SYSTEM, METHOD, AND APPARATUS FOR EXTRA VEHICLE COMMUNICATIONS CONTROL

§103 §112 §DP

Detailed Action Claims 1-29 are pending. Claims 1-29 are rejected. Double Patenting The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp. Claims 1-29 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-10 of U.S. Patent No. 11,252,039. Although the claims at issue are not identical, they are not patentably distinct from each other because the instant claims and the patent claims share the same scope with minimal differences that would have been obvious to one ordinary skill in the art before the effective filing date of the invention to modify the instant claims in a way to match the patent claims limitation. For example, the patent claims discloses that the policy manager circuit and the configuration circuit are part of a converged network device. Thus, the instant claims have a broader scope that covers the scope of the patent claims. In addition, the instant claims use the term “an external data routing description and an external data service description” wherein the patent claims use the term “a network regulation description”. However, these terms are claimed in a broad and general terms without claiming any specific details that distinguish between them and thus “an external data routing description and an external data service description” can be an example of “a network regulation description”. Instant claims Patent claims (11,252,039) 1. A system, comprising: - a vehicle having a first network zone and a second network zone of a different type than the first network zone; - a policy manager circuit structured to interpret a policy comprising an external data routing description and an external data service description; - a configuration circuit structured to configure a gatekeeper interface circuit in response to the external data routing description and the external data service description; the gatekeeper interface circuit interposed between the first network zone and at least one external communication portal selectively couplable to an external device, and further interposed between the second network zone and the at least one external communication portal; and wherein the gatekeeper interface circuit is structured to regulate communications between end points of the first network zone and the at least one external communication portal, and to regulate communications between end points of the second network zone and the at least one external communication portal. 1. A system, comprising: - a vehicle having a first network zone and a second network zone of a different type than the first network zone; - a converged network device (CND) interposed between the first network zone and the second network zone, the CND comprising: - a policy manager circuit structured to interpret a policy comprising a network regulation description; and - a configuration circuit structured to configure a first network interface circuit in response to the network regulation description, and to configure a gatekeeper interface circuit in response to the network regulation description, wherein the first network interface circuit is structured to regulate communications between end points of the first network zone and end points of the second network zone, and wherein the gatekeeper interface circuit is structured to regulate communications between end points of the first network zone with at least one of an external communications portal or an external device.4. The system of claim 3, wherein the gatekeeper interface circuit is further structured to regulate communications between end points the second network zone with the at least one of the external communications portal or the external device. Claims 1-29 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-15 of US Patent No. 11,165,651. Although the claims at issue are not identical, they are not patentably distinct from each other because the instant claims and the patent claims share the same scope with minimal differences that would have been obvious to one ordinary skill in the art before the effective filing date of the invention to modify the patent in a way to match the instant claimed limitation. For example, the patent claims disclose “at least one network zone”, wherein the instant claims disclose “a first network zone and a second network zone of a different type than the first network zone”. Thus, “a first network zone and a second network zone of a different type than the first network zone” is merely an obvious example of “at least one network zone”. In addition, the patent claims disclose “wherein the policy comprises a default policy value”. This makes the scope of the patent claims narrower but is still covered by the limitations of the instant claims. Instant claims Patent claims (11,165,651) 1. A system, comprising: - a vehicle having a first network zone and a second network zone of a different type than the first network zone; - a policy manager circuit structured to interpret a policy comprising an external data routing description and an external data service description; - a configuration circuit structured to configure a gatekeeper interface circuit in response to the external data routing description and the external data service description; the gatekeeper interface circuit interposed between the first network zone and at least one external communication portal selectively couplable to an external device, and further interposed between the second network zone and the at least one external communication portal; and wherein the gatekeeper interface circuit is structured to regulate communications between end points of the first network zone and the at least one external communication portal, and to regulate communications between end points of the second network zone and the at least one external communication portal. 