CUPP Computing ASDownload PDFPatent Trials and Appeals BoardAug 25, 2020IPR2019-00765 (P.T.A.B. Aug. 25, 2020) Copy Citation Trials@uspto.gov Paper No. 29 571-272-7882 Date: August 25, 2020 UNITED STATES PATENT AND TRADEMARK OFFICE ____________ BEFORE THE PATENT TRIAL AND APPEAL BOARD ____________ TREND MICRO INC., Petitioner, v. CUPP COMPUTING AS, Patent Owner. ____________ IPR2019-00765 Patent 9,843,595 B2 ____________ Before THOMAS L. GIANNETTI, GARTH D. BAER, and SHARON FENICK, Administrative Patent Judges. BAER, Administrative Patent Judge. JUDGMENT Final Written Decision Determining All Challenged Claims Unpatentable 35 U.S.C. § 318(a) IPR2019-00765 Patent 9,843,595 B2 2 I. INTRODUCTION Trend Micro Inc. (“Petitioner”) filed a Petition (Paper 1, “Pet.”), requesting an inter partes review of claims 1, 9, 11, 13, 14, 16, 24, 26, 28, and 29 (the “challenged claims”) of U.S. Patent No. 9,843,595 (Ex. 1001, “the ’595 patent”). CUPP Computing AS (“Patent Owner”) filed a Preliminary Response to the Petition (Paper 6, “Prelim. Resp.”). In addition, Petitioner filed a Reply (Paper 8) and Patent Owner a Sur-Reply (Paper 9) directed to a claim construction issue. After considering the parties’ arguments, we determined that the information presented in the Petition established that there was a reasonable likelihood that Petitioner would prevail with respect to at least one challenged claim. Pursuant to 35 U.S.C. § 314, we instituted this inter partes review as to all of the challenged claims and all grounds raised in the Petition. Paper 10 (“Institution Dec.”). Following institution, Patent Owner filed a Response. Paper 14 (“PO Resp.”). Subsequently, Petitioner filed a Reply (Paper 16, “Pet. Reply”) and Patent Owner filed a Sur-Reply (Paper 18, “PO Sur-reply”). In addition, Patent Owner filed a Motion to Exclude Evidence. Paper 22. We deny that motion in a separate Order entered concurrently. On June 10, 2020, we held a consolidated oral hearing with IPR2019- 00767, involving U.S. Patent No. 9,106,683, and IPR2019-00764, involving U.S. Patent No. 8,631,488. A transcript of the hearing is included in the record. Paper 28 (“Tr.”). We have jurisdiction under 35 U.S.C. § 6. This decision is a Final Written Decision under 35 U.S.C. § 318(a). For the reasons we identify below, we determine that Petitioner has demonstrated by a preponderance of IPR2019-00765 Patent 9,843,595 B2 3 the evidence that claims 1, 9, 11, 13, 14, 16, 24, 26, 28, and 29 of the ’595 patent are unpatentable. A. RELATED PROCEEDINGS The parties identify the following related matters: CUPP Cybersecurity LLC v. Trend Micro, Inc., et al., Case No. 3:18-cv-01251 (N.D. Tex.); CUPP Cybersecurity LLC v. Symantec Corp., Case No. 3:18- cv-01554 (N.D. Tex.); Symantec Corp. v. CUPP Cybersecurity LLC, et al., Case No. 3:18-cv-04720 (N.D. Cal.); CUPP Cybersecurity LLC, et al. v. Symantec Corp., Case No. 3:19-cv-00298 (N.D. Cal.). B. REAL PARTY-IN-INTEREST The Petition identifies Trend Micro as the real party-in-interest. Pet. 1. Patent Owner in its Preliminary Response does not contest this identification. Patent Owner identifies CUPP Computing AS as the real party-in-interest. Paper 4, 1. C. THE ’595 PATENT The ’595 patent is directed to a system and method for providing security to a mobile device over a network. Ex. 1001, 1:44–64. The mobile device may receive a wake signal from a power management state before managing security services, such as scanning a storage medium for malware, or updating security applications. Id., Abstract. This allows for reduced power consumption by the mobile device while maintaining security when the device is connected to an untrusted network. Id. at 2:1–60. Figure 20 is reproduced below. IPR2019-00765 Patent 9,843,595 B2 4 Figure 20 is a flowchart illustrative of an embodiment of the invention. Id. at 5:24–26. D. ILLUSTRATIVE CLAIM Petitioner challenges claims 1, 9, 11, 13, 14, 16, 24, 26, 28, and 29 of the ’595 patent. Of the challenged claims, claims 1 and 16 are independent. IPR2019-00765 Patent 9,843,595 B2 5 Independent claim 1 is representative of the challenged claims and is reproduced below: 1. A security system, comprising: security system memory; a communication interface configured to communicate with a mobile device and configured to communicate over a network with a security administrator device, the mobile device including a mobile device processor and including a security agent configured to cooperate with the security system, the security administrator device having a security administrator processor different than the mobile device processor, the mobile device being remote from the security administrator device; and a security system processor being different than the mobile device processor and different than the security administrator processor, the security system processor being configured to: store in the security system memory at least a portion of wake code, the wake code being configured to detect a wake event and to send a wake signal to the mobile device in response to detecting the wake event, the security agent of the mobile device being configured to receive the wake signal, the security agent of the mobile device being configured to wake at least a portion of the mobile device from a power management mode in response to receiving the wake signal, the security agent of the mobile device being configured to perform security services after the at least a portion of the mobile device has been woken; detect a particular wake event; prepare a particular wake signal in response to detecting the particular wake event; and send the particular wake signal to the mobile device in response to detecting the particular wake event, the security agent of the mobile device being configured to wake the at least a portion of the mobile device in IPR2019-00765 Patent 9,843,595 B2 6 response to receiving the particular wake signal and being configured to perform particular security services after the at least a portion of the mobile device has been woken. Ex. 1001, 31:13–51. E. ASSERTED GROUNDS OF UNPATENTABILITY Petitioner asserts the following grounds of unpatentability. Pet. 3–4. Claims Challenged 35 U.S.C. §1 Reference(s)/Basis 1, 9, 16, 24 § 103 Joseph2 13, 14, 28, 29 § 103 Joseph, Zmudzinski3 1, 9, 11, 16, 24, 26 § 103 Gordon4 13, 14, 28, 29 § 103 Gordon, Zmudzinski 11, 26 § 103 Joseph, Gordon Petitioner submitted a Declaration of Dr. Markus Jakobsson (Ex. 1011, “Jakobsson Decl.”), and a Supplemental Declaration of Dr. Jakobsson (Ex.1020, “Jakobsson Supp. Decl.”). Patent Owner has submitted a Declaration of Nenad Medvidovic, Ph.D. (Ex. 2007, “Medvidovic Decl.”). 1 The Leahy-Smith America Invents Act (“AIA”) amended 35 U.S.C. § 103. See Pub. L. No. 112-29, 125 Stat. 284, 285–88 (2011). As the application that issued as the ’595 patent was filed before the effective date of the relevant amendments, the pre-AIA version of § 103 applies. 2 U.S. Patent Application Publication No. 2010/0218012 A1 (international filing date May 26, 2008) (Ex. 1007). 3 U.S. Patent Application Publication No. 2007/0266265 A1 (published November 15, 2007) (Ex. 1009). 4 U.S. Patent No. 7,818,803 B2 (filed January 16, 2008) (Ex. 1010). IPR2019-00765 Patent 9,843,595 B2 7 II. ANALYSIS A. LEVEL OF ORDINARY SKILL Petitioner contends [a] person of ordinary skill in the art at the time of the alleged invention of the ’595 patent (i.e., August 4, 2008) . . . would have had a bachelor’s degree in computer science, electrical engineering, or a comparable field of study, plus at least two years of professional experience with computer security systems, or the equivalent. Pet. 15–16 (footnote omitted) (citing Jakobsson Decl. ¶ 56). Patent Owner’s Response does not provide a formulation of the person of ordinary skill. Dr. Medvidovic, however, provides the following testimony: “It is my opinion that the person of ordinary skill in the art in the field of the ‘595 Patent would be someone with a bachelor’s degree in computer science or related field, and either (1) two or more years of industry experience and/or (2) an advanced degree in computer science or related field.” Medvidovic Decl. ¶ 36. The two formulations differ only slightly. For example, Dr. Jakobsson is more specific in requiring “experience with computer security systems, or the equivalent.” Jakobsson Decl. ¶ 56. Petitioner’s definition is supported by credible expert testimony, is more consistent with the prior art before us, and is also commensurate with the level of skill reflected in the ’595 patent. See Okajima v. Bourdeau, 261 F.3d 1350, 1355 (Fed. Cir. 2001) (prior art itself may reflect an appropriate level of skill). We, therefore, adopt Petitioner’s description. However, we would reach the same result on the ultimate question of obviousness under either formulation. IPR2019-00765 Patent 9,843,595 B2 8 B. CLAIM CONSTRUCTION A recent amendment to the rules changing the claim construction standard applies here because the Petition was filed after November 13, 2018, the effective date of the amendment. See Changes to the Claim Construction Standard for Interpreting Claims in Trial Proceedings Before the Patent Trial and Appeal Board, 83 Fed. Reg. 51,340, 51,340, 51358 (Oct. 11, 2018) (amending 37 C.F.R. § 42.100(b) effective November 13, 2018) (now codified at 37 C.F.R. § 42.100(b) (2019)). Thus, for this inter partes review, the Board applies the same claim construction standard as that applied in federal courts. See id. In this context, claim terms “are generally given their ordinary and customary meaning” as understood by a person of ordinary skill in the art in question at the time of the invention. Phillips v. AWH Corp., 415 F.3d 1303, 1312–13 (Fed. Cir. 2005) (en banc). “In determining the meaning of the disputed claim limitation, we look principally to the intrinsic evidence of record, examining the claim language itself, the written description, and the prosecution history, if in evidence.” DePuy Spine, Inc. v. Medtronic Sofamor Danek, Inc., 469 F.3d 1005, 1014 (Fed. Cir. 2006) (citing Phillips, 415 F.3d at 1312–17). Extrinsic evidence is “less significant than the intrinsic record in determining ‘the legally operative meaning of claim language.’” Phillips, 415 F.3d at 1317. 