Prosecution Insights
Last updated: July 17, 2026
Application No. 19/042,905

LIGHTWEIGHT CODE INTEGRITY SOLUTION WITH BYTE-PATTERN ENTANGLEMENT IN PROGRAM CODE

Non-Final OA §101§103
Filed
Jan 31, 2025
Examiner
ZHAO, DON GORDON
Art Unit
2439
Tech Center
2400 — Computer Networks
Assignee
Zimperium Inc.
OA Round
1 (Non-Final)
87%
Grant Probability
Favorable
1-2
OA Rounds
9m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 87% — above average
87%
Career Allowance Rate
691 granted / 791 resolved
+29.4% vs TC avg
Strong +16% interview lift
Without
With
+16.3%
Interview Lift
resolved cases with interview
Typical timeline
2y 2m
Avg Prosecution
19 currently pending
Career history
803
Total Applications
across all art units

Statute-Specific Performance

§101
1.2%
-38.8% vs TC avg
§103
82.5%
+42.5% vs TC avg
§102
1.9%
-38.1% vs TC avg
§112
8.2%
-31.8% vs TC avg
Black line = Tech Center average estimate • Based on career data from 791 resolved cases

Office Action

§101 §103
DETAILED ACTION Claims 1-20 are presented on 01/31/2025 for examination on merits. Claims 1, 9, and 17 are independent base claims. Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Examiner's Instructions for filing Response to this Office Action When the Applicant submits amendments regarding to the claims in response the Office Action, the Examiner would appreciate Applicant if a clean copy of the claims is provided to facilitate the prosecution which otherwise requires extra time for editing the marked-up claims from OCR. Please submit two sets of claims: Set #1 as in a typical filing which includes indicators for the status of claim and all marked amendments to the claims; and Set #2 as an appendix to the Arguments/Remarks for a clean version of the claims which has all the markups removed for entry by the Examiner. Double Patenting The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13. The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer. Claims 1-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of Patent No. US 12,493,541 B1 (USPAT 541). Although the claims at issue are not identical, they are not patentably distinct from each other because the claims of the Patent contain every element of the claims of the instant application and as such anticipate the claims of the instant application. USPAT 541 anticipates claim 1 of the instant application as shown in the following: THE INSTANT APPLICATION USPAT 541 1. A method comprising: 1. A method comprising: identifying a code block in program code, the code block comprising one or more target instructions for protection; identifying, by the server, during the build time, a code block in the program code, the code block comprising one or more target instructions for protection; determining a location in the program code where an integrity check is to be embedded to check the integrity of the code block; determining, by the server, during the build time, a location in the program code where an integrity check is to be embedded to check the integrity of the code block; determining an integer value associated with a byte-pattern in the code block; determining, by the server, during the build time, an integer value associated with a byte-pattern in the code block; generating the integrity check by entangling the integer value into a computation of the program code; and generating, by the server, during the build time, the integrity check … embedding the integrity check at the determined location in the program code. embedding, by the server, during the build time, the integrity check at the determined location in the program code Independent claims 9 and 17 are rejected for the same reason as claim 1, because they each recite the same limitations as claim 1 in similar language. Regarding dependent claims of the present application, they are obvious variants of the same subject matter as found in the reference application, and thereby rejected under the judicially created doctrine of obviousness-type double patenting. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more. The rationale for this determination is explained below: First – following Step 1 of the guidance, claims 1-20 are directed to a method comprising a series of functional steps, a non-transitory computer readable medium, or a system comprising memory with instructions encoded thereon. Therefore, the claimed invention falls into one of the four statutory categories. Secondly – following Step 2 of the guidance, claims 1-20 are analyzed for its underlying inventive concept with a new two-prong inquiry (1) does the claim recite an abstract idea, law of nature, or natural phenomenon, and/or judicial exceptions? And (2) does the claim recite additional elements that integrate the judicial exception into a practical application? It is determined that claimed invention is directed to an abstract idea or at least one of the judicial exceptions, because the concept of the invention is basically generating and embedding the integrity check at a determined location in the program code; the first prone of the inquiry, which is similar to at least one of the mental processes – concepts performed in the human mind (including an observation, evaluation, judgment, opinion). It should be noted that generating and embedding the integrity check can be easily performed by a human programmer or a human analyst with aid of a computer. Regarding the second prone, the identified additional elements – the code block or a computation of the program code – failed to integrate the idea of “generating and embedding the integrity check” into a practical application. A simple manipulation of program code in a manner that may be mentally performed fail to impose a meaningful limit on the judicial exception. As such, the claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception. Further, the claim does not recite an improvement to another technology or technical field, an improvement to the functioning of the computer itself, or meaningful limitations beyond generally linking the use of an abstract idea to a particular technological environment. Therefore, the claim is abstract without significantly more. Dependent claims as presented thus far, when analyzed individually or as a whole, are held to be patent ineligible under 35 U.S.C. 101 because, the additional recited limitation(s) fail(s) to amount to “significantly more” than the judicial exception, and thereby non-statutory. Please see “The 2019 Revised Patent Subject Matter Eligibility Guidance (or “2019 PEG” for short) published in January 2019 at USPTO Website. Note that the groupings of abstract ideas in the 2019 PEG are not the same as those on the Abstract Ideas QRS or in the MPEP. The groupings in the 2019 PEG should be FOLLOWED for identifying abstract ideas. The 2019 PEG does not change the analysis at Step 2B which pertains to an improvement to conventional functioning of a computer or to technological processes; see also MPEP 2106.05(a). Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. Claims 1-2, 9-10, and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Bhat (US 20170017798 A1 in view of Cool (US 20060130019 A1), and further in view of Garba (US 20220156365 A1). As per claim 1, Bhat teaches a method comprising: identifying a code block in program code, the code block comprising one or more target instructions for protection (Bhat par. 0024-0025: the build system collates the source from the repositories, initiates the build process, in other words, identify and extract source code with a extraction process. Bhat injects the key into the source files [to] ensure that there have been no other modifications to the source file after the extraction process. Ensuring no other modifications is for code protection); determining a location in the program code where an integrity check is to be embedded to check the integrity of the code block (Bhat par. 0018 and 0021-0024: generates a unique key for the source file … and embeds values within the source files. The value is generated based on a hash function run on the source file. The key generator 114 generates a key for each file being built, and embeds the generated key into the file… inserting, by the key generator, into the set of files, the generated value associated with each file of the set of files; clm. 5. Bhat compares the unique key with the embedded key to validate the correctness of code). However, Bhat does not explicitly disclose determining an integer value associated with a byte-pattern in the code block. This aspect of the claim is identified as a further difference. In a related art, Cool teaches: determining an integer value associated with a byte-pattern in the code block (Cool, the Abstract and par. 0026-0028: validating arguments of an application; executable code used for validating the arguments before the application may be executed, [wherein] the string pattern “ABC” is converted into an integer value for validating the code as an error handling function. Note that the byte-pattern in the code block is merely a computer manifest of a string pattern); Bhat and Cool are analogous art to the claimed invention in the same field of endeavor as the claimed invention, or reasonably pertinent to the problem faced by the inventor, which may be in a different field. Thus, it would have been obvious to one of ordinary in the art, before the effective filing date of the claimed invention, to modify Bhat’s system with Cool’s teachings of determining an integer value associated with a code-pattern in integrity check. For this combination, the motivation would have been to improve the level of security with code pattern check. However, Bhat and Cool as combined above do not explicitly disclose entangling the integer value into a computation of the program code and embedding the integrity check at the determined location in the program code. This aspect of the claim is identified as a further difference. In a related art, Garba teaches: generating the integrity check by entangling the integer value into a computation of the program code (Garba par. 0017-0018 and 0041-0043: security checks are performed before recomputing. Garba generates check values and store then at random locations of code fragments of in the application software, which are the same as entangling the integer value into the program code. See also par. 0046-0048: RASP check instructions are inserted … at random locations; FIG. 3); and embedding the integrity check at the determined location in the program code (Garba par. 0047-0049: RASP check instructions are inserted by the first processor, at random locations of the control flow graph of the application software code. Note that with the inserted or embedded check values, the RASP agent is able to determine if the execution device is in a safe state or if it is being attacked; FIG. 3). Garba is analogous art to the claimed invention in the same field of endeavor as the claimed invention, or reasonably pertinent to the problem faced by the inventor, which may be in a different field. Thus, it would have been obvious to one of ordinary in the art, before the effective filing date of the claimed invention, to modify the Bhat-Cool system with Garba’s teachings of fragmenting the program data into valid data chunks and embedding the integrity check values at randomly determined locations in the program code for validation. For this combination, the motivation would have been to improve the level of security with randomly embedded check values. As per claim 2, the references as combined above teach the method of claim 1, wherein entangling the integer value comprises: modifying a numeric constant by generating an expression that depends on the integer value to compute the numeric constant (Garba, par. 0012-0015: compute RASP check values for fragmented chunks of constant data; par. 0041-0048: RASP check instructions compute RASP check values … preventing real-time attacks). Regarding claims 9 and 17, they each are similar to claim 1 and is therefore rejected using a similar rationale. Regarding claim 10, the claim is similar to claim 2 and is therefore rejected using a similar rationale. Claims 3, 7, 11, 15, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Bhat, Cool, and Garba, and further in view of Olson (US 20100250966 A1). As per claim 3, the references of Bhat, Cool, and Garba as combined above teach the method of claim 1, but do not explicitly disclose a branch instruction and a target address of the branch instruction modified for computing an integer value. This aspect of the claim is identified as a further difference. In a related art, Olson teaches: wherein the code block includes a branch instruction (Olson par. 0049-0050: a branch instruction; control transfer instructions (CTIs) such as branches … may cause the transfer of execution from a current fetch address to a nonsequential address), and wherein entangling the integer value comprises: modifying a target address of the branch instruction to be a value computed in part with the integer value (Olson par. 0047-0048: the fetch address may be generated as a function of a program counter associated with the selected thread, a predicted branch target address, or an address supplied; par. 0057-0058: compute and execute integer instructions issued from slot 1, as well as branch instructions). Olson is analogous art to the claimed invention in the same field of endeavor as the claimed invention, or reasonably pertinent to the problem faced by the inventor, which may be in a different field. Thus, it would have been obvious to one of ordinary in the art, before the effective filing date of the claimed invention, to modify the system of Bhat, Cool, and Garba with Olson’s teachings of a target address of the branch instruction for a control transfer and calculation. For this combination, the motivation would have been to improve the level of security with the consideration of branch instructions. As per claim 7, the references as combined above teach the method of claim 1, but do not explicitly disclose selecting an instruction in the program code as a target instruction, the selected instruction comprising one or more of a branch instruction. This aspect of the claim is identified as a further difference. In a related art, Olson teaches: wherein identifying the code block comprises (Note: optional limitations are recited hereinafter): selecting an instruction in the program code as a target instruction, the selected instruction comprising one or more of a branch instruction, an instruction associated with a constant for execution of the program code, an instruction with a condition jump, or an instruction with an entry point of a security sensitive function (Olson, par. 0047-0048: the fetch address may be generated as a function of a program counter associated with … a branch target address; par. 0049-0050: a branch instruction). Olson is analogous art to the claimed invention in the same field of endeavor as the claimed invention, or reasonably pertinent to the problem faced by the inventor, which may be in a different field. Thus, it would have been obvious to one of ordinary in the art, before the effective filing date of the claimed invention, to modify the system of Bhat, Cool, and Garba with Olson’s teachings of the inclusion of a branch instruction. For this combination, the motivation would have been to improve the level of security with the consideration of branch instructions. Regarding claims 11 and 15, they are similar to claims 3 and 7 in terms of recited features, respectively; and thus, claims 11 and 15 are rejected for the same reasons as discussed above. Regarding claim 20, the claim is similar to claim 7 and is therefore rejected using a similar rationale. Claims 4-5, 12-13, and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Bhat, Cool, and Garba, and further in view of Baldwin (US 20180276374 A1). As per claim 4, the references of Bhat, Cool, and Garba as combined above teach the method of claim 1, but do not explicitly disclose integrating the integer value into the program code so that computing a correct value of the integer value during runtime of the program code affects an execution of the program code. This aspect of the claim is identified as a further difference. In a related art, Baldwin teaches: wherein entangling the integer value comprises: integrating the integer value into the program code so that computing a correct value of the integer value during runtime of the program code affects an execution of the program code (Baldwin par. 0015-0016 and 0037: runtime checks; the code blocks 100.sub.1 to 100.sub.7 are arranged subsequently in the memory layout and the guards are schematically represented by the hashed sections of the code blocks. The arrows represent the checks performed by the guards on the other memory parts; provides a security feature that allows to check and report on the correct working of the agent or program code running on the client computer system, and it allows for verifying the correct execution of a long running process by providing the possibility to carry out runtime checks as the agent or a program code is executed). Baldwin is analogous art to the claimed invention in the same field of endeavor as the claimed invention, or reasonably pertinent to the problem faced by the inventor, which may be in a different field. Thus, it would have been obvious to one of ordinary in the art, before the effective filing date of the claimed invention, to incorporate Baldwin’s teachings of XX a security feature that allows to check and report on the correct working of the agent or program code running on the client computer system. For this combination, the motivation would have been to improve the level of security with timely computing a correct value of the integer value. As per claim 5, the references as combined above teach the method of claim 1, but do not explicitly disclose running, during runtime of the program code, the integrity check by executing the program code at the determined location. This aspect of the claim is identified as a further difference. In a related art, Baldwin teaches: further comprising: running, during runtime of the program code, the integrity check by executing the program code at