1. A system, comprising: - a vehicle having at least one network zone; - a policy manager circuit structured to interpret a policy comprising an external data routing description, wherein the policy comprises a default policy value; - a configuration circuit structured to configure a gatekeeper interface circuit in response to the external data routing description and an external data service description; the gatekeeper interface circuit interposed between the at least one network zone and at least one external communication portal selectively couplable to an external device; and wherein the gatekeeper interface circuit is structured to regulate communications between end points of a first network zone and the at least one external communication portal, and to regulate communications between end points of a second network zone and the at least one external communication portal. Claims 1-29 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-24 of US Patent No. 12,095,622. Although the claims at issue are not identical, they are not patentably distinct from each other because the instant claims and the patent claims share the same scope with minimal differences that would have been obvious to one ordinary skill in the art before the effective filing date of the invention to modify the patent in a way to match the instant claimed limitation. For example, the patent claims disclose “a mobile system”, wherein the instant claims disclose “a vehicle”. However, “a vehicle” is merely an obvious example of “a mobile system”. In addition, the patent claims discloses that the policy manager circuit and the configuration circuit are part of a converged network device. Thus, the instant claims have a broader scope that covers the scope of the patent claims. Instant claims Patent claims (12,095,622) 1. A system, comprising: - a vehicle having a first network zone and a second network zone of a different type than the first network zone; - a policy manager circuit structured to interpret a policy comprising an external data routing description and an external data service description; - a configuration circuit structured to configure a gatekeeper interface circuit in response to the external data routing description and the external data service description; the gatekeeper interface circuit interposed between the first network zone and at least one external communication portal selectively couplable to an external device, and further interposed between the second network zone and the at least one external communication portal; and wherein the gatekeeper interface circuit is structured to regulate communications between end points of the first network zone and the at least one external communication portal, and to regulate communications between end points of the second network zone and the at least one external communication portal. 1. A system, comprising: - a mobile system having a first network zone and a second network zone of a different type than the first network zone; a converged network device (CND) interposed between the first network zone and the second network zone, the CND comprising: - a policy manager circuit structured to interpret a policy comprising a network regulation description; - a configuration circuit structured to configure a first network interface circuit in response to the network regulation description, and to configure a gatekeeper interface circuit in response to the network regulation description; wherein the first network interface circuit is structured to regulate communications between end points of the first network zone and end points of the second network zone; and wherein the gatekeeper interface circuit is structured to regulate communications between end points of the first network zone with at least one of an external communications portal or an external device. 1. A system, comprising: - a vehicle having a first network zone and a second network zone of a different type than the first network zone; - a policy manager circuit structured to interpret a policy comprising an external data routing description and an external data service description; - a configuration circuit structured to configure a gatekeeper interface circuit in response to the external data routing description and the external data service description; the gatekeeper interface circuit interposed between the first network zone and at least one external communication portal selectively couplable to an external device, and further interposed between the second network zone and the at least one external communication portal; and wherein the gatekeeper interface circuit is structured to regulate communications between end points of the first network zone and the at least one external communication portal, and to regulate communications between end points of the second network zone and the at least one external communication portal. 