1. “power management mode” Petitioner propounds “power management mode” means “a mode where the mobile device conserves power,” and asserts that Patent Owner has adopted this construction in related litigation. Pet. 16. Patent Owner does not dispute this construction. See PO Resp. 9–10. We agree with Petitioner’s construction and adopt it for this Final Written Decision. IPR2019-00765 Patent 9,843,595 B2 9 2. “a security system processor being different than the mobile device processor” Although resolution of this claim construction issue is central to this controversy (see infra), neither party initially requested construction of this phrase appearing in all challenged claims. However, at the request of Petitioner, and because this issue was seen as a dispositive, the Board granted additional briefing on the issue. Paper 7 (Order, July 3, 2019). Thus, as noted supra, Petitioner filed a pre-institution Reply (Paper 8) and Patent Owner filed a pre-institution Sur-reply (Paper 9), directed solely to the construction of this phrase. The dispute centers on whether the term “a security system processor being different than the mobile device processor” requires that the mobile security system be separate and remote from the mobile device. In the Preliminary Response, Patent Owner took the position that “[t]he security system must be remote from the mobile device.” Prelim. Resp. 18. On this basis, Patent Owner contended that Joseph fails to meet this limitation because “Joseph requires its security/diagnostics unit 14 [to] be physically integrated into the mobile device.” Id. Patent Owner made a similar argument for Gordon: “Thus, the security system and its processor must be remote from the mobile device and its processor and Petitioner has failed to show that Gordon discloses a security system with a processor different from a processor of the mobile device.” Id. at 26. We were not persuaded at institution that such a narrow construction of this term was warranted. Institution Dec. 6–11. As instructed by Phillips, we first looked to the words of the claim. Phillips, 415 F.3d at 1312. The claim language does not say the mobile security system cannot be part of the mobile device. Nor does it require the IPR2019-00765 Patent 9,843,595 B2 10 mobile security system to be “remote” or “separate” from the mobile device. Cf. Prelim. Resp. 2 (“the security system of the ’595 Patent is remote from the mobile device”); 17 (“the mobile security system and its processor are separate from a processor of the mobile device”); 18 (“The security system must be remote from the mobile device.”); 19 (“two separate and distinct devices”). The claim language simply says that the security system processor “being different than” the mobile device processor. We observed that the plain and ordinary meaning of the term “different” does not require “remote” or “separate.” Institution Dec. 7. We cited Merriam Webster’s Collegiate Dictionary (10th ed.) 323 (defining “different” as “partially or totally unlike in nature, form, or quality”) (Ex. 3001) and The Random House College Dictionary (Rev. ed.) 370 (defining “different” as “differing in character or quality; not alike; dissimilar”) (Ex. 3002).5 Id. Further, we noted that the claims refer to the processors being “different,” not the systems or devices that include the processors. Id. at 8. Moreover, we noted that the ’595 patent specification does not support Patent Owner’s narrowing construction. Id. As stated in Phillips, “the specification is always highly relevant to the claim construction 5 The Federal Circuit has approved the use of dictionaries for guidance in claim construction, “so long as the extrinsic evidence does not contradict the meaning otherwise apparent from the intrinsic record.” Helmsderfer v. Bobrick Washroom Equip., Inc., 527 F.3d 1379, 1382 (Fed. Cir. 2008); see also Comaper Corp. v. Antec, Inc., 596 F.3d 1343, 1348 (Fed. Cir. 2010) (approving of “consult[ing] a general dictionary definition of [a] word for guidance” in determining ordinary meaning); Praxair, Inc. v. ATMI, Inc., 543 F.3d 1306, 1325 (Fed. Cir. 2008) (“[O]ur decisions, including Phillips, do not preclude the use of general dictionary definitions as an aid to claim construction.”) (citation omitted). IPR2019-00765 Patent 9,843,595 B2 11 analysis. Usually, it is dispositive; it is the single best guide to the meaning of a disputed term.” Phillips, 415 F.3d at 1315 (internal quotes and citation omitted). We noted that Figure 3 of the ’595 patent and the accompanying text disclose an embodiment in which mobile security system 345 and mobile device 310 are shown as being separate. Institution Dec. 8. However, the specification also explains that this is not a requirement, and that the mobile security system may be incorporated within the mobile device: The mobile security system 345 may be in a pocket-size, handheld-size or key-chain size housing, or possibly smaller. Further, the mobile security system 345 may be incorporated within the mobile device 310. Ex. 1001, 8:36–39 (emphasis added). Patent Owner asserted prior to institution that “[t]he plain language of this claim term means that the security system processor cannot reside on the mobile device itself because otherwise the security system processor would be a processor of the mobile device.” Paper 9, 1. We were not persuaded by this argument. In the ’595 patent, the mobile security system is defined by what it does, not by where it resides. Institution Dec. 9. Thus, in describing mobile security system 345 and its components, shown in Figure 5, including processor 515, the ’595 patent states: “Although these modules are illustrated as within the mobile security system 345, one skilled in the art will recognize that many of them could be located elsewhere, e.g., on the security administrator 325 or on third-party systems in communication with the mobile security system 345.” Ex. 1001, 8:31–36. Patent Owner attempted to explain the disclosure in the specification of a mobile security system that “may be incorporated within the mobile device.” Paper 9, 2. Patent Owner claimed it is “axiomatic” that the claims IPR2019-00765 Patent 9,843,595 B2 12 “need not ‘be interpreted to cover each and every embodiment.’” Id. We were not persuaded by this argument. Institution Dec. 9–11. The Federal Circuit has observed that “there is a strong presumption against a claim construction that excludes a disclosed embodiment.” Nobel Biocare Servs. AG v Instradent USA, Inc., 903 F.3d 1365, 1381 (Fed. Cir. 2018). Patent Owner identified nothing in the intrinsic record that convinced us this presumption has been overcome. Institution Dec. 11. As set forth supra, we concluded that neither the plain language of the claims nor the specification supports Patent Owner’s narrowing construction. Id. at 9. Nor were we convinced that the prosecution history demonstrates that the mobile security system and mobile device must be remote or separate, as Patent Owner asserted. Institution Dec. 9–11. According to Patent Owner, “the [PTO] has already considered and rejected the argument that a separate processor located on the mobile device itself can satisfy this aspect of the challenged claims.” Paper 9, 1. Patent Owner refers to an argument presented by the applicants to distinguish a reference (Priestley, Ex. 2004) during prosecution of U.S. Patent No. 9,106,683 (“the ’683 patent”), a patent related to the ’595 patent. Ex. 2001. According to Patent Owner, the applicants in that prosecution “distinguished the Priestley reference on the basis that the standalone chip on the motherboard of the mobile device does not qualify as a security system processor ‘different from a mobile system processor of each of the mobile devices.’” Paper 9, 4. Phillips requires us to consider the prosecution history of a patent in construing the claims. 