VIA Alliance Semiconductor Co., Ltd.Download PDFPatent Trials and Appeals BoardApr 20, 20212020002601 (P.T.A.B. Apr. 20, 2021) Copy Citation UNITED STATES PATENT AND TRADEMARK OFFICE UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 15/098,471 04/14/2016 Zhenhua HUANG 252229-3210 6443 109673 7590 04/20/2021 McClure, Qualey & Rodack, LLP 280 Interstate North Circle SE Suite 550 Atlanta, GA 30339 EXAMINER SAADOUN, HASSAN ART UNIT PAPER NUMBER 2435 NOTIFICATION DATE DELIVERY MODE 04/20/2021 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): dan.mcclure@mqrlaw.com terri.logan@mqrlaw.com uspatents@mqrlaw.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte ZHENHUA HUANG, YONG LI, MENGMENG YAN, and XUEHUA HAN Appeal 2020-002601 Application 15/098,471 Technology Center 2400 Before DEBRA K. STEPHENS, CARL W. WHITEHEAD JR., and ADAM J. PYONIN, Administrative Patent Judges. Opinion for the Board filed by Administrative Patent Judge STEPHENS. Opinion dissenting filed by Administrative Patent Judge PYONIN. STEPHENS, Administrative Patent Judge. DECISION ON APPEAL Pursuant to 35 U.S.C. § 134(a), Appellant1 appeals from the Examiner’s rejection. We have jurisdiction under 35 U.S.C. § 6(b). We AFFIRM. 1 Herein, “Appellant” refers to “applicant” as defined in 37 C.F.R. § 1.42(a). Appellant identifies the real party in interest as “VIA Alliance Semiconductor Co., Ltd. (AKA Shanghai Zhaoxin Semiconductor Co.).” Appeal Brief 2. Appeal 2020-002601 Application 15/098,471 2 STATEMENT OF THE CASE Introduction The Application is directed to “a Central Processing Unit (CPU) and a method to verify mainboard data” (Abstract). Claims 1–7 and 9–15 are pending; claims 1 and 9 are independent (Appeal Brief, Claims Appendix). Claim 1 is reproduced below for reference (emphases and some formatting added): 1. A Central Processing Unit (CPU), comprises: an on-die Read-Only Memory (ROM) to store trusted root digest information, wherein the trusted root digest information is not allowed to be modified; and a core to compute digest information of a trusted root data stored in a mainboard using a digest algorithm when receiving a specific instruction during a power-up process, compare the digest information with the trusted root digest information stored in the on-die ROM, and perform a signature verification algorithm with the trusted root data to verify the integrity of mainboard data if the digest information coincides with the trusted root digest information stored in the on-die ROM; wherein the mainboard data comprises a ucode patch of the CPU, and the ucode patch is signed corresponding to the trusted root data. References and Rejections The Examiner relies on the following prior art: Name Reference Date Sutton US 2003/0196096 A1 Oct. 16, 2003 Findeisen US 2009/0222653 A1 Sept. 3, 2009 Li US 2014/0129818 A1 May 8, 2014 Miller US 9,479,340 B1 Oct. 25, 2016 Appeal 2020-002601 Application 15/098,471 3 Claims 1, 3–7, 9, and 11–15 are rejected under 35 U.S.C. 103 as being unpatentable over Findeisen, Li, and Sutton (Final Action 3). Claims 2 and 10 are rejected under 35 U.S.C. § 103 as being unpatentable over Findeisen, Li, Sutton, and Miller (Final Action 8). ANALYSIS Claim 1 recites “an on-die Read-Only Memory (ROM) to store trusted root digest information wherein the trusted root digest information is not allowed to be modified; . . . ” and “ a core to . . . compare the digest information with the trusted root digest information.” The Examiner finds Findeisen teaches these recited elements except for the “on-die” limitation upon which the Examiner relies on Li to teach (Final Act. 3–5). Appellant argues, “the Office Action fails to set [forth] the required objective indicia appropriate to support the rejection” (Appeal Brief 13), because the rejection “has dissected the claimed feature of ‘comparing the digest information with trusted root digest information stored in an on-die Read-Only Memory (ROM) of a Central Processing Unit’ and has essentially recreated this feature by combining select (and disparate) features from Findeisen, Li and Sutton” (Reply Brief 7). More specifically, Appellant contends the combination of relied upon references fails to teach “compare the digest information with the trusted root digest information stored in the