21. A system, comprising: - a vehicle having a first network zone and a second network zone of a different type than the first network zone; - a converged network device (CND) interposed between the first network zone and the second network zone, the CND comprising: - a policy manager circuit structured to interpret a policy comprising a network regulation description; - a configuration circuit structured to configure a first network interface circuit in response to the network regulation description; andwherein the first network interface circuit is structured to regulate communications between end points of the first network zone and end points of the second network zone. Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. Claims 1-29 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. Claim 1 state the limitation “external data routing description and the external data service description”, but fails to define what these descriptions are external to. Therefore, the claim is indefinite as to the meaning of “external”. Claims 2-29 depends on claim 1 and are rejected under the same rationale. Claim 2 states “the external data routing description comprises a plurality of local communicating devices”. It is unclear how a description which is a non-physical entity comprises a physical entity such as a communicating device. Claims 3-6 depends on claim 2 and are rejected under the same rationale. Claim 7 states “the external data service description comprises a plurality of local communicating devices”. It is unclear how a description which is a non-physical entity comprises a physical entity such as a communicating device. Claims 8-9 and 12-29 depends on claim 7 and are rejected under the same rationale. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1-7 and 12-13 are rejected under 35 U.S.C. 103 as being unpatentable over Borkowiea et al (Pub. No.: US 2018/0227306 A1) in view of THORNBURG et al (Pub. No.: US 2018/0232959 A1) and HUANG et al (Pub. No.: US 2021/0336876 A1). As per claim 1, Borkowiea discloses a system, comprising: - a vehicle having a first network zone and a second network zone of (Borkowiea, Fig 1, paragraph 0013, wherein “FIG. 1 is a simplified diagram showing a security gateway module 100 in accordance with aspect of the present disclosure connected between one or more CAN buses 102 coupled to an OBD connector 104 of an automotive vehicle 106 and associated internal CAN buses 108 of vehicle 106. CAN buses 102 are referred to herein as OBD CAN buses 102 since they couple OBD connector 104 to security module 100. In the example of FIG. 2 there are two OBD CAN buses 102 (OBD CAN bus 102-1 and 102-2) and two associated internal CAN buses 108 (internal CAN bus 108-1 and internal CAN bus 108-2) all of which are illustratively high-speed CAN buses. OBD CAN buses 102 are coupled to OBD CAN bus ports 110 of security gateway module 100 (OBD CAN bus ports 110-1 and 110-2 in the example of FIG. 1) and internal CAN buses 108 are coupled to internal CAN bus ports 112 of security gateway module 100 (internal CAN bus ports 112-1 and 112-2 in the example of FIG. 1). OBD CAN buses 102 are also coupled to CAN bus ports 114 of OBD connector 102 (CAN bus ports 114-1 and 114-2 in the example of FIG. 1)”; the internal CAN buses can be the first and second network zones); - a policy manager circuit structured to interpret a policy (Borkowiea, Fig 1, paragraph 0014, wherein “Security gateway module 100 includes an electronic control unit referred to herein as ECU 118. ECU 118 is configured with a data dictionary stored in a memory 120 of ECU 118, as described in more detail in Tables 1-3 below. As used herein, the data dictionary includes the approved diagnostic messages for vehicle 106 and parameters for each of these approved diagnostic messages”; the data dictionary including the approved diagnostic messages and parameters for each of these approved diagnostic messages can be the claimed policy and the policy manager circuit can be the component responsible for maintaining and managing the data dictionary); - a configuration circuit structured to configure a gatekeeper interface circuit in response to (Borkowiea, Fig 1, paragraph 0014, wherein “Security gateway module 100 includes an electronic control unit referred to herein as ECU 118. ECU 118 is configured with a data dictionary stored in a memory 120 of ECU 118, as described in more detail in Tables 1-3 below. As used herein, the data dictionary includes the approved diagnostic messages for vehicle 106 and parameters for each of these approved diagnostic messages”; the data dictionary including the approved diagnostic messages and parameters for each of these approved diagnostic messages is used to configure the ECU (a gatekeeper interface circuit). The configuration circuit can be the component responsible for configuring the ECU); - the gatekeeper interface circuit interposed between the first network zone and at least one external communication portal selectively couplable to an external device (Borkowiea, Fig 1, paragraph 0014, wherein “FIG. 1 is a simplified diagram showing a security gateway module 100 in accordance with aspect of the present disclosure connected between one or more CAN buses 102 coupled to an OBD connector 104 of an automotive vehicle 106 and associated internal CAN buses 108 of vehicle 106. CAN buses 102 are referred to herein as OBD CAN buses 102 since they couple OBD connector 104 to security module 100. In the example of FIG. 2 there are two OBD CAN buses 102 (OBD CAN bus 102-1 and 102-2) and two associated internal CAN buses 108 (internal CAN bus 108-1 and internal CAN bus 108-2) all of which are illustratively high speed CAN buses. OBD