415 F.3d at 1317. But Phillips also cautions that the prosecution history often is “less useful” that the specification: IPR2019-00765 Patent 9,843,595 B2 13 Furthermore, like the specification, the prosecution history was created by the patentee in attempting to explain and obtain the patent. Yet because the prosecution history represents an ongoing negotiation between the PTO and the applicant, rather than the final product of that negotiation, it often lacks the clarity of the specification and thus is less useful for claim construction purposes. Phillips, 415 F.3d at 1317. Any ambiguity in the prosecution history makes it less relevant to claim construction. See Inverness Med. Switz. GmbH v. Warner Lambert Co., 309 F.3d 1373, 1380–82 (Fed. Cir. 2002) (“It is inappropriate to limit a broad definition of a claim term based on prosecution history that is itself ambiguous.”); Northern Telecom Ltd. v. Samsung Elec. Co., Ltd., 215 F.3d 1281, 1295 (Fed. Cir. 2000) (“[C]onfusing statements in the prosecution history simply fail to overcome the ordinary meaning of the [disputed] limitation.”). Furthermore, the Federal Circuit has made it clear that disavowal of claim scope by a patentee requires “expressions of manifest exclusion or restriction.” Epistar Corp. v. ITC, 566 F.3d 1321, 1335 (Fed. Cir. 2009). More specifically, “to operate as a disclaimer, the statement in the prosecution history must be clear and unambiguous, and constitute a clear disavowal of scope.” Continental Circuits LLC v. Intel Corp., 915 F.3d 788, 798 (Fed. Cir. 2019). At institution, we saw in the ’683 patent prosecution history no clear and unambiguous waiver of claim scope in the applicants’ arguments addressed to Priestley. Institution Dec. 11. Patent Owner’s post-institution arguments on the construction of this limitation mirror the arguments made in its Preliminary Response. PO Resp. 10–19. Patent Owner continues to advance its rejected argument that the term “a security system processor being different than the mobile device processor” not only requires that the mobile security system processor be IPR2019-00765 Patent 9,843,595 B2 14 “separate from (i.e., not incorporated or embedded in) the mobile device” (PO Resp. 10) (emphasis added), but also that the security system be “remote from the mobile device.” PO Resp. 2 (“the security system of the ’595 Patent is remote from the mobile device”); 21 (“The security system must be remote from the mobile device. . . . Thus, the security system and its processor must be remote from the mobile device and its processor.”); 27 (“[T]he ‘different processors’ claim element requires that the mobile security system processor be remote from the mobile device itself.”); 33 (“Thus, the security system and its processor must be remote from the mobile device and its processor . . . . ”); 37 (“[T]he ‘different processors’ claim element requires that the mobile security system processor be remote from the mobile device itself.”). Patent Owner’s main post-institution argument for this proposed “separate and remote” construction relies on the ’683 patent prosecution history, and specifically the applicants’ statements distinguishing Priestley. According to Patent Owner, “the ’683 Patent prosecution history includes a clear disavowal of a claim interpretation in which the mobile security system processor is incorporated in the mobile device itself, despite Applicant having made additional distinctions and arguments in the prosecution of the ’683 Patent.” PO Resp. 15–16. Patent Owner faults the Board’s analysis of the prosecution history in the Institution Decision, asserting that the applicants’ statement regarding Priestley “is clear, unambiguous, textbook disclaimer.” Id. at 12. Petitioner responds that “[a]t a minimum, Patent Owner’s prosecution statements are ambiguous and amenable to multiple reasonable interpretations, and therefore do not meet the ‘demanding standard’ for prosecution disclaimer.” Pet. Reply 8. IPR2019-00765 Patent 9,843,595 B2 15 We agree with Petitioner’s argument and find that the statements in the ’683 patent prosecution history regarding Priestley are too ambiguous to support Patent Owner’s “separate and remote” argument (i.e., that the security system and the mobile device must be “separate and remote”). This is evident from the statements themselves and their context in the prosecution history, which we review below. a. Prosecution History The Examiner relied on Priestley, along with two other references, Chang (Ex. 2002) and Grant (Ex. 2003), in initially rejecting the claims of the application for the ’683 patent. Ex. 2001, 126–127. The Examiner applied Priestley to meet the “different processors” claim recitation: “the mobile security system having a mobile security system processor different than a mobile device processor of the mobile device.” Ex. 2001, 126. According to the Examiner, Priestley discloses a Trusted Platform Module (“TPM”) “to provide security functions to computing platforms.” As described by the Examiner, Priestley discloses: “Typically, [the TPM] is implemented as an additional stand-alone chip attached to a PC motherboard. However, TPMs may be implemented in hardware or software.” Id. at 127. In rejecting the claims, the Examiner reasoned the use of a processor for the mobile security system separate from the main processor would have been obvious: It would have been obvious to one of ordinary skill in the art at the time of invention was made to incorporate the teachings of Priestley et al. in to the method of Chang et al. and Grant. The use of separate security processors would be an obvious interchangeable variation of the underlying hardware. Among other potential benefits would be savings on the complexity and cost of the main processor. Id. (emphasis added). IPR2019-00765 Patent 9,843,595 B2 16 The applicants responded to the rejection by amending the claims to add other limitations. Ex. 2001, 172–174. The applicants added limitations calling for the recited wake signal to wake the mobile device, and managing the security services “using the mobile security system” “in response to waking the mobile device from the power management mode.” Id. at 172– 173. In their Remarks accompanying the amendment, the applicants stressed the new limitations added in the amendment: Applicants respectfully submit that the cited art, alone or in combination, does not teach or suggest, “providing, using the mobile security system, a wake signal in response to the wake event, the wake signal waking the mobile device from a power management mode; and managing, using the mobile security system, security services of the mobile device in response to waking the mobile device from the power management mode,” as recited in claim 1 as amended. Id. at 175 (emphases added). The applicants advanced a similar argument for claim 10. Id. at 180. After several pages of remarks developing this argument, the applicants finally addressed Priestley. Id. at 178–180. Relying on Priestley’s statement that the TPM is “[t]ypically . . . implemented as a stand-alone chip attached to the PC motherboard,” the applicants argued that Priestley did not meet the “different processors” limitation: If it were implemented as a stand-alone chip attached to a PC motherboard, the TPM of Priestley would not be part of a mobile security system. More specifically, the TPM of Priestley would be part of the motherboard of the mobile devices of the reference. As a result, the TPM would not include a mobile security system processor different from a mobile system processor of each of the mobile devices. IPR2019-00765 Patent 9,843,595 B2 17 Id. at 179 (emphasis added). In summing up the argument distinguishing Priestley, the applicants did not rely on the “different processors” feature, but instead relied on the other features of the claim added in the amendment: Therefore, Applicants respectfully submit Priestley does not teach or suggest, “providing, using the mobile security system, a wake signal in response to the wake event, the wake signal waking the mobile device from a power management mode; and managing, using the mobile security system, security services of the mobile device in response to waking the mobile device from the power management mode,” as recited in claim 1 as amended. Id. at 179–180 (emphasis added). Finally, in summing up the argument for patentability, the applicants again relied on features other than the “different processors”: For at least the foregoing reasons, Applicants respectfully submit the cited art, alone or in combination, does not teach or suggest, “providing, using the mobile security system, a wake signal in response to the wake event, the wake signal waking the mobile device from a power management mode; and managing, using the mobile security system, security services of the mobile device in response to waking the mobile device from the power management mode,” as recited in claim 1 as amended. Therefore, claim 1 is patentable over the cited art, alone or in combination. Id. at 180 (emphasis added). The applicants presented a similar argument for claim 10. Id. at 180–181. The Examiner responded by allowing the claims, providing no reasons for allowance, stating that “the record is clear in light of applicant’s arguments and specification.” Id. at 212. b. Discussion Patent Owner argues that the Board erred by taking into consideration the “alternative arguments” presented during prosecution of the ’683 patent: “[T]he other arguments, made with respect to other claim language, and to IPR2019-00765 Patent 9,843,595 B2 18 distinguish the teachings of other references has no bearing on whether Applicant’s statements regarding the scope of the ‘different processors’ term were ‘clear and unmistakable.’” PO Resp. 13–14. Patent Owner makes a similar argument criticizing our discussion in the Institution Decision and above of the Examiner’s reasons for allowance: “This reasoning constitutes legal error because disclaimer should be found even if the Examiner did not rely on the argument in order to allow the claims.” Id. at 15 (emphasis omitted). But even focusing just on the statements addressing Priestley, we find that the ’683 patent’s prosecution history does not unambiguously support Patent Owner’s “separate and remote” claim construction, i.e., that the mobile security system and the mobile device must be separate and remote. We find that, at most, the applicants’ arguments say that Priestly lacks a security system processor that is different from a mobile device processor because the TPM in Priestly is located on the same motherboard as the mobile device’s processor. Ex. 2001, 179. We agree with Petitioner and find that applicants’ argument distinguishing Priestly is directed to “different processors,” but not “separate and remote devices.” Pet. Reply 8. Petitioner points out that the claim language does not say the mobile security system cannot be part of the mobile device. Id. at 2. Petitioner further points out that the meaning of “system” is not limited to a device, “let alone a device that is separate from the claimed ‘mobile device.’” Id. at 3–4. In addition, Petitioner presents three “alternative