on-die ROM,” as recited in claim 1 (Appeal Br. 7). According to Appellant “what is stored in the on-die ROM is not the trusted root data itself, but its corresponding digest information itself” which is not taught by the references (id.). Appeal 2020-002601 Application 15/098,471 4 Initially, we note the Specification does not define explicitly “trusted root digest information” (see generally Spec.). Nor does Appellant identify any construction (see generally Appeal Br.). The Specification describes what is being stored “is just trusted root digest information with smaller size instead of the entire trusted root data” (Spec. ¶¶ 23, 35) but provides no details as to the size difference or content aside from discussion associated with an embodiment of the present invention (id. ¶ 45). Thus, Appellant does not persuade us of error in the Examiner’s interpretation. Similarly, “trusted root data” is not defined explicitly in the Specification. Rather, trusted root data is described as a public key in one example (Spec. ¶ 5 (“e.g. 2048-bit RSA public key”) and “a root public key” of a signature verification algorithm (id. ¶ 41). The Specification does not limit “trusted root data” to being a public key, instead, explicitly stating “the present invention is not limited thereto . . . In this case, rather than the root public key, other trusted root data 1110 is stored in the BIOS ROM 111 for verifying” (id. ¶ 44) (emphasis added). Thus, the Specification sets forth, in a circular description, that trusted root data may be something other than a public key, such as trusted root data. We find Appellant does not proffer sufficient evidence or argument to persuade us the Examiner’s interpretation is in error. Appellant contends, “the hash value of Findeisen is NOT directly stored in the on-die ROM” (Appeal Br. 7). In particular, Appellant contends “Findeisen’s initial hash value is retrieved by the decryption keys, but not directly stored in the internal ROM 103, while in the present invention, what is stored [in] the on-die ROM is a hash value (the claimed trusted root digest information) but not a decryption key” (Appeal Brief 5). Moreover, Appeal 2020-002601 Application 15/098,471 5 Appellant contends “what is stored in Findeisen’s non-volatile memory 120 [is] only mainboard data (like portion 121 A and portion 121B) but not ‘trusted root digest information’” (Reply Brief 6 (emphasis omitted)). Appellant’s contentions have not persuaded us of Examiner error. The Examiner has relied on the combination of Findeisen and Li to teach the limitation. More specifically, the Examiner relies on Findeisen’s computed hash value to teach the computed digest information (id. (citing Findeisen ¶¶ 37–38, Fig. 1)). Findeisen teaches “[u]pon execution of the portion 121A, a hash value may also be calculated over the image 121B copied into the system memory 110, which may then be compared with the hash value initially contained in the portion 121A” (Findeisen ¶ 38; Final Act. 4; see also Findeisen ¶ 43 (“The one or more calculated hash values may then be compared to the one or more hash values contained in a dedicated location of the data 121 or 121A”). Thus, Findeisen teaches comparing a computed hash value with an initial hash value and thus, teaches “compar[ing] the digest information with the trusted root digest information,” as recited in claim 1 (Findeisen ¶¶ 38, 43). Appellant next contends, “the hash value of Findeisen is NOT directly stored in the on-die ROM” (Appeal Br. 7). Findeisen teaches storage of the boot information including hash values in the non-volatile memory or SysROM 120, a non-volatile memory, and storage of data and instructions that serve as a static root of trust for measurement during initialization, in a secure memory area that is a static root of trust (Findeisen ¶¶ 27, 30, 34, 36– 38). Thus, Findeisen teaches the trusted root digest information is stored in Read-Only Memory (ROM), “wherein the trusted root digest information is not allowed to be modified” –– it is read-only. The Examiner then relies on Appeal 2020-002601 Application 15/098,471 6 Li to teach the on-die ROM (Final Act. 5). In particular, Li teaches “the read-only memory 105 can be an On-die ROM” (Li ¶ 21, Fig. 1A). Thus, we find the combination of