CAN buses 102 are coupled to OBD CAN bus ports 110 of security gateway module 100 (OBD CAN bus ports 110-1 and 110-2 in the example of FIG. 1)”; As shown in Fig 1, the ECU is located between the first network zone (for example 108-1) and one external communication portal (OBD connector 104)), and further interposed between the second network zone and the at least one external communication portal (Borkowiea, Fig 1, paragraph 0014, wherein “FIG. 1 is a simplified diagram showing a security gateway module 100 in accordance with aspect of the present disclosure connected between one or more CAN buses 102 coupled to an OBD connector 104 of an automotive vehicle 106 and associated internal CAN buses 108 of vehicle 106. CAN buses 102 are referred to herein as OBD CAN buses 102 since they couple OBD connector 104 to security module 100. In the example of FIG. 2 there are two OBD CAN buses 102 (OBD C treaAN bus 102-1 and 102-2) and two associated internal CAN buses 108 (internal CAN bus 108-1 and internal CAN bus 108-2) all of which are illustratively high speed CAN buses. OBD CAN buses 102 are coupled to OBD CAN bus ports 110 of security gateway module 100 (OBD CAN bus ports 110-1 and 110-2 in the example of FIG. 1)”; As shown in Fig 1, the ECU is located between the second network zone (for example 108-2) and the one external communication portal (OBD connector 104)); and wherein the gatekeeper interface circuit is structured to regulate communications between end points of the first network zone and the at least one external communication portal, and to regulate communications between end points of the second network zone and the at least one external communication portal (Borkowiea, Fig 1-2, paragraph 0048, wherein “FIG. 2 is a flow chart of control logic for an illustrative control routine by which security gateway module 100 is controlled by ECU 118 to determine whether to pass a CAN bus message received on any OBD CAN bus 102 to any internal CAN bus 108. A CAN bus message received by security gateway module 100 on any OBD CAN bus 102 is referred to herein as an OBD CAN bus message. The control routine starts at 200 and at 202 determines whether an OBD CAN bus message was received. If not, the control routine branches back to 202. If at 202 an OBD CAN bus message was received, the control routine proceeds to 204 where it checks whether security gateway module 100 is in the full disable mode. If so, the control routine proceeds to 206 and if not, the control routine proceeds to 212. At 206, the control routine checks if the CAN_ID of the received OBD CAN bus message is on the white list. If so, the control routine proceeds to 208 and if not, the control routine proceeds to 212. At 208, the control routine does not pass the received OBD CAN bus message to any internal CAN bus 108 and then proceeds to 210 where it ends”; Thus, the ECU (the gatekeeper interface circuit) regulates communications between the at least one external communication portal (OBD connector) and end points of the first or second network zone (device 116-1 of first network zone 108-1 and device 116-2 of the second network zone 108-2)). Borkowiea does not explicitly disclose that the first network zone and the second network zone are of a different type than the first network zone. However, having network zones of a different type within a vehicle is well known in the art. For example, THORNBURG discloses that the first network zone and the second network zone are of a different type than the first network zone (THORNBURG, paragraph 0023, wherein “The vehicle bus 106 may include various methods of communication available between the vehicle ECUs 104. The vehicle bus 106 may also support communication between the ECG 110 and the vehicle ECUs 104. As some non-limiting examples, the vehicle bus 106 may be a vehicle controller area network (CAN), an Ethernet network, or a media oriented system transfer (MOST) network. The CAN network or networks may be various types, including, but not limited to, high speed CAN (HS-CAN) having a data capacity of up to 500 kbps, mid-speed CAN (MS-CAN) having a data capacity of up to 125 kbps, and/or CAN flexible data rate (FD-CAN) having a data capacity of up to 2000 kbps or higher. It should be noted that the illustrated bus topology is merely an example, and other numbers and arrangements of vehicle buses 106 may be used”). Therefore, it would have been obvious to one ordinary skill in the art to before the effective filing date of the invention to modify Borkowiea in view of THORNBURG so that the networks are of different types as claimed because this would have provided a way to configure known security gateways to operate within heterogeneous network zones within a vehicle in order to securely regulate access to vehicle services from external devices and thus improving the security of the system. Borkowiea and THORNBURG do not explicitly disclose that the policy comprises an external data routing description and an external data service description. However, HUANG discloses that the policy comprises an external data routing description and an external data service description (HUANG, paragraph 0064-0066, wherein “obtaining a pre-configured routing policy corresponding to the application. Because different applications require different routing path qualities, the embodiment may pre-configure a routing requirement for each type of applications and assign a routing policy corresponding to the application. After