interpretations” of the prosecution history, supporting Petitioner’s argument that “at a minimum,” Patent Owner’s prosecution history statements are “amenable to multiple reasonable interpretations.” Id. at 8. Petitioner describes these alternatives as follows: IPR2019-00765 Patent 9,843,595 B2 19 [1] One alternate interpretation is that Patent Owner argued that if the TPM [in Priestly] were a “stand-alone chip,” it “would not be part of a mobile security system” because there would not be any larger security system encompassing the chip. [2] A second alternate interpretation is that PO argued that “the TPM would not include a mobile security system processor” because the TPM is only a “stand-alone chip,” not a larger system that includes a processor as one component. [3] A third interpretation is that Patent Owner assumed that the TPM functionality would have to be subsumed into the motherboard’s CPU, resulting in only one processor. Id. at 8–9. Petitioner asserts “[e]ach of these three interpretations differs from Patent Owner’s current interpretation.” Id. at 9. We find, for the reasons set forth in above and in our Institution Decision, that the prosecution history cited by Patent Owner is at best ambiguous, and in any case there was no “disavowal” that would support Patent Owner’s proposed construction calling for the mobile security system to be “separate and remote” from the mobile device. The applicant’s prosecution history argument was that two processors on the same motherboard are not “different” processors, as claimed. Thus, to the extent there was a disclaimer, it extends only to a mobile device processor and security system processor on the same motherboard. The applicants never argued to the Examiner in the ’683 patent’s prosecution that the mobile security system or its processor is necessarily “separate and remote” from the mobile device, or that the mobile security processor cannot be on the mobile device, so long as it is not on the same motherboard. That is understandable, because that argument would have contradicted the specification, which states: “Further, the mobile security system 345 may be incorporated within the mobile device 310.” Ex. 1001, 8:38–39 (emphasis added). Because the mobile security system processor is within the mobile IPR2019-00765 Patent 9,843,595 B2 20 security system, this statement in the specification contradicts Patent Owner’s position that the mobile security system and processor must be “separate and remote” from the mobile device. Patent Owner attempts to characterize this disclosure in the specification of the ’595 patent that a mobile security system “may be incorporated within the mobile device” as an unclaimed embodiment. PO Resp. 16–19. Patent Owner presents two principal arguments, neither of which we find persuasive. First, Patent Owner argues that Petitioner has failed to show this description of the mobile security system as “incorporated within the mobile device” is a preferred embodiment. Id. at 16. Patent Owner asserts the Federal Circuit authorities that caution against claim constructions that exclude preferred embodiments are, therefore, not applicable. Id. (distinguishing Vitronics Corp. v. Conceptronic, Inc., 90 F.3d 1576, 1580–81 (Fed. Cir. 1996)). We are not persuaded by this argument. As Petitioner points out, the ’595 patent does not distinguish among the embodiments disclosed, referring to all of them, collectively, as “preferred embodiments.” Ex. 1001, 30:55.6 Thus, the embodiment in which the mobile security system is “incorporated within the mobile device” is a preferred embodiment. Patent Owner’s second argument characterizes the Board’s reliance on the Federal Circuit’s decision in Nobel Biocare, 903 F.3d 1365, 1382, as “misplaced.” PO Resp. 17. We cited Nobel Biocare because it states that “there is a strong presumption against a claim construction that excludes a disclosed embodiment.” Institution Dec. 9. According to Patent Owner, this 6 We agree with Petitioner that there can be more than one preferred embodiment. See Tr. 8:3–9. IPR2019-00765 Patent 9,843,595 B2 21 “broad statement . . . is not supported by its underlying case law.” PO Resp. 17–18. Patent Owner attributes this “misstatement” in Nobel Biocare to “a game of judiciary telephone”: “Like a game of judiciary telephone, the string of cases has resulted in a misstatement that there is a presumption against claim construction that excludes a mere disclosed embodiment, rather than a preferred embodiment.” Id. at 19. We disagree with Patent Owner’s characterization of Nobel Biocare and with its characterization of the clear language of the Federal Circuit in that case. But the argument is, in any case, unavailing, in light of Patent Owner’s identification of the embodiment in the specification describing the mobile security system as “incorporated within the mobile device” as preferred. Ex. 1001, 30:55. Nor are we persuaded by Patent Owner’s related argument that “it is not necessary that each claim read on every embodiment.” PO Resp. 16–17. While this principle may apply in some cases where, for example, there is a clear indication of a disavowal, it does not apply here, where there is no indication in the claim language, the specification, or the prosecution history of any intent not to claim the preferred embodiment in which the mobile security system is incorporated within the mobile device. “To disavow claim scope, the specification must contain ‘expressions of manifest exclusion or restriction, representing a clear disavowal of claim scope.’” Retractable Techs., Inc. v. Becton, Dickinson & Co., 653 F.3d 1296, 1306 (Fed. Cir. 2011) (quoting Epistar Corp. v. Int’l Trade Comm’n, 566 F.3d 1321, 1335 (Fed. Cir. 2009)); SciMed Life Sys., Inc. v. Advanced Cardiovascular Sys., Inc., 242 F.3d 1337, 1341 (Fed. Cir. 2001) (“Where the specification makes clear that the invention does not include a particular feature, that feature is deemed to be outside the reach of the claims of the IPR2019-00765 Patent 9,843,595 B2 22 patent, even though the language of the claims, read without reference to the specification, might be considered broad enough to encompass the feature in question.”). Finally, we address an argument presented in Patent Owner’s Sur- reply and developed further at the oral argument. PO Sur-reply 5–6; Tr. 68:14–69:18. Citing the Federal Circuit’s decision in Aylus Networks, Inc. v. Apple, Inc., 856 F.3d 1353, 1361 (Fed. Cir. 2017), Patent Owner asserts that its counsel’s statements during the course of this proceeding are effective in this proceeding as a disavowal of claim scope. PO Sur-reply 6. Patent Owner proclaims in its Sur-reply: “[T]o the extent there remains any question, Patent Owner affirmatively disclaims any construction of this term that encompasses a security system processor located on the mobile device itself.” Id. at 5–6. We are not persuaded that Aylus supports Patent Owner’s argument. The issue before the Federal Circuit in Aylus was whether statements made by a patent owner during inter partes reviews can be considered for claim construction in a successive district court action involving the same patent. Aylus, 856 F.3d at 1359. The Federal Circuit, after reviewing the case law, concluded in that context, “that statements made by a patent owner during an IPR proceeding, whether before or after an institution decision, can be considered for claim construction and relied upon to support a finding of prosecution disclaimer.” Id. at 1362. In support of this holding, the Federal Circuit expressed concern over the unfairness to litigants in district court that might result if the rule were otherwise: “Extending the prosecution disclaimer doctrine to IPR proceedings will ensure that claims are not argued one way in order to maintain their patentability and in a different way against accused infringers.” Id. at 1360. IPR2019-00765 Patent 9,843,595 B2 23 In Aylus, the remarks that led to the finding by the district court of a disavowal came in two separate prior IPR proceedings that apparently had concluded.7 Thus, Aylus does not stand for the proposition that Patent Owner’s counsel can effect a contemporaneous disavowal of claim scope in this proceeding merely by making arguments in this proceeding, and without regard to whether there is support in the specification and claim language. The Federal Circuit has stated that “the PTO is under no obligation to accept a claim construction proffered as a prosecution history disclaimer, which generally only binds the patent owner.” Tempo Lighting, Inc. v. Tivoli, LLC, 742 F.3d 973, 978 (Fed. Cir. 2014). Accepting an attempted disavowal of claim scope expressly made during an IPR proceeding to avoid prior art in that same proceeding would discourage patent owners from using the amendment process permitted by statute and the Board’s rules. The importance of the amendment process to IPRs has been recognized by the Federal Circuit: The AIA relies on the adversarial nature of IPRs to ensure quick but thorough adjudication of the merits: the petitioner raises its best arguments at the outset; the patent owner has the opportunity to adjust the scope of its claims if need be; and the Board provides a speedy ruling as to the patentability of the original and amended claims. Aqua Prod., Inc. v. Matal, 872 F.3d 1290, 1312 (Fed. Cir. 2017) (en banc). In sum, for the reasons given, we are not persuaded by Patent Owner’s arguments that the claims should be construed as requiring the mobile security system to be “separate and remote” from the mobile device. 