Findeisen and Li teaches “compar[ing] the digest information with the trusted root digest information stored in the on-die ROM,” as recited in claim 1. Appellant’s contention that the Examiner made conclusory assertions because the Examiner quoted disclosure of “may be considered” from the Findeisen reference is not persuasive (Reply Br. 3). Indeed, Appellant does not persuade us an ordinarily skilled artisan would not understand the secure memory area is a static root of trust in an embodiment described by Feindeisen. Appellant further argues the Examiner has improperly combined the references –– Findeisen, Li, and Sutton –– because the “rationales are both incomplete and improper in view of the established standards for rejection under 35 U.S.C. § 103” (Appeal Br. 9–10). Appellant contends the Examiner cited paragraphs of Li and Sutton, “which point out certain benefits of those invention”; however, according to Appellant, “those alleged benefits have nothing to do with the feature . . . being combined into the other reference(s)” (Appeal Br. 12). Appellant does not persuade us the Examiner failed to articulate reasoning with a rational underpinning as to why an ordinarily skilled artisan would have combined the teachings of Findeisen, Li, and Sutton (Final Act. 6). More specifically, with respect to Li, the Examiner has determined an ordinarily skilled artisan would have combined the teaching of Li with Findeisen “to have an invention where the read-only memory is arranged to store a security verification code to verify the BIOS code stored in the flash memory” (Final Act. 5 (citing Li ¶ 20)). Findeisen teaches storing the hash Appeal 2020-002601 Application 15/098,471 7 values in read-only memory and storing secure information in secure ROM 103 (Findeisen ¶¶ 29, 37–38). Li teaches the read-only memory can be an on-die read-only memory (Li ¶ 21). Li further teaches the read–only memory 105 is arranged to store a security verification code and public key to verify code stored in other memory (id.). The Examiner determines Li thus teaches “an on-die Read-Only-Memory to store trusted digest information” (Ans. 14). Appellant has not persuaded us an ordinarily skilled artisan would find locating the Read-Only-Memory to be an on-die ROM, for the ROM taught by Findeisen would have been uniquely challenging or otherwise beyond the skill of an ordinarily skilled artisan (see KSR Int’l Co. v. Teleflex Inc., 550 U.S. 398, 417 (2007)). Indeed, we determine Findeisen teaches storage of trusted information in both read-only memory 120 and read-only memory 103 (Findeisen ¶¶ 27, 30, 34, 36–38). Thus, both Findeisen and Li disclose use of a ROM for storing trusted information; Li specifies the location of the ROM for storing trusted root digest information. Appellant next contends, “in applying the teachings from Sutton, the Examiner has impermissibly broadened the teachings of Sutton” (Appeal Br. 10). In particular, Appellant argues the claimed terms “root data” and “ucode” “don’t appear anywhere in Sutton” thereby distorting “the application of the cited art by combining the strained teachings of Sutton with the Findeisen/Li combination” (id. at 10, 13). Appellant, however, appears to be improperly suggesting identity of terminology is required to reject a claim (see In re Schaumann, 572 F.2d 312, 317 (CCPA 1978); see also In re Bond, 910 F.2d 831, 832 (Fed. Cir. 1990)). Appellant sets forth insufficient argument or evidence to support the assertion that the teachings of Sutton have been “impermissibly broadened” (see generally Appeal Br.). Appeal 2020-002601 Application 15/098,471 8 Nor does Appellant set forth sufficient argument or evidence as to why Sutton fails to teach the recited “wherein the mainboard data comprises a ucode patch of the CPU, and the ucode patch is signed correspond to the trusted root data,” as recited in claim 1. Appellant further argues the Examiner failed to set forth “the rationale for the motivation of its selective features with the Findeisen/Li combination” (id. at 13). The Examiner has set forth an ordinarily skilled artisan would have found it obvious to combine the teachings of Sutton with Findeisen and Li “to have a system to validate and install microcode patches” (Final Act. 6 (citing Sutton ¶ 