the application sent the data packet is determined, the routing policy corresponding to the application is obtained. Based on the routing policy, forwarding the traffic data packet”; The routing policy includes an external data routing description since it includes routing path corresponding to the application and includes external data service description since it includes quality indication of routing path corresponding to the application). Therefore, it would have been obvious to one ordinary skill in the art to before the effective filing date of the invention to modify Borkowiea and THORNBURG in view of HUANG so that the policy includes routing description and service description as claimed because this would have provided a way to assign links to satisfy different requirements of different applications which improves the performance of the system (see HUANG paragraph 0002-0003). As pre claim 2, claim 1 is incorporated and HUANG discloses wherein the external data routing description comprises a plurality of local communicating devices, each corresponding to an external data routing path (HUANG, paragraph 0067, wherein “After the routing policy is obtained, a routing path is assigned for the traffic data packet based on the routing policy, and the data packet is transmitted through the routing path. Other data packets transmitted through the connection may be transmitted through the same routing path”); As pre claim 3, claim 2 is incorporated and HUANG discloses wherein each local communicating device comprises at least one of: an end point of the first network zone or the second network zone; an application; a flow; a vehicle function; or a vehicle controller (HUANG, paragraph 0064-0065, wherein “obtaining a pre-configured routing policy corresponding to the application. Because different applications require different routing path qualities, the embodiment may pre-configure a routing requirement for each type of applications and assign a routing policy corresponding to the application. After the application sent the data packet is determined, the routing policy corresponding to the application is obtained”); As pre claim 4, claim 2 is incorporated and Borkowiea discloses wherein each external data routing path comprises a network zone trajectory of a regulated communication (Borkowiea, Fig 1-2, paragraph 0048, wherein “FIG. 2 is a flow chart of control logic for an illustrative control routine by which security gateway module 100 is controlled by ECU 118 to determine whether to pass a CAN bus message received on any OBD CAN bus 102 to any internal CAN bus 108. A CAN bus message received by security gateway module 100 on any OBD CAN bus 102 is referred to herein as an OBD CAN bus message. The control routine starts at 200 and at 202 determines whether an OBD CAN bus message was received. If not, the control routine branches back to 202. If at 202 an OBD CAN bus message was received, the control routine proceeds to 204 where it checks whether security gateway module 100 is in the full disable mode. If so, the control routine proceeds to 206 and if not, the control routine proceeds to 212. At 206, the control routine checks if the CAN_ID of the received OBD CAN bus message is on the white list. If so, the control routine proceeds to 208 and if not, the control routine proceeds to 212. At 208, the control routine does not pass the received OBD CAN bus message to any internal CAN bus 108 and then proceeds to 210 where it ends”; Thus, the ECU (the gatekeeper interface circuit) regulates communications between the at least one external communication portal (OBD connector) and end points of the first or second network zone (device 116-1 of first network zone 108-1 and device 116-2 of the second network zone 108-2)); As pre claim 5, claim 4 is incorporated and Borkowiea discloses wherein the network zone trajectory further comprises at least one data configuration selected from the data configurations consisting of: an up-sampling description; a down-sampling description; an encapsulation description; a data processing description; a communication frame processing description; or a data rate description (Borkowiea, Fig 1-2, paragraph 0048, wherein “FIG. 2 is a flow chart of control logic for an illustrative control routine by which security gateway module 100 is controlled by ECU 118 to determine whether to pass a CAN bus message received on any OBD CAN bus 102 to any internal CAN bus 108. A CAN bus message received by security gateway module 100 on any OBD CAN bus 102 is referred to herein as an OBD CAN bus message. The control routine starts at 200 and at 202 determines whether an OBD CAN bus message was received. If not, the control routine branches back to 202. If at 202 an OBD CAN bus message was received, the control routine proceeds to 204 where it checks whether security gateway module 100 is in the full disable mode. If so, the control routine proceeds to 206 and if not, the control routine proceeds to 212. At 206, the control routine checks if the CAN_ID of the received OBD CAN bus message is on the white list. If so, the control routine proceeds to 208 and if not, the control routine proceeds to 212. At 208, the control routine does not pass the received OBD CAN bus message to any internal CAN bus 108 and then proceeds to 210 where it ends”; Thus, the ECU (the gatekeeper interface circuit) regulates communications between the at least one external communication portal (OBD connector) and end points