7 According to the Federal Circuit’s decision, the Board did not institute inter partes review as to claims 2 and 21, the two claims involved in the litigation. Aylus, 856 F.3d at 1363. IPR2019-00765 Patent 9,843,595 B2 24 C. ASSERTED PRIOR ART 1. Joseph (Ex. 1007) Joseph is a published patent application titled “Methods and Systems for Providing a Wireless Security Service and/or a Wireless Technical Support Service for Personal Computers.” Ex. 1007, code (54). Petitioner contends that Joseph’s effective date as prior art is before the earliest possible priority date for the ’595 patent, thus qualifying Joseph as prior art under pre-AIA 35 U.S.C. § 102(e). Pet. 17. Patent Owner does not challenge Joseph’s availability as prior art. Joseph is directed to “enhancing security of personal computers and facilitating recovery of stolen, lost or otherwise missing personal computers.” Ex. 1007 ¶ 7. Joseph discloses providing the laptop computer with an “integrated” security diagnostics unit (“SDU”). Id. ¶ 60. By “integrated,” the reference means that the SDU “is internal to a casing of the laptop computer . . . and is an integral part of internal hardware of the laptop computer.” Id. The SDU provides wireless security service or wireless technical support services to the laptop computer. Id. The SDU communicates with a network entity referred to as a “security/technical support entity” at a remote location by sending and receiving messages via a wireless network. Id. ¶ 61. The SDU is shown in Figure 3 of Joseph reproduced here: IPR2019-00765 Patent 9,843,595 B2 25 Figure 3 of Joseph, reproduced above, is a block diagram showing personal computer 12 including SDU 14. Ex. 1007 ¶¶ 39, 79. The SDU is connected to power management system 40 of the personal computer through system management bus 78. Id. The SDU includes control unit 30, which contains hardware and software for implementing interface 61 and processing element 63. Id. ¶ 73. The processing element comprises one or more processors 74 for performing processing operations to implement the functionality of the control unit. Id. ¶ 74. These processors may be general purpose computers that execute code to implement the functionality of control unit 30. Id. As shown in Figure 3, this processor is separate from processor 48 that is part of main processing unit 35 of the laptop computer. Id. ¶ 54. 2. Gordon (Ex. 1010) Gordon is a patent titled “Security Module Having a Secondary Agent in Coordination with a Host Agent.” Ex. 1010, code (54). Petitioner IPR2019-00765 Patent 9,843,595 B2 26 contends that Gordon’s effective date as prior art is at least as early as January 16, 2007. Pet. 46. Petitioner contends that this date qualifies Gordon as prior art under pre-AIA 35 U.S.C. § 102(e). Id. Patent Owner does not challenge Gordon’s availability as prior art. Figure 1 of Gordon, annotated by Petitioner, is reproduced here. Figure 1 of Gordon (annotated by Petitioner) is a schematic functional block diagram showing protected host device 10 (e.g., a laptop computer) with security module 19 (outlined in red). Ex. 1010, 6:14–16, 14:1. The security module includes firmware agent 21 connected to the host. Id. at 14:45–46. The laptop and wireless security module also communicate with monitoring center 70 via a wireless connection. Id. at Fig. 2, 5:7–12, 15:12–15. IPR2019-00765 Patent 9,843,595 B2 27 3. Zmudzinski (Ex. 1009) Zmudzinski is a published patent application titled “Method and Apparatus for Managing Power from a Sequestered Partition of a Processing System.” Ex. 1009, code (54). Petitioner contends that Zmudzinski’s publication date is before the earliest alleged priority date for the ’595 patent, thus qualifying Zmudzinski as prior art under pre-AIA 35 U.S.C. § 102(a). Pet. 39. Patent Owner does not dispute the availability of Zmudzinski as prior art. Zmudzinski relates to managing power in processing systems with multiple logical partitions. Ex. 1009 ¶ 2. The processing systems can be a single machine or multiple machines, such as laptops or handheld devices. Id. ¶ 20. A processing system can put different partitions in different power modes, such as “reduced power mode.” Id. ¶ 17. The system can wake a partition to perform any of various functions, including a virus scanning. Id. ¶ 67. D. OBVIOUSNESS ANALYSIS The Petition challenges claims 1, 9, 11, 13, 14, 16, 24, 26, 28, and 29 of the ’595 patent. Petitioner asserts unpatentability of the claims based obviousness. 1. First Ground: Obviousness of Claims 1, 9, 16, and 24 based on Joseph Petitioner contends claims 1, 9, 16, and 24 would have been obvious over Joseph. Pet. 16–38. Based on Petitioner’s analysis and for the reasons explained below, we find Petitioner has shown by a preponderance of evidence that claims 1, 9, 16, and 24 would have been obvious over Joseph. IPR2019-00765 Patent 9,843,595 B2 28 a. “a security system processor being different than the mobile device processor” Claim 1 requires “a mobile device . . . and a security system processor being different than the mobile device processor.” Petitioner asserts Joseph discloses a laptop computer 12 (the clamed “mobile device”) incorporating a security/diagnostics unit (SDU) 14, which Petitioner identifies as the claimed security system having “a security system processor” (i.e., processor 74). Pet. 20, 23, 26. Petitioner refers to Joseph’s Figure 3 that illustrates SDU processor 74 as “being different than” processor 48 on laptop computer 12. Id. at 24 (citing Ex. 1007, Fig. 3). Patent Owner asserts that Joseph does not disclose “a security system processor being different than the mobile device processor.” PO Resp. 20– 23. Referring to the prosecution history of a related U.S. Patent No. 8,631,488 (“the ’488 patent”), Patent Owner asserts, “th[e] concept of the security system and its processor residing in the mobile device was disclosed in the combination of Chang and Grant and was considered and rejected.” PO Resp. 20–21. Patent Owner does not explain, however, how the asserted prosecution history addressing Chang and Grant impacts whether the claimed “different” processors can reside on the same device, as they do in Joseph. To the contrary, we agree with Petitioner’s characterization of the ’488 patent’s prosecution history: “Patent Owner tried to distinguish Chang and Grant on the basis that they did not disclose two different processors, not on the basis that they did not disclose two separate devices.” Pet. Reply 11 (citing Ex. 1006, 339, 341). Patent Owner’s remaining arguments depend on its contention that “[t]he security system must be remote from the mobile device.” See PO Resp. 21–23. We IPR2019-00765 Patent 9,843,595 B2 29 disagree with Patent Owner’s argument for the reasons explained above in Section II.B.2. Joseph teaches an SDU processor that is different than the laptop processor, i.e., boxes 48 and 74 in Figure 2. Joseph also teaches that “one or more components of the security/diagnostics unit 14 may be part of a motherboard or other circuit board of the laptop computer 12.” Ex. 1007 ¶ 60 (emphasis added). Thus, we find Joseph teaches the disputed limitation requiring “a security system processor being different than the mobile device processor.” b. “the mobile device including a mobile device processor and including a security agent configured to cooperate with the security system,” and “the security agent of the mobile device being configured to perform security services” Claim 1 requires “the mobile device including a mobile device processor and including a security agent configured to cooperate with the security system,” and “the security agent of the mobile device being configured to perform security services.” Petitioner asserts that Joseph teaches this limitation because, in Joseph, “the laptop’s one or more processors 48 together with the power management controller 76 are the claimed ‘security agent.’” Pet. 24. This is so, Petitioner argues, “because the one or more processors 48 and the power management controller 76 execute program code configured to cooperate with the SDU 14 (the security system), e.g., to power on the laptop 12 or its components, and to execute security services on the laptop 12.” Id. Petitioner goes on to explain that “Joseph discloses several diagnostic and maintenance services performed by the laptop 12 and its processor 48” including “diagnostics and/or maintenance operations,” “powering-up command to cause the laptop 12 to boot up and then load and execute a kernel of the OS,” “information upload IPR2019-00765 Patent 9,843,595 B2 30 command to update software applications” “upload information (e.g., drivers, applications, etc.), perform one or more tests, and/or perform other diagnostic and/or maintenance operations on the laptop computer 12,” and “modifying a configuration setting or uploading an application.” Pet. 34–35 (citing Ex. 1007 ¶¶ 144, 146, 149, 151, 162). Petitioner explains that a skilled artisan “would have understood that all of the above services that the laptop 12 is configured to perform (i.e., scanning the mobile device, updating the mobile device, and/or performing maintenance functions) are security services.” Id. at 35. In contesting whether Joseph teaches the “security agent of the mobile device being configured to perform security services” limitation, Patent Owner again relies on its argument that the mobile device must be remote from the security system. See PO Resp. 25 (“Since the security system cannot be part of the mobile device as discussed in [Patent Owner’s “different” means “remote” claim construction argument] Petitioner’s position that Joseph’s security system may reside on the mobile device also fails.”). We disagree with Patent Owner for the reasons explained above. Patent Owner further asserts that having Joseph’s security/diagnostics unit 14 on the mobile device (as opposed to remote form the mobile device) “defeats [the security device’s] purpose as the mobile device’s ‘first line