2020006240 (P.T.A.B. Jan. 20, 2022)

International Business Machines Corporation

Patent Trials and Appeals BoardJan 20, 2022

2020006240 (P.T.A.B. Jan. 20, 2022)

UNITED STATES PATENT AND TRADEMARK OFFICE UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 15/808,937 11/10/2017 Michael Hanner CA920160134US02 9043 59401 7590 01/20/2022 CANTOR COLBURN LLP - IBM AUSTIN 20 Church Street 22nd Floor Hartford, CT 06103 EXAMINER WOLDEMARIAM, NEGA ART UNIT PAPER NUMBER 2433 NOTIFICATION DATE DELIVERY MODE 01/20/2022 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): usptopatentmail@cantorcolburn.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte MICHAEL HANNER, PAUL IONESCU, IOSIF V. ONUT, and JEFFREY C. TURNHAM Appeal 2020-006240 Application 15/808,937 Technology Center 2400 Before JOSEPH L. DIXON, ELENI MANTIS MERCADER, and CARL L. SILVERMAN, Administrative Patent Judges. DIXON, Administrative Patent Judge. DECISION ON APPEAL STATEMENT OF THE CASE Pursuant to 35 U.S.C. § 134(a), Appellant1 appeals from the Examiner’s decision to reject claims 1-5, 7, and 8. We have jurisdiction under 35 U.S.C. § 6(b). We REVERSE. 1 We use the word Appellant to refer to “applicant” as defined in 37 C.F.R. § 1.42(a) (2019). Appellant identifies the real party in interest as International Business Machines Corporation. Appeal Br. 2. Appeal 2020-006240 Application 15/808,937 2 CLAIMED SUBJECT MATTER The claims are directed to automatic detection of an incomplete static analysis security assessment. Static analysis testing, also known as static program analysis, is a common practice in software development that enables development teams to determine if their products have security flaws. Static analysis testing can be performed without executing programs. Spec. ¶ 3. Claim 1, reproduced below, is illustrative of the claimed subject matter: 1. A computer-implemented method for automatic detection of an incomplete static analysis security assessment, the method comprising: obtaining component versioning data associated with a build of an application; determining, using the component versioning data associated with the build of the application, that a static analysis security assessment configuration of the application is incomplete; responsive to determining that the static analysis security assessment configuration of the application is incomplete, generating metadata, wherein the metadata comprises an historical record of changes in a source code repository, a set of commit objects, and a set of references to the commit objects; generating an application portfolio comprising a plurality of static analysis security assessment configurations associated with a plurality of applications, wherein the plurality of applications comprises the application; and updating the application portfolio using the metadata associated with the application. Appeal 2020-006240 Application 15/808,937 3 Claims App’x. REFERENCES The prior art relied upon by the Examiner is: Name Reference Date Dixon et al. (“Dixon”) US 2009/0070734 A1 Mar. 12, 2009 Epstein US 2013/0276056 A1 Oct. 17, 2013 Nambiar et al. (“Nambiar”) US 2015/0074641 A1 Mar. 12, 2015 REJECTIONS Claims 1-5 stand rejected under 35 U.S.C. § 103 as being unpatentable over Epstein in view of Nambiar. Claims 7 and 8 stand rejected under 35 U.S.C. § 103 as being unpatentable over Epstein in view of Nambiar as applied to claim 1 above and further in view of Dixon. OPINION 35 U.S.C. § 103 Claims 1-5 We are bound by the controlling guidance of our reviewing court: “[i]t is the claims that measure the invention.” See SRI Int’l v. Matsushita Elec. Corp. of Am., 775 F.2d 1107, 1121 (Fed. Cir. 1985) (en banc) (citations omitted); In re Hiniker Co., 150 F.3d 1362, 1369 (Fed. Cir. 1998) (citations omitted) (“[T]he name of the game is the claim.”) (emphasis added). “Though understanding the claim language may be aided by the explanations contained in the written description, it is important not to Appeal 2020-006240 Application 15/808,937 4 import into a claim limitations that are not a part of the claim.” SuperGuide Corp. v. DirecTV Enters., Inc., 358 F.3d 870, 875 (Fed. Cir. 2004). “We have cautioned against reading limitations into a claim from the preferred embodiment described in the specification, even if it is the only embodiment described, absent clear disclaimer in the [S]pecification.” In re Am. Acad. of Sci. Tech Ctr., 367 F.3d 1359, 1369 (Fed. Cir. 2004). We review the appealed rejections for error based upon the issues Appellant identifies, and in light of the arguments and evidence produced thereon. Ex parte Frye, 94 USPQ2d 1072, 1075 (BPAI 2010) (precedential) (cited with approval in In re Jung, 637 F.3d 1356, 1365 (Fed. Cir. 2011) (“[I]t has long been the Board’s practice to require an applicant to identify the alleged error in the [E]xaminer’s rejections.”). As articulated by the Federal Circuit, the Examiner’s burden of proving non-patentability is by a preponderance of the evidence. See In re Caveney, 761 F.2d 671, 674 (Fed. Cir. 1985) (“[P]reponderance of the evidence is the standard that must be met by the PTO in making rejections.”). “A rejection based on section 103 clearly must rest on a factual basis.” In re Warner, 379 F.2d 1011, 1017 (CCPA 1967). “The Patent Office has the initial duty of supplying the factual basis for