of the first or second network zone (device 116-1 of first network zone 108-1 and device 116-2 of the second network zone 108-2)); As pre claim 6, claim 4 is incorporated and Borkowiea discloses wherein the network zone trajectory further comprises one of the at least one external communication portals for the regulated communication (Borkowiea, Fig 1-2, paragraph 0048, wherein “FIG. 2 is a flow chart of control logic for an illustrative control routine by which security gateway module 100 is controlled by ECU 118 to determine whether to pass a CAN bus message received on any OBD CAN bus 102 to any internal CAN bus 108. A CAN bus message received by security gateway module 100 on any OBD CAN bus 102 is referred to herein as an OBD CAN bus message. The control routine starts at 200 and at 202 determines whether an OBD CAN bus message was received. If not, the control routine branches back to 202. If at 202 an OBD CAN bus message was received, the control routine proceeds to 204 where it checks whether security gateway module 100 is in the full disable mode. If so, the control routine proceeds to 206 and if not, the control routine proceeds to 212. At 206, the control routine checks if the CAN_ID of the received OBD CAN bus message is on the white list. If so, the control routine proceeds to 208 and if not, the control routine proceeds to 212. At 208, the control routine does not pass the received OBD CAN bus message to any internal CAN bus 108 and then proceeds to 210 where it ends”; Thus, the ECU (the gatekeeper interface circuit) regulates communications between the at least one external communication portal (OBD connector) and end points of the first or second network zone (device 116-1 of first network zone 108-1 and device 116-2 of the second network zone 108-2)); As pre claim 7, claim 1 is incorporated and HUANG discloses wherein the external data service description comprises a plurality of local communicating devices, each corresponding to a quality of service (QoS) value (HUANG, paragraph 0064-0065, wherein “obtaining a pre-configured routing policy corresponding to the application. Because different applications require different routing path qualities, the embodiment may pre-configure a routing requirement for each type of applications and assign a routing policy corresponding to the application. After the application sent the data packet is determined, the routing policy corresponding to the application is obtained”); As pre claim 12, claim 7 is incorporated and Borkowiea discloses wherein each QoS value comprises at least one service description selected from the service descriptions consisting of: a priority value; a packet delay value; a packet loss rate value; a data rate value; a maximum drop-out time value; an acknowledgment value; a data buffering priority value; a data buffering size value; or a data life cycle description (Borkowiea, paragraph 0045, wherein “The CAN bus message Configuration Values are the following values containing the following information set forth in Table 1 for each CAN_ID in the data dictionary: CAN Bus Message Configuration Values Name Description CAN_ID The arbitration ID per the CAN bus standard (ISO 11898 et seq.) which is a unique value for each particular type of CAN bus message. Rep. Rate Message Rep. Rate (msec) from the data dictionary. A value of zero is used for non-cyclic (one-shot) messages. MDV_Count_Threshold Number of Message Dither Violations during an IGN cycle that cause the SGM to enter PDM for the offending CAN_ID. MDV_Fast_Threshold Number of milliseconds that the message may be received faster than the Cyclic Rep. Rate. A Message Dither Violation has occurred if the message is received faster than (Rep Rate − MDV_Fast_Threshold)”); As pre claim 13, claim 7 is incorporated and HUANG discloses wherein each local communicating device comprises at least one of: an end point of the first network zone or the second network zone; an application; a flow; a vehicle function; or a vehicle controller (HUANG, paragraph 0064-0065, wherein “obtaining a pre-configured routing policy corresponding to the application. Because different applications require different routing path qualities, the embodiment may pre-configure a routing requirement for each type of applications and assign a routing policy corresponding to the application. After the application sent the data packet is determined, the routing policy corresponding to the application is obtained”); Claims 8-11 are rejected under 35 U.S.C. 103 as being unpatentable over Borkowiea et al (Pub. No.: US 2018/0227306 A1) in view of THORNBURG et al (Pub. No.: US 2018/0232959 A1), HUANG et al (Pub. No.: US 2021/0336876 A1) and Hottinen et al (Pub. No.: US 2005/0013352 A1). As pre claim 8, claim 7 is incorporated and Borkowiea, THORNBURG and HUANG do not explicitly disclose wherein the at least one external communication portal comprises a first transceiver and a second transceiver, and wherein the gatekeeper interface circuit is further structured to distribute the regulated communications between the first transceiver and the second transceiver in response to the external data service description. However, Hottinen discloses wherein the at least one external communication portal comprises a first transceiver and a second transceiver, and wherein the gatekeeper interface circuit is further structured to distribute the regulated communications between the first transceiver and the second transceiver in response