of defense’ as a network security system or gateway (i.e., a separate device).” Id. at 26 (citing Ex. 1001, 1:48–64). We disagree with Patent Owner’s argument because the claims do not recite a “first line of defense.” In addition, even if we were to require such a feature or purpose, we agree with Petitioner that “Joseph’s security/diagnostics unit 14 does provide a ‘first line of defense’ that is separate from any additional lines of defense[] IPR2019-00765 Patent 9,843,595 B2 31 provided by the laptop’s main processing unit 34 and processor 48.” Pet. Reply 12–13. At the hearing, Patent Owner argued for the first time that Joseph fails to teach the claimed “security agent of the mobile device being configured to perform security services” because, in Joseph, the alleged security agent (i.e., the laptop’s processors 48, together with the power management controller 76) does not perform the asserted security services. Instead, Patent Owner contends, Joseph’s control unit 30—which is not part of what Petitioner identified as the claimed “security agent”—performs the alleged security services. See Tr. 41:14–17, 50:7–18, 52:18–21. We disagree with Patent Owner’s argument for two reasons. First, Patent Owner’s argument is procedurally flawed because Patent Owner did not raise it in the Response. See Paper 11, 7 (“Patent Owner is cautioned that any arguments for patentability not raised in the response may be deemed waived.”); see also Office Patent Trial Practice Guide, 77 Fed. Reg. 48,756, 48,766 (Aug. 14, 2012) (“The patent owner response . . . should identify all the involved claims that are believed to be patentable and state the basis for that belief.”). Putting aside the waiver problem, we also disagree with Patent Owner’s argument substantively. Even though, as Patent Owner contends, Joseph describes the cited security service commands as originating from the security device’s control unit 30, we agree with Petitioner that one skilled in the art would understand that the laptop’s processor 48—i.e., part of the asserted security agent—would actually perform some of those security services. See Ex. 1007 ¶ 144 (describing that the control unit 30 “issues one or more control signals to various components of the laptop computer 12 . . . in order to carry out the one or more diagnostics and/or maintenance operations”) (emphasis added); see also Tr. 80:11–22 IPR2019-00765 Patent 9,843,595 B2 32 (explaining that when upgrading the mobile device’s software, although the security device is “managing it, by sending [the] control signal,” “the security service is actually performed by the laptop’s main processor”); id. at 90:19–24 (explaining that the security device works with a mobile device’s CPU and memory system to erase and encrypt data). Thus, we agree with Petitioner that the security agent “perform[s]” the recited security services, as claim 1 requires. c. “the security system processor being configured to . . . send the particular wake signal to the mobile device in response to detecting the particular wake event, the security agent of the mobile device being configured to wake the at least a portion of the mobile device in response to receiving the particular wake signal and being configured to perform security services after the at least a portion of the mobile device has been woken.” Claim 1 requires “the security system processor being configured to . . . send the particular wake signal to the mobile device in response to detecting the particular wake event, the security agent of the mobile device being configured to wake the at least a portion of the mobile device in response to receiving the particular wake signal and being configured to perform particular security services after the at least a portion of the mobile device has been woken.” Petitioner asserts Joseph teaches this limitation because, among other things, “Joseph discloses that the SDU 14 can detect a wake event issued from the security/technical support entity 20 via a message requiring the SDU 14 to power-up the laptop 12 or its components (i.e., wake up the laptop 12 or its components).” Pet. 28–29 (citing Ex. 1007 ¶ 65). Petitioner goes on to explain that “Joseph discloses that in response to a wake event from the security/technical support entity 20 . . . the SDU 14 provides signals to the laptop 12’s power management controller 76 to cause the laptop 12 or specific components of the laptop 12 to become powered on IPR2019-00765 Patent 9,843,595 B2 33 (i.e., SDU 14 provides a wake signal to the mobile device).” Id. at 29–30 (citing Ex. 1007 ¶¶ 75, 79, 82, 84, 92, 126). For the claimed security services, Petitioner explains that the laptop’s processor 48 implements a portion of the security agent to perform security services such as erasing/encrypting data, activating/deactivating hardware components, or upgrading software, among other things. Id. at 34 (citing Ex. 1007 ¶ 75, 134); see id. at 35 (citing Ex. 1007 ¶¶ 144, 146, 149, 151, 162). Based on these arguments and cited disclosures in Joseph, we agree with Petitioner that Joseph discloses “the security system processor being configured to . . . send the particular wake signal to the mobile device in response to detecting the particular wake event, the security agent of the mobile device being configured to wake the at least a portion of the mobile device in response to receiving the particular wake signal and being configured to perform particular security services after the at least a portion of the mobile device has been woken.” Patent Owner asserts Joseph fails to teach this limitation because the commands sent from Joseph’s SDU simply power on and off the laptop, rather than waking the laptop from a power management mode. PO Resp. 28. We disagree with Patent Owner because its argument assumes that a powered-off state is not a “power management mode.” Because a powered-off state meets the parties’ undisputed construction of power management mode (i.e., “a mode where the mobile device conserves power”), we agree with Petitioner that transitioning the laptop from off to powered is waking the laptop from a power management mode. See Pet. Reply 14–15. Patent Owner further argues that Joseph does not teach the disputed limitation because in Joseph, the “the enabling of a laptop after it has been recovered is not disclosed as the impetus for subsequently ‘perform IPR2019-00765 Patent 9,843,595 B2 34 security services after the at least a portion of the mobile device has been woken,’ as required by the challenged claims.” PO Resp. 29. We disagree with Patent Owner’s argument because, as Petitioner notes, the claim language at issue imposes only a temporal restriction—i.e. “perform security services after the at least a portion of the mobile device has been woken”— rather than a causal one. Pet. Reply 15. d. Uncontested limitations As for the remaining limitations of claim 1, Petitioner provides a detailed analysis of Joseph’s disclosures that teach every element of the claim. Pet. 19–36. For example, Petitioner cites Joseph’s storage medium 57 as the claimed “security system memory.” Id. at 20. Petitioner identifies Joseph’s laptop 12 as the claimed “mobile device.” Id. at 22. Petitioner asserts Joseph’s Figure 3 shows SDU 14 as including an interface 61, which is the claimed “communication interface” that communicates with other components of the mobile device, as claim 1 requires. Id. at 21–22. Joseph’s interface 61 also communicates over a wireless network via wireless interface 28, and so “communicate[s] over a network,” as claim 1 requires. Id. at 22 (citing Ex. 1007 ¶¶ 68–70, 73). Petitioner asserts Joseph’s security/technical support entity 20 corresponds to the claimed “security administrator device.” Id. at 23. In addition, Joseph’s Figure 4 shows laptop 12 communicating with technical support entity 20 that includes server 60, which Petitioner corresponds to the claimed “security administrator processor.” Id. at 25–26. Joseph further discloses processor 74 executing program code stored in storage medium 57 (Ex. 1007 ¶ 74), which Petitioner asserts teaches the claimed “wake code” stored in the security system memory. Id. at 27–28, 31–32. Petitioner also asserts that in Joseph, SDU 14 receives messages from technical support entity 20 that IPR2019-00765 Patent 9,843,595 B2 35 allow laptop 12 and specific components thereof to be turned on, thus fulfilling claim 1’s requirements related to a “wake event” and “wake signal.” Id. at 29–32. Petitioner asserts that in light of Joseph’s control signals and commands, Joseph teaches the claimed “security agent” and “security services.” See id. at 24, 32–35. Specifically, control signals from control unit 30 allow the laptop computer 12 to be turned on, and subsequently perform various functions including encrypting memory elements, uploading a software upgrade, and communicating with security/technical support entity 20. Ex. 1007 ¶¶ 75–76. Additionally, a server may transmit messages to SDU 14 to perform technical support commands, including diagnostics or maintenance operations on the laptop. Id. ¶ 144. Other than as discussed above, Patent Owner offers no argument disputing Petitioner’s analysis. We have reviewed Petitioner’s arguments and the underlying evidence cited in support and are persuaded Petitioner sufficiently establishes Joseph teaches the remaining, undisputed limitations in claim 1. See Pet. 19–36. For the reasons explained above, Petitioner has proved by a preponderance of the evidence that claim 1 would have been obvious over Joseph. e. Claim 16 Independent claim 16 is a method claim parallel in scope to claim 1. The parties do not argue claim 16 separately from claim 1. See Pet. 36–38; PO Resp. 19–30. For the same reasons explained above, Petitioner has proved by a preponderance of the evidence that claim 16 would have been obvious over Joseph. IPR2019-00765 Patent 9,843,595 B2 36 f. Claims 9 and 24 Claims 9 and 24 depend, respectively, from claims 1 and 16 and further require “wherein the performing the particular security services includes removing unauthorized data from the mobile device.” Petitioner cites Joseph’s paragraphs 75 and 134, which disclose erasing data stored in one or more memory elements of the memory system 42, as encompassing the additional function recited in claims 9 and 24. Pet. 36. Patent Owner does not dispute Petitioner’s assertions in this regard. We have reviewed Petitioner’s arguments and the underlying evidence cited in support and are persuaded Petitioner sufficiently establishes Joseph teaches “wherein the performing the particular security services includes removing unauthorized data from the mobile device.” 