15)). The Examiner further cites to Sutton itself as support (Ans. 14). Sutton discloses that “microcode is typically placed in a read-only memory (ROM) within the processor at the time the processor is manufactured. However, microcode sometimes needs to be modified after the processor is manufactured, and even after the processor has been placed into operation” and thus, microcode patches are installed using keys embedded in the processor (Sutton ¶¶ 1, 15, 20). The Examiner then notes Sutton describes “‘[e]mbedded’ keys are manufactured into the processor 110 in a manner that prevents them from being changed by system[ ] software and that prevents them from being read by non-secure software” (id. (citing Sutton ¶ 20) (emphasis omitted, emphasis added)). As previously noted, the Examiner has set forth an ordinarily skilled artisan would have found it obvious to combine the teachings of Sutton with Findeisen and Li “to have a system to validate and install microcode patches” (Final Act. 6 (citing Sutton ¶ 15)). The Examiner also relies on Sutton’s description that embedded keys are manufactured into a processor Appeal 2020-002601 Application 15/098,471 9 to prevent them from being changed by system software (Ans. 14 (citing Sutton ¶ 20)). As stated by the Supreme Court, “[an obviousness] analysis need not seek out precise teachings directed to the specific subject matter of the challenged claim, for a court can take account of the inferences and creative steps that a person of ordinary skill in the art would employ” (see KSR Int'l Co. v. Teleflex Inc., 550 U.S. 398, 418 (2007)). Here, the Examiner has articulated reasoning with a rational underpinning as to why Sutton’s technique could have been combined with the teachings of Findeisen and Li. In the Reply, Appellant argues Sutton fails to teach the concept of trusted root data arguing the “hash value of a public key (disclosed in Sutton) cannot properly correspond to the claimed trusted root digest information” (Reply 7). The Examiner, however, does not rely on Sutton to teach the claimed trusted root digest information (see Final Act. 3–6). As noted supra, Appellant has not proffered sufficient evidence or argument to persuade us the Examiner’s interpretation of “trusted root data” or “trusted root digest information” are in error. We additionally are not persuaded by Appellant’s allegation of “improper hindsight reconstruction” (see Appeal Br. 13). “Common sense teaches [] that familiar items may have obvious uses beyond their primary purposes, and in many cases a person of ordinary skill will be able to fit the teachings of multiple patents together like pieces of a puzzle” (KSR 550 U.S. at 420). Appellant does not proffer sufficient evidence or argument to persuade us of error in the Examiners’ conclusion of obviousness, and in particular, why the Examiner’s articulated reasoning is in error. Appeal 2020-002601 Application 15/098,471 10 After considering Appellant’s assertions, we determine Appellant’s arguments do not take into account what the collective teachings of the prior art would have suggested to one of ordinary skill in the art and are therefore ineffective to rebut the Examiner's articulated reasoning for combining the teachings of Findeisen, Li, and Sutton (see In re Keller, 642 F.2d 413, 425 (CCPA 1981)(“The test for obviousness . . . is what the combined teachings of the references would have suggested to those of ordinary skill in the art.”) (citations omitted)). Accordingly, Appellant has not persuaded us the Examiner improperly combined the teachings of Sutton, Li, and Findeisen. Accordingly, we affirm the Examiner’s obviousness rejection of independent claim 1, independent claim 9 that recites similar limitations, and the claims dependent thereon, not separately argued (see Appeal Br. 9). DECISION SUMMARY Claim(s) Rejected 35 U.S.C. § Reference(s)/Basis Affirmed Reversed 1, 3–7, 9, 11–15 103 Findeisen, Li, Sutton 1, 3–7, 9, 11– 15 2, 10 103 Findeisen, Li, Sutton, Miller 2, 10 Overall Outcome 1–7, 9–15 TIME PERIOD FOR RESPONSE No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a). See 37 C.F.R. § 1.136 (a)(1)(iv). AFFIRMED Appeal 2020-002601 Application 15/098,471 11 PYONIN, Administrative Patent Judge, dissenting. I respectfully disagree with