to the external data service description (Hottinen, Fig 4-5, paragraph 0157-0158, wherein “In FIG. 4, the method starts 400 and a performance measure for a communication channel between the first transceiver 200 and the second transceiver 272 is determined 402. In step 404, the communication resources are controlled based on the performance measure. The transmission method is selected 406 based on the performance measure and the communication resources are adapted 408 to instantaneous requirements. The method is stopped at 410”). Therefore, it would have been obvious to one ordinary skill in the art to before the effective filing date of the invention to modify Borkowiea, THORNBURG and in view of Hottinen to achieve the claimed limitation because this would have provided improvements for communication resource control which improves the performance of the system by accounting for the effect of spatial modulation on the communication channel and, in particular, in the presence of non-orthogonal modulation. (see Hottinen paragraph 0006, 0011). As pre claim 9, claim 7 is incorporated and Borkowiea, THORNBURG and HUANG do not explicitly disclose wherein the at least one external communication portal comprises a first channel associated with a transceiver and a second channel associated with the transceiver, and wherein the gatekeeper interface circuit is further structured to distribute the regulated communications between the first channel and the second channel in response to the external data service description. However, Hottinen discloses wherein the at least one external communication portal comprises a first channel associated with a transceiver and a second channel associated with the transceiver, and wherein the gatekeeper interface circuit is further structured to distribute the regulated communications between the first channel and the second channel in response to the external data service description (Hottinen, Fig 4-5, paragraph 0157-0158, wherein “In FIG. 4, the method starts 400 and a performance measure for a communication channel between the first transceiver 200 and the second transceiver 272 is determined 402. In step 404, the communication resources are controlled based on the performance measure. The transmission method is selected 406 based on the performance measure and the communication resources are adapted 408 to instantaneous requirements. The method is stopped at 410”). Therefore, it would have been obvious to one ordinary skill in the art to before the effective filing date of the invention to modify Borkowiea, THORNBURG and in view of Hottinen to achieve the claimed limitation because this would have provided improvements for communication resource control which improves the performance of the system by accounting for the effect of spatial modulation on the communication channel and, in particular, in the presence of non-orthogonal modulation. (see Hottinen paragraph 0006, 0011). As pre claim 10, claim 1 is incorporated and Borkowiea discloses an on-board diagnostic (OBD) port (Borkowiea, Borkowiea, Fig 1, paragraph 0014, wherein “FIG. 1 is a simplified diagram showing a security gateway module 100 in accordance with aspect of the present disclosure connected between one or more CAN buses 102 coupled to an OBD connector 104 of an automotive vehicle 106 and associated internal CAN buses 108 of vehicle 106. CAN buses 102 are referred to herein as OBD CAN buses 102 since they couple OBD connector 104 to security module 100. In the example of FIG. 2 there are two OBD CAN buses 102 (OBD CAN bus 102-1 and 102-2) and two associated internal CAN buses 108 (internal CAN bus 108-1 and internal CAN bus 108-2) all of which are illustratively high speed CAN buses. OBD CAN buses 102 are coupled to OBD CAN bus ports 110 of security gateway module 100 (OBD CAN bus ports 110-1 and 110-2 in the example of FIG. 1)”; As shown in Fig 1, the ECU is located between the first network zone (for example 108-1) and one external communication portal (OBD connector 104)). Borkowiea, THORNBURG HUANG and do not explicitly disclose wherein the external communication portal comprises at least two external access points comprising at least one of: a selection of at least two external access points selected from among: a transceiver; a wireless transceiver; a Bluetooth transceiver; a hardware port on the first network zone; a hardware port on the second network zone; an on-board diagnostic (OBD) port; a proprietary network port; an external network utilizing wireless communication with the vehicle; an external network utilizing cellular communication with the vehicle; or an external network utilizing Bluetooth communication with the vehicle; a plurality of channels of a transceiver; a plurality of transceivers; or a plurality of channels distributed across at least two transceivers. However, Hottinen discloses wherein the external communication portal comprises at least two external access points comprising at least one of: a selection of at least two external access points selected from among: a transceiver; a wireless transceiver; a Bluetooth transceiver; a hardware port on the first network zone; a hardware port on the second network zone; an on-board diagnostic (OBD) port; a proprietary network port; an external network utilizing wireless communication with the vehicle; an external network utilizing cellular communication with the vehicle; or an external network utilizing Bluetooth communication with the vehicle; a