2. Second Ground: Obviousness of Claims 13, 14, 28, and 29 based on Joseph and Zmudzinski Petitioner contends claims 13, 14, 28, and 29 would have been obvious over Joseph and Zmudzinski. Pet. 39–46. Based on Petitioner’s analysis and for the reasons explained below, we find Petitioner has shown by a preponderance of evidence that claims 13, 14, 28, and 29 would have been obvious over Joseph and Zmudzinski. Petitioner asserts that Zmudzinski discloses “wherein the performing the particular security services includes performing a malware scan of the mobile device” (claims 13 and 28), as well as “wherein the performing the particular security services includes performing a data security scan of the mobile device” (claims 14 and 29). Id. at 41–46. Specifically, Petitioner cites Zmudzinski’s paragraph 67 as disclosing waking a device logical partition to perform “virus scanning.” Id. at 42. According to Petitioner, a virus scan is both a malware scan (claims 13 and 28) and a data security scan IPR2019-00765 Patent 9,843,595 B2 37 (claims 14 and 29). Id. at 41, 42. Petitioner further asserts it would have been obvious to one skilled in the art to modify Joseph to perform Zmudzinski’s virus or malware scanning as an example of processing “complementary to, and compatible with” the functionality and capabilities of the Joseph laptop, particularly given the known benefits of protecting devices from malicious code. Id. at 44–45. Patent Owner does not contest Petitioner’s assertions in this regard. Based on the current record, we agree with Petitioner’s analysis: The combination of Joseph and Zmudzinski’s virus scanning would not have involved more than applying a known technique (i.e., virus scanning) to a known device (i.e., the Joseph laptop) that was ready for improvement (i.e., ready to include virus scanning as a service invoked after being awoken from power management mode) to yield predictable results (i.e., virus detection as a security service). Id. at 45. Thus, we find Petitioner has demonstrated sufficient reasoning with some rational underpinning to support the legal conclusion that its asserted combination of Joseph and Zmudzinski would have been obvious to one of ordinary skill in the art. See KSR Int’l Co. v. Teleflex, Inc., 550 U.S. 398, 418 (2007). 3. Third Ground: Obviousness of Claims 1, 9, 11, 16, 24, and 26 based on Gordon Petitioner contends claims 1, 9, 11, 16, 24, and 26 would have been obvious over Gordon. Pet. 46–70. Based on Petitioner’s analysis and for the reasons explained below, we find Petitioner has shown by a preponderance of evidence that claims 1, 9, 11, 16, 24, and 26 would have been obvious over Gordon. IPR2019-00765 Patent 9,843,595 B2 38 a. “a security system processor being different than the mobile device processor” Petitioner asserts Gordon teaches “a security system processor being different than the mobile device processor.” Pet. 57–59. According to Petitioner, Gordon discloses a laptop computer 10 (the clamed “mobile device”) incorporating a wireless security module 19, which Petitioner maps to the claimed security system having a security system processor (i.e., the processor that implements firmware agent 21). Id. at 58. Because Gordon discloses that “the security module or subsystem is incorporated in a processor, which is separate from the main processor of the laptop,” Gordon’s includes a security system processor “being different than” its mobile device processor. Id. (quoting Ex. 1010, 11:14–16). Patent Owner asserts that Gordon does not disclose “a security system processor being different than the mobile device processor.” PO Resp. 31. Patent Owner’s arguments are the same as those addressed above related to Joseph—i.e., that the claims preclude the security system and its processor residing in the mobile device. See id. at 31–33. We disagree with Patent Owner’s argument for the reasons explained above. Gordon teaches a security system processor (i.e., the processor running firmware agent 21) that is different than the laptop’s main processor. Ex. 1010, 11:14–16. Gordon also teaches that the security system processor may reside “on a board separate from the motherboard.” Id. at 10:14–15. Thus, we find Gordon teaches the disputed limitation requiring “a security system processor being different than the mobile device processor.” IPR2019-00765 Patent 9,843,595 B2 39 b. “the mobile device including a mobile device processor and including a security agent configured to cooperate with the security system,” and “the security agent of the mobile device being configured to perform security services” Claim 1 requires “the mobile device including a mobile device processor and including a security agent configured to cooperate with the security system,” and “the security agent of the mobile device being configured to perform security services.” Petitioner asserts that Gordon’s host agent 14 is the claimed security agent. Pet. 54. According to Petitioner, “Gordon discloses the host agent cooperating with the security module’s firmware [security agent] agent via messages ‘to switch on the computer and/or wake up the host agent.’” Id. at 55 (quoting Ex. 1010, 17:5–9). In addition, Gordon’s discloses that “the firmware agent should wake-up the host so that a data protection measure can be invoked.” Id. at 64 (quoting Ex. 1010, 4:58–63). Because “[a] POSITA would have understood that ‘a data protection measure’ is a security service designed to protect the laptop,” Gordon’s host agent (security agent) performs security services, as claimed. Id. at 64. In contesting whether Gordon teaches the claimed “security agent of the mobile device being configured to perform security services,” Patent Owner again relies on its argument that the mobile device must be remote from the security system. See PO Resp. 35 (“Since the security system is remote from the mobile device as discussed in [Patent Owner’s “different” means “remote” claim construction argument] Petitioner’s position that Gordon’s disclosed security system may reside on the mobile device also fails.”). We disagree with Patent Owner for the reasons explained above. Patent Owner further asserts that that having Gordon’s wireless security module 19 on the mobile device (as opposed to remote form the mobile IPR2019-00765 Patent 9,843,595 B2 40 device) “defeats [the security device’s] purpose as a mobile device’s ‘first line of defense’ as a network security system.” Id. at 36–37 (citing Ex. 1001, 1:48–64). We disagree with Patent Owner’s argument because the claims do not recite a “first line of defense.” In addition, even if we were to require such a feature in the claims, we agree with Petitioner that “Gordon’s security module 19 provides a ‘first line of defense’ that is separate from any additional lines of defense provided by the laptop’s main processor.” Pet. Reply 19. At the hearing, Patent Owner argued for the first time that Gordon fails to teach the claimed “security agent of the mobile device being configured to perform security services” because in Gordon, the alleged security agent (i.e., the host agent 14 laptop’s processors 48, together with the power management controller 76) does not perform the asserted security services. Instead, Patent Owner contends, Gordon’s firmware agent 21— which is not part of what Petitioner mapped to the claimed “security agent”—performs the alleged security services. See Tr. 49:16–23. We disagree with Patent Owner’s argument for two reasons. First, Patent Owner’s argument is procedurally flawed because Patent Owner did not raise it in the Response. See Paper 11, 7 (“Patent Owner is cautioned that any arguments for patentability not raised in the response may be deemed waived.”); see also Office Patent Trial Practice Guide, 77 Fed. Reg. 48,756, 48,766 (Aug. 14, 2012) (“The patent owner response . . . should identify all the involved claims that are believed to be patentable and state the basis for that belief.”). Putting aside the waiver problem, we also disagree with Patent Owner’s argument substantively. Even though in Gordon, the cited security services involve the firmware agent, we agree with Petitioner that one IPR2019-00765 Patent 9,843,595 B2 41 skilled in the art would understand that the host agent—i.e., the asserted security agent—would actually perform some of the security services. See Ex. 1010, 4:58–63 (“[T]he firmware agent should wake-up the host so that a data protection measure can be invoked.”) (emphasis added); see also Tr. 82:2–8 (“So the firmware agent is saying hey, wake up and do this data protection measure. It is managing it; it’s not actually performing it. In that particular case, the laptop’s main processor will perform it.”). As Petitioner’s expert, Dr. Jakobsson explained, “software updates and uploads (i.e., software deployments) are security services,” and “[a] POSITA would have