the determined location (Baldwin par. 0015-0017: runtime checks; checksum calculations or additions through to cryptographic hash calculations; obtain a check result which is returned to the guard …during runtime; par. 0019: an embedded network of guards within a piece of the program code to check that selected functions have not been changed.); responsive to determining that the program code is executed successfully, determining that the integrity of the program code is not corrupted (Baldwin par. 0016-0019: the validation program 204 may include a validation routine 212… allows detecting tampering or corruption of the management agent MA using the tamperproof program code 100; par. 0020). Baldwin is analogous art to the claimed invention in the same field of endeavor as the claimed invention, or reasonably pertinent to the problem faced by the inventor, which may be in a different field. Thus, it would have been obvious to one of ordinary in the art, before the effective filing date of the claimed invention, to incorporate Baldwin’s teachings of runtime checks that allow detecting tampering or corruption of the management agent and to ensure the integrity of the program code is not corrupted. For this combination, the motivation would have been to improve the level of security with running the integrity checks at runtime. Regarding claims 12-13, they are similar to claims 4-5 in terms of recited features, respectively; and thus, claims 12-13 are rejected for the same reasons as discussed above. Regarding claim 18, the claim is similar to claim 4 and is therefore rejected using a similar rationale. Claims 8, 16, and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Bhat, Cool, and Garba, and further in view of MAKHALOV (US 20220308956 A1; hereinafter “Makh”). As per claim 8, the references of Bhat, Cool, and Garba as combined above teach the method of claim 1, but do not explicitly disclose wherein the integrity check is generated and embedded in the program code during build time of the program code, and is executed during runtime of the program code. This aspect of the claim is identified as a further difference. In a related art, Makh teaches: wherein the integrity check is generated and embedded in the program code during build time of the program code, and is executed during runtime of the program code (par. 0017-0018: at runtime to perform an integrity check, thereby enabling the building of a canister image [during build time] once that can be reused for any following builds of the kernel; par. 0014-0015: the integrity of such canister data structures using the built-in checksum verification … enabled in the canister data structures at boot time, at run time, or at other times, wherein … the generation of a canister data structure is enabled as a built-in feature. In other words, the built-in checksum verification capabilities are integrated into a kernel image at build time). Makh is analogous art to the claimed invention in the same field of endeavor as the claimed invention, or reasonably pertinent to the problem faced by the inventor, which may be in a different field. Thus, it would have been obvious to one of ordinary in the art, before the effective filing date of the claimed invention, to modify the system of Bhat, Cool, and Garba to include an integrity check generated during build time of the program code to run at runtime for consistent reuse of the same integrity check. For this combination, the motivation would have been to improve the level of security with the consistency of running an integrity check at runtime. Regarding claim 16 and 19, they each are similar to claim 8 and are therefore rejected using a similar rationale. Allowable Subject Matter Claim 6 and 14 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. Claims 6 and 14 each recite elements of “running the integrity check by executing the program code at the determined location; responsive to determining that the execution of the program code is interrupted, determining that the integrity of the program code is corrupted.” These elements and the features thereof in combination with the other limitations in the claim(s) 1 and 9, respectively, are not anticipated by, nor made obvious over the prior art of record. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure as the prior art additionally discloses certain parts of the claim features (See “PTO-892 Notice of Reference Cited”). Any inquiry concerning this communication or earlier communications from the examiner should be directed to DON ZHAO whose telephone number is (571)272.9953. The examiner can normally be reached on Monday to Friday, 7:30 A.M to 5:00 P.M EST. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl G Colin can be reached on 571.272.3862. The fax phone number for the organization where this application or proceeding is assigned is 571.273.8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866.217.9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800.786.9199 (IN USA OR CANADA) or 571.272.1000. /Don G Zhao/Primary Examiner, Art Unit 2493 06/16/2026
Read full office action

Prosecution Timeline

Jan 31, 2025
Application Filed
Jun 24, 2026
Non-Final Rejection mailed — §101, §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12676871
Computer Security and Methods of Use Thereof
1y 9m to grant Granted Jul 07, 2026
Patent 12665919
METHOD AND SYSTEM FOR IMPLEMENTING A SERVICE THAT SIMPLIFIES NETWORK CYBER DEFENSE CAPABILITIES
3y 4m to grant Granted Jun 23, 2026
Patent 12665901
INFORMATION PROCESSING APPARATUS AND SERVICE PROVIDING SYSTEM
3y 2m to grant Granted Jun 23, 2026
Patent 12665921
RISK SCORING OF CLOUD PERMISSION ASSIGNMENTS USING SUPERVISED MACHINE LEARNING
2y 6m to grant Granted Jun 23, 2026
Patent 12665904
SECURE ASSET MANAGEMENT INFRASTRUCTURE FOR ENFORCING ACCESS CONTROL POLICIES
2y 2m to grant Granted Jun 23, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
87%
Grant Probability
99%
With Interview (+16.3%)
2y 2m (~9m remaining)
Median Time to Grant
Low
PTA Risk
Based on 791 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month