its rejection. It may not . . . resort to speculation, unfounded assumptions or hindsight reconstruction to supply deficiencies in its factual basis.” Id. Upon review of the evidence and each of the respective positions set forth in the record, we find that the preponderance of evidence supports Appellant’s position in the record. Accordingly, we reverse each of the Examiner’s rejections on appeal essentially for the reasons set forth in the record by Appellant, and add the following for emphasis only. Appeal 2020-006240 Application 15/808,937 5 Appellant’s sole independent claim 1, recites, inter alia, the limitations “responsive to determining that the static analysis security assessment configuration of the application is incomplete, generating metadata, wherein the metadata comprises an historical record of changes in a source code repository, a set of commit objects, and a set of references to the commit objects.” Appellant argues that the Examiner’s finding that the Epstein reference does not teach the historical records of changes and the Nambiar reference discloses “metadata.” Appeal Br. 5-7. Appellant further contends that the metadata in Nambiar is not described as comprising “an historical record of the changes in a source code repository” as claimed, but rather to changes to the first functional rule. Appeal Br. 6 (emphasis omitted); Reply Br. 2-3. The Examiner attempts to address Appellant’s arguments and relies upon paragraph 24 of the Appellant’s Specification describing examples of metadata to include “commit objects” and “references to commit objects.” Ans. 3. The Examiner additionally finds “in some embodiments the fingerprint data may identify one or more programs to which the page belongs, a dynamic linked library (DLL) that created the memory page, or other information (i.e. a historical record or changes in a source code repository)).” Ans. 3. The Examiner also finds that Nambiar does not explicitly include everything in the example cited above in applicants specification, however, it is structurally capable of containing all the elements in the metadata (see Nambiar , ¶¶ 65, 69, 81 and 84, metadata including the history of changes, version and/or software product information (e.g. “a set of commit objects, and a set of Appeal 2020-006240 Application 15/808,937 6 references to the commit objects”), and/or a list of software components to which the functional rule has been assigned) disclosing the recited claim limitation. A claimed invention must result in a structural difference between the claimed invention and the prior art in order to patentably distinguish the claimed invention from the prior art. If the prior art structure is capable of performing the intended use, then it meets the claim. In this case the cited prior art reference structure (i.e. metadata) is capable of containing what is listed as an example in the disclosure. Ans. 3-4. In the Reply Brief, Appellant argues that the Examiner’s reliance upon Appellant’s Specification regarding “commit objects” and “references to commit objects” as examples of “metadata” is unreasonable, and the Examiner does not address the plain language of the claim. Reply Br. 3. Appellant also argues that the Examiner also fails to provide any reasoning to support why the prior art reference structure is capable of containing the particularly claimed “an historical record of changes in a source code repository, a set of commit objects, and a set of references to the commit objects. Id. We agree with Appellant and find that the Examiner is speculating as to the content of the Epstein and Nambiar references. Moreover, we also find the Examiner is attempting to reconstruct Appellant’s claimed invention from the disparate teachings of the Epstein and Nambiar references and relying upon Appellant’s Specification to expand the express teachings of the two prior art references. Furthermore, the Examiner’s finding that a claimed invention must result in a structural difference is unreasonable as it applies to illustrative independent claim 1 because claim 1 is directed to “[a] computer-implemented method for automatic detection of an incomplete Appeal 2020-006240 Application 15/808,937 7 static analysis security assessment” reciting the specific step of generating specific metadata and updating the application portfolio using the generated metadata. Additionally, the Examiner has not provided a persuasive line of reasoning to support the Examiner’s structural difference and intended use findings. As a result, we find Appellant has identified an error in the Examiner’s factual findings and ultimate conclusion of obviousness of illustrative independent claim 1 and dependent claims 2-5 which contain the same limitations. Dependent claims 7 and 8 Neither Dixon nor Nambiar remedies the noted deficiency in the base rejection of illustrative independent claim 1. As a result, we cannot sustain the rejection of dependent claims 7 and 8 for the reasons discussed above. Appeal 2020-006240 Application 15/808,937 8 CONCLUSION We reverse the Examiner’s obviousness rejections of claims 1-5, 7, and 8 on the record before us. DECISION SUMMARY In summary: Claims Rejected 35 U.S.C. § Reference(s)/Basis Affirmed Reversed 1-5 103 Epstein, Nambiar 1-5 7, 8 103 Epstein, Nambiar, Dixon 7, 8 Overall Outcome 1-5, 7, 8 REVERSED