understood that these services are performed by the host agent because it is woken up in order to perform these services.” Ex. 1011 ¶ 152. We agree with Dr. Jakobsson’s analysis. Thus, we agree with Petitioner that the security agent “perform[s]” the asserted security services, as claim 1 requires. c. Uncontested limitations As for the remaining limitations of claim 1, Petitioner provides a detailed analysis of Gordon’s disclosures that teach every element of the claim. Pet. 47–65. Petitioner identifies Gordon’s laptop 10 as the claimed “mobile device.” Id. at 50. Petitioner asserts the small boxes between Gordon’s wireless security module and host agent represent the claimed “communication interface” that communicates with other components of the mobile device over a network, as claim 1 requires. Id. at 50–52. Petitioner asserts Gordon’s management center 70 corresponds to the claimed “security administrator device.” Id. at 52. In addition, Joseph’s Figure 1 shows Gordon’s management center 70 includes a server 71, whose processor is the claimed “security administrator processor.” Id. at 56–57. In Gordon, the firmware agent can receive a message from the monitoring center IPR2019-00765 Patent 9,843,595 B2 42 “indicat[ing] that the firmware agent should wake-up the host so that a data protection measure can be invoked.” Id. at 59 (quoting Ex. 1010, 4:58–63). Petitioner explains that the message from the monitoring center 70 is the claimed “wake event,” and the subsequent wake-up signal sent to the host agent is the claimed “wake signal.” Id. at 59–60. According to Petitioner, Gordon teaches that the wake event and wake signal processes are executed by the security module processor (i.e., the claimed “security system processor”), which implements the code (the claimed “wake code”) stored on the storage 20 of the security module 19. Id. at 61–62. Petitioner further explains that Gordon’s host agent is claimed mobile device’s “security agent,” which performs the claimed “security services,” such as asset tracking/management/recovery, data protection/deletion, and software deployments/updates. Id. at 64. Other than as discussed above, Patent Owner offers no argument disputing Gordon’s disclosures of the claimed features. We have reviewed Petitioner’s arguments and the underlying evidence cited in support and are persuaded Petitioner sufficiently establishes Gordon teaches the remaining, undisputed limitations in claim 1. See Pet. 46–65. For the reasons explained above, Petitioner has proved by a preponderance of the evidence that claim 1 would have been obvious over Gordon. d. Claim 16 As noted above, independent claim 16 is a method claim parallel in scope to claim 1 and the parties do not argue claim 16 separately. See Pet. 67–69; PO Resp. 30–38. For the same reasons explained above, Petitioner has proved by a preponderance of the evidence that claim 16 would have been obvious over Gordon. IPR2019-00765 Patent 9,843,595 B2 43 e. Claims 9 and 24 Claims 9 and 24 depend, respectively, from claims 1 and 16 and further require “wherein the performing the particular security services includes removing unauthorized data from the mobile device.” Petitioner cites Gordon’s teaching that that the services invoked by the security module 19 include “data delete,” as encompassing the additional function recited in claims 9 and 24. Pet. 65, 69. Patent Owner does not dispute Petitioner’s assertions in this regard. We have reviewed Petitioner’s arguments and the underlying evidence cited in support and are persuaded Petitioner sufficiently establishes Gordon teaches “wherein the performing the particular security services includes removing unauthorized data from the mobile device.” f. Claims 11 and 26 Claims 11 and 26 depend, respectively, from claims 1 and 16 and further require “wherein the performing the particular security services includes re-imaging the mobile device.” Petitioner cites Gordon’s teaching of installing and updating software, as well as reinstalling the laptop’s operating system as corresponding to the additional function in claims 11 and 26. Pet. 66. Patent Owner does not dispute Petitioner’s assertions in this regard. We have reviewed Petitioner’s arguments and the underlying evidence cited in support and are persuaded Petitioner sufficiently establishes Gordon teaches “wherein the performing the particular security services includes re-imaging the mobile device.” 4. Fourth Ground: Obviousness of Claims 13, 14, 28, and 29 based on Gordon and Zmudzinski Petitioner contends claims 13, 14, 28, and 29 would have been obvious over Gordon and Zmudzinski. Pet. 70–75. Like its earlier Joseph- IPR2019-00765 Patent 9,843,595 B2 44 Zmudzinski combination, Petitioner relies on Zmudzinski’s virus scan for teaching a malware scan (claims 13 and 28) and a data security scan (claims 14 and 29). Petitioner’s rationale for combining Zmudzinski’s virus scan— i.e., the known benefits of scanning/protecting devices—mirrors its rationale for its Joseph-Zmudzinski combination. See Pet. 73–74. Patent Owner does not raise any additional arguments contesting Petitioner’s Gordon- Zmudzinski combination. For the reasons explained in Section II.D.2 above, we agree with Petitioner’s analysis. Thus, we find Petitioner has shown by a preponderance of evidence that claims 13, 14, 28, and 29 would have been obvious over Gordon and Zmudzinski. 5. Fifth Ground: Obviousness of Claims 11 and 26 based on Joseph and Gordon Petitioner sets forth a combination of Joseph and Gordon with respect to claims 11 and 26 substantially similar to its assertion of Joseph alone in Ground 1. See Pet. 75–78. In addition, Petitioner relies on Gordon’s teaching of installing and updating software, as well as reinstalling the laptop’s operating system, as corresponding to the additional function in claims 11 and 26. Patent Owner does not raise any additional arguments contesting Petitioner’s Joseph/Gordon combination. For the reasons explained above in Sections II.D.1 and II.D.3.f, we agree with Petitioner that the combined teachings of Joseph and Gordon disclose each limitation in claims 11 and 26. In addition, we find Petitioner articulated sufficient reasoning with some rational underpinning to support the legal conclusion that its proffered combination of Joseph and Gordon would have been obvious to one skilled in the art. See KSR, 550 U.S. at 418. Specifically, as Petitioner explains, one of ordinary skill in the art would have found it obvious to implement Gordon’s OS reinstallation functionality on Joseph’s IPR2019-00765 Patent 9,843,595 B2 45 laptop as a well-known security utility, with the Joseph laptop having similar capabilities as the Gordon system. See Pet. 76–77. Further, Petitioner notes, one of ordinary skill in the art would have been motivated to perform OS updating as “a routine part of computer security maintenance” and “a common method of repair after a malware infection.” Id. at 77. Thus, we find Petitioner has shown by a preponderance of evidence that claims 11 and 26 would have been obvious over Joseph and Gordon. III. CONCLUSION8 We have reviewed the Petition, Patent Owner Response, Petitioner Reply, and Patent Owner Sur-Reply. We have considered all of the evidence and arguments presented by Petitioner and Patent Owner, and have weighed and assessed the entirety of the evidence as a whole. We determine, on this record, that Petitioner has demonstrated by a preponderance of evidence that claims 1, 9, 11, 13, 14, 16, 24, 26, 28, and 29 of the ’595 patent are unpatentable as follows: 8 Should Patent Owner wish to pursue amendment of the challenged claims in a reissue or reexamination proceeding subsequent to the issuance of this Decision, we draw Patent Owner’s attention to the April 2019 Notice Regarding Options for Amendments by Patent Owner Through Reissue or Reexamination During a Pending AIA Trial Proceeding. See 84 Fed. Reg. 16,654 (Apr. 22, 2019). If Patent Owner chooses to file a reissue application or a request for reexamination of the challenged patent, we remind Patent Owner of its continuing obligation to notify the Board of any such related matters in updated mandatory notices. See 37 C.F.R. § 42.8(a)(3), (b)(2). Claims 35 U.S.C. § Reference(s)/Basis Claims Shown Unpatentable Claims Not Shown Unpatentable 1, 9, 16, 24 103 Joseph 1, 9, 16, 24 13, 14, 103 Joseph, 13, 14, 28, 29 IPR2019-00765 Patent 9,843,595 B2 46 IV. ORDER It is hereby: ORDERED that claims 1, 9, 16, and 24 are unpatentable under 35 U.S.C. § 103(a) as obvious over Joseph; FURTHER ORDERED that claims 13, 14, 28, and 29 are unpatentable under 35 U.S.C. § 103(a) as obvious over Joseph and Zmudzinski; FURTHER ORDERED that claims 1, 9, 11, 16, 24, and 26 are unpatentable under 35 U.S.C. § 103(a) as obvious over Gordon; FURTHER ORDERED that claims 13, 14, 28, and 29 are unpatentable under 35 U.S.C. § 103(a) as obvious over Gordon and Zmudzinski, and FURTHER ORDERED that claims 11 and 26 are unpatentable under 35 U.S.C. § 103(a) as obvious over Joseph and Gordon; and FURTHER ORDERED that this Decision is final, and a party to this proceeding seeking judicial review of the Decision must comply with the notice and service requirements of 37 C.F.R. § 90.2. 28, 29 Zmudzinski 1, 9, 11, 16, 24, 26 103 Gordon 1, 9, 11, 16, 24, 26 13, 14, 28, 29 103 Gordon, Zmudzinski 13, 14, 28, 29 11, 26 103 Joseph, Gordon 11, 26 Overall Outcome 1, 9, 11, 13, 14, 16, 24, 26, 28, 29 IPR2019-00765 Patent 9,843,595 B2 47 PETITIONER: Robert Buergi Robert.buergi@dlapiper.com Gianni Minutolli Gianni.minutoli@dlapiper.com James Heintz Jim.heintz@dlapiper.com PATENT OWNER: James Hannah jhannah@kramerlevin.com Jeffrey Price jprice@kramerlevin.com Michael Lee mhlee@kramerlevin.com Copy with citationCopy as parenthetical citation