the majority opinion in affirming the rejection of the pending claims. Based on the record before us, I am persuaded the Examiner’s rejection contains reversible error. See Reply Br. 5, 6. Claim 1 recites “trusted root digest information” that is, inter alia, both (1) not allowed to be modified, and (2) compared to digest information computed from data stored in a mainboard. The Examiner relies on Findeisen for these claim features. Appeal Br. 13, 14. Specifically, the Examiner finds two different elements of Findeisen meet the trusted root digest information limitation: (1) Findeisen’s “‘trusted set of data 103A, which is substantially resistant against any external manipulation’ can be interpreted as ‘wherein the trusted root digest information is not allowed to be modified,’” or, alternatively, (2) Findeisen’s “‘boot information 121 . . . also can be interpreted as . . . ‘trusted root digest information’” that is “compare[d] [to] digest information.” Ans. 11–12 (emphases omitted); Findeisen ¶¶ 30, 36. I agree with Appellant that the Examiner has improperly “dissected the claimed feature” of the trusted root digest information. Reply Br. 7. Neither of the Examiner’s citations to Findeisen (i.e., the (1) trusted set of data 103A or the (2) boot information 121) teach or suggest the trusted root digest information, in the context of claim 1. See Reply Br. 5, 6. First, Findeisen’s trusted set of data 103A comprises “instructions and data values representing a secure load routine . . . [and] one or more decryption keys” (Findeisen ¶ 32), which is used to “enabl[e] a decryption of the encrypted hash values” (Findeisen ¶ 38). Findeisen provides no mention of comparing Appeal 2020-002601 Application 15/098,471 12 data 103A to other data, as required by claim 1. See Appeal Br. 5; Findeisen ¶¶ 42, 43. Second, I find that one of ordinary skill would not understand Findeisen’s boot information 121 “is not allowed to be modified,” as required by claim 1. Findeisen implicitly suggests the boot information 121 can be changed, as the reference goes to great lengths to describe trusted set of data 103A is protected, but makes no similar disclosures with respect to boot information 121. See, e.g., Findeisen ¶ 27. Moreover, Findeisen’s boot information 121 is BIOS information stored in “non-volatile memory 120, such as a flash memory and the like.” Findeisen ¶ 33; see also Findeisen Fig. 1c (depicting the non-volatile memory as Flash ROM). Such memory is an arrangement for storing computer BIOS that provides flexibility by allowing for updates (i.e., modifications).2 See Appeal Br. 5. Li teaches “BIOS code is stored in flash memory of the electronic system,” which allows for “tampering with the BIOS code.” Li ¶ 5. As explained similarly in Sutton, “an encoded patch may be stored in non-volatile memory such as the BIOS,” and “key(s) [can be] . . . placed into BIOS with a BIOS upgrade.” Sutton ¶¶ 23, 27. Thus, I agree with Appellant that Findeisen’s boot information 121 does not teach or 2 “Flash memory is an electronic non-volatile computer memory storage medium that can be electrically erased and reprogrammed.” Wikipedia, https://en.wikipedia.org/wiki/Flash_memory (retrieved March 31, 2021); see also PC Magazine, https://www.pcmag.com/encyclopedia/term/flash-rom (“Another term for flash memory. Since flash chips can be updated over and over, the ROM (read only) designation is somewhat misleading.”) (retrieved March 31, 2021). Appeal 2020-002601 Application 15/098,471 13 suggest “trusted root digest information [that] is not allowed to be modified” as claimed. See Appeal Br. 8, 9; Reply Br. 6. I am persuaded Findeisen does not teach an element that satisfies all requirements of the claimed trusted root digest information. See Appeal Br. 9. The Examiner does not rely on Li or Sutton for these teachings; nor does the Examiner provide a reason to modify Findeisen to obtain “trusted root digest information” having all the required features of the claim. See Ans. 10–14. Accordingly, I am persuaded the Examiner errs in finding all limitations of claim 1 are obvious in view of the cited art. See Reply Br. 5, 6. Respectfully, I would not sustain the Examiner’s obviousness rejection of the claims. Copy with citationCopy as parenthetical citation
