim 15, BASSI anticipates all the features of claim 13 and BASSI further anticipates wherein the decision whether the anomaly is present or not is based on a predefined or definable set of rules {[0075], “The fault detection and diagnostics include generalized rule sets that are specified based on industry experience and domain knowledge and can be easily incorporated and used working together with equipment models”}. Regarding Claim 16, BASSI anticipates all the features of claim 13 and BASSI further anticipates wherein the communication between the at least two of the plurality of cores is based on data being sent between the at least two of the plurality of cores, wherein the data includes a predefined or definable data format {[0087], “The asset property data includes, for example, an internet protocol (IP) address, a media access control (MAC) address … a transmission control protocol (TCP) port, a user datagram protocol (UDP) port”. Examiner’s note: TCP/IP is standard data format for packets in internet or in an enterprise}. Regarding Claim 20, BASSI anticipates all the features of claim 13 and BASSI further anticipates further comprising storing the anomaly in a log file and/or outputting a warning signal to a user and/or stopping the communication when the anomaly is present {[0102], “The asset property data 620 includes information such as, for example … log analyzer information, data transfer information, virus scan information”}. Regarding claim 21, claim 21 is claim to an apparatus using the method of claim 1. Therefore, claim 21 is rejected for the reasons set forth for claim 1. Regarding claim 22, claim 22 is claim to a multicore processor or multicore microcontroller using the method of claim 1. Therefore, claim 22 is rejected for the reasons set forth for claim 1. Regarding claim 23, claim 23 is claim to a non-transitory computer-readable storage medium using the method of claim 1. Therefore, claim 23 is rejected for the reasons set forth for claim 1. Claim Rejections - 35 USC § 103 The following is a quotation of AIA 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 17-19 are rejected under AIA 35 U.S.C. 103 as being unpatentable over BASSI; Atul et al., Pub. No.: US 2023/0156030 A1 in view of LAMPSON; Butler W. et al., Pat. No.: US 5,161,193 A. Regarding Claim 17, BASSI anticipated all the features of claim 16, BASSI, however, does not explicitly disclose wherein the data format includes a start of frame and/or a data length and/or data and/or a cyclic check sum value and/or an end of frame. In an analogous reference LAMPSON discloses wherein the data format includes a start of frame and/or a data length and/or data and/or a cyclic check sum value and/or an end of frame {Col. 12 lines 46-49, “The remaining portion of the network header is skipped (block 84), and a length identification and security identification from the packet are compared (in block 86, FIG. 8) with "fingerprint" values” … col. 16 lines 61-62, “performing length checking on the received blocks of data”}. Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify BASSI’s technique of ‘data detection for malware in vehicle controller data packet’ for ‘identifying packet length of data frame’, as taught by LAMPSON, in order to prevent data intrusion. The motivation is - identifying the packet length of a data frame provides significant advantages for malware detection in vehicle controllers, primarily by enabling anomaly detection based on statistical properties of network traffic. This initiative focuses on detecting malware within vehicular data packets by analyzing data frame length, a critical component of identifying anomalous or malicious activity in automotive control systems, thereby enhancing vehicle cybersecurity through precise packet anomaly detection. All references are inventions in analogous area but each invention teaches specific claimed limitation specifically and other references mutually cure each other’s deficiencies. When all claimed techniques are combined, they teach claimed invention. The Examiner notes that this motivation applies to all dependent and/or otherwise subsequently addressed claims unless addressed separately. Regarding Claim 18, BASSI anticipated all the features of claim 13, BASSI, however, does not explicitly disclose wherein data being sent in the communication between the at least two of the plurality of cores is encrypted before sending by a first of the at least two of the plurality of cores and decrypted after receiving by a second of the at least two of the plurality of cores. LAMPSON further discloses wherein data being sent in the communication between the at least two of the plurality of cores is encrypted before sending by a first of the at least two of the plurality of cores and decrypted after receiving by a second of the at least two of the plurality of cores {ABS., “Cryptographic apparatus, and a related method for its operation, for in-line encryption and decryption of data packets transmitted in a communication network. A full-duplex cryptographic processor is positioned between two in-line processing entities of a network architecture”}. Regarding Claim 19, BASSI anticipated all the features of claim 13, BASSI, however, does not explicitly disclose using a cryptographic checksum over a payload of data being sent in the communication between the at least two of the plurality of cores and monitoring data integrity after transmission of the data. LAMPSON further discloses using a cryptographic checksum over a payload of data being sent in the communication between the at least two of the plurality of cores and monitoring data integrity after transmission of the data {col.5 lines 60-68, “the message and a checksum are encrypted before appending network and MAC headers. In the latter case, the message is in plaintext but a cryptographic checksum is appended to the message. Similarly, the term decryption is used for cryptographic processing encompassing both the recovery of plaintext along with recovery and verification of a checksum from encrypted data, and the verification of the integrity of an "integrity only" protected message”}. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to QUAZI FAROOQUI whose telephone number is (571) 270-1034 or Quazi.farooqui@USPTO.GOV. The examiner can normally be reached on Monday-Friday 9:00 am to 5:30 pm, EST. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Amir Mehrmanesh can be reached on (571) 270-3351 or amir.mehrmanesh@USPTO.GOV. The fax phone number for Examiner Farooqui assigned is 571-270-2034.Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-flee). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /QUAZI FAROOQUI/ Primary Examiner, Art Unit 2491