plurality of channels of a transceiver; a plurality of transceivers; or a plurality of channels distributed across at least two transceivers (Hottinen, Fig 4-5, paragraph 0157-0158, wherein “In FIG. 4, the method starts 400 and a performance measure for a communication channel between the first transceiver 200 and the second transceiver 272 is determined 402. In step 404, the communication resources are controlled based on the performance measure. The transmission method is selected 406 based on the performance measure and the communication resources are adapted 408 to instantaneous requirements. The method is stopped at 410”). Therefore, it would have been obvious to one ordinary skill in the art to before the effective filing date of the invention to modify Borkowiea, THORNBURG and in view of Hottinen to achieve the claimed limitation because this would have provided improvements for communication resource control which improves the performance of the system by accounting for the effect of spatial modulation on the communication channel and, in particular, in the presence of non-orthogonal modulation. (see Hottinen paragraph 0006, 0011). As pre claim 11, claim 10 is incorporated and HUANG discloses wherein the gatekeeper interface circuit is further structured to distribute the regulated communications between the at least two external access points (Hottinen, Fig 4-5, paragraph 0157-0158, wherein “In FIG. 4, the method starts 400 and a performance measure for a communication channel between the first transceiver 200 and the second transceiver 272 is determined 402. In step 404, the communication resources are controlled based on the performance measure. The transmission method is selected 406 based on the performance measure and the communication resources are adapted 408 to instantaneous requirements. The method is stopped at 410”); Claims 14-15 are rejected under 35 U.S.C. 103 as being unpatentable over Borkowiea et al (Pub. No.: US 2018/0227306 A1) in view of THORNBURG et al (Pub. No.: US 2018/0232959 A1), HUANG et al (Pub. No.: US 2021/0336876 A1) and Lihosit et al (Pub. No.: US 2015/0032867 A1). As pre claim 14, claim 7 is incorporated and Borkowiea, THORNBURG, and HUANG do not explicitly disclose wherein the policy manager circuit is further structured to determine a change of the external data service description, and wherein the configuration circuit is further structured to update the configuration of the gatekeeper interface circuit in response to the change of the external data service description (Lihosit, paragraph 0037, wherein “the device management service 102 may provide a platform for an entity to initially build and configure customized devices for users associated with a subscriber account. The device management service 102 may also allow the entity to dynamically update configurations of the devices. Accordingly, the update reception module 206 may be configured to receive settings and/or policies from an entity or authorized person (e.g., primary account holder such as parent, designated manager of account such as an IT administrator, an agent for the service provider to disable/uninstall malicious or discontinued applications, agent of an OEM to distribute an OS update) to configure the devices associated with one or more of the subscriber accounts. In various embodiments, the authorized entity may be defined in the account information 222 and/or approved by the service provider operating the device management service 102”). Therefore, it would have been obvious to one ordinary skill in the art to before the effective filing date of the invention to modify Borkowiea, THORNBURG and in view of Lihosit to achieve the claimed limitation because this would have provided a secure way to improve the flexibility and useability of the system by allowing dynamic configuration updates received form an authorized entity/user. As pre claim 15, claim 14 is incorporated and Lihosit discloses wherein the gatekeeper interface circuit is further structured to distribute the regulated communications between the at least two external access points (Lihosit, paragraph 0037, wherein “the device management service 102 may provide a platform for an entity to initially build and configure customized devices for users associated with a subscriber account. The device management service 102 may also allow the entity to dynamically update configurations of the devices. Accordingly, the update reception module 206 may be configured to receive settings and/or policies from an entity or authorized person (e.g., primary account holder such as parent, designated manager of account such as an IT administrator, an agent for the service provider to disable/uninstall malicious or discontinued applications, agent of an OEM to distribute an OS update) to configure the devices associated with one or more of the subscriber accounts. In various embodiments, the authorized entity may be defined in the account information 222 and/or approved by the service provider operating the device management service 102”); Note: Claims 16-29 are not rejected under 35 U.S.C. 103. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to HAMZA N ALGIBHAH whose telephone number is (571)270-7212. The examiner can normally be reached 7:30 am - 3:30 pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Wing Chan can be reached at (571) 272-7493. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /HAMZA N ALGIBHAH/Primary Examiner, Art Unit 2441