USOO861
`
`(12) United States Patent
`Wysopal et al.
`
`(10) Patent No.:
`(45) Date of Patent:
`
`US 8,613,080 B2
`Dec. 17, 2013
`
`(54) ASSESSMENT AND ANALYSIS OF
`SOFTWARE SECURITY FLAWS IN VIRTUAL
`MACHINES
`
`(56)
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`(75) Inventors: Christopher J. Wysopal, Concord, MA
`(US); Matthew P. Moynahan,
`Gloucester, MA (US); Jon R. Stevenson,
`Sudbury, MA (US)
`Assignee: Veracode, Inc., Burlington, MA (US)
`Notice:
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 60 days.
`Appl. No.: 13/154,576
`
`(73)
`(*)
`
`(21)
`(22)
`(65)
`
`Filed:
`
`Jun. 7, 2011
`
`Prior Publication Data
`US 2012/OO72968 A1
`Mar. 22, 2012
`
`Related U.S. Application Data
`(63) Continuation-in-part of application No. 12/884,544,
`filed on Sep. 17, 2010, which is a continuation-in-part
`of application No. 12/819,627, filed on Jun. 21, 2010,
`which is a continuation-in-part of application No.
`12/031,918, filed on Feb. 15, 2008, now Pat. No.
`8,499,353.
`Provisional application No. 61/243,735, filed on Sep.
`18, 2009, provisional application No. 61/352,079,
`filed on Jun. 7, 2010, provisional application No.
`60/901,874, filed on Feb. 16, 2007.
`
`(60)
`
`(51)
`
`(52)
`
`(58)
`
`(2006.01)
`
`Int. C.
`H04L 29/06
`U.S. C.
`USPC ............................................... 726/19; 726/22
`Field of Classification Search
`USPC ...................................................... 726/19, 22
`See application file for complete search history.
`
`4,527,237 A
`4,533,997 A
`4,931,928 A
`5,263,162 A
`5,325,531 A
`
`Frieder et al.
`7, 1985
`Furgerson
`8, 1985
`Greenfeld
`6, 1990
`Lundeby
`11, 1993
`McKeeman et al.
`6, 1994
`(Continued)
`
`FOREIGN PATENT DOCUMENTS
`
`WO
`WO
`WO
`WO
`
`WO-0186427 A2
`WO-2004003706 A2
`WO-2008103286 A2
`WO-200909761.0 A1
`
`11, 2001
`1, 2004
`8, 2008
`8, 2009
`
`OTHER PUBLICATIONS
`
`Ahpah Software, Inc. SourceAain and Java Decompilation Up
`dated Dec. 9, 2001. White Paper: SourceAgain and Java Decompila
`tion retrieved from http://www.ahpah.com/whitepaper.html on Dec.
`4, 2002.
`
`(Continued)
`
`Primary Examiner — Jeffrey Pwu
`Truong
`Assistant Examiner — Thong
`(74) Attorney, Agent, or Firm
`- Goodwin Procter LLP
`
`(57)
`ABSTRACT
`Security analysis and Vulnerability testing results are "pack
`aged' or “bound to the actual software it describes. By
`linking the results to the software itself, downstream users of
`the software can access information about the software, make
`informed decisions about implementation of the software,
`and analyze the security risk across an entire system by
`accessing all (or most) of the reports associated with the
`executables running on the system and Summarizing the risks
`identified in the reports.
`
`16 Claims, 12 Drawing Sheets
`
`APPLICATION
`0.
`
`EXTERNAL
`THREATs
`SOURCES5
`
`councAtNS
`SERWER
`2.
`
`ANALYSSENGINE
`125
`
`
`
`DYNAMI
`TSTING
`ENGINE3
`
`STAT&
`TESTING
`ENGINESS
`
`PEN
`TESTING
`ENGINE14
`
`ANUAL CE
`REWEW
`MoDULEas
`
`
`
`RTY
`THREAT
`DATABASE
`5
`
`
`
`ASSESSMENT
`RESULTS
`DATABASE
`155
`
`sECURITY AssEssMENTPLATFoRMiGs
`
`WIZ, Inc. EXHIBIT - 1036
`WIZ, Inc. v. Orca Security LTD.
`
`
`
`(12) United States Patent
`Wysopal et al.
`
`(10) Patent No.:
`(45) Date of Patent:
`
`US 8,613,080 B2
`Dec. 17, 2013
`
`(54) ASSESSMENT AND ANALYSIS OF
`SOFTWARE SECURITY FLAWS IN VIRTUAL
`MACHINES
`
`(56)
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`(75) Inventors: Christopher J. Wysopal, Concord, MA
`(US); Matthew P. Moynahan,
`Gloucester, MA (US); Jon R. Stevenson,
`Sudbury, MA (US)
`Assignee: Veracode, Inc., Burlington, MA (US)
`Notice:
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 60 days.
`Appl. No.: 13/154,576
`
`(73)
`(*)
`
`(21)
`(22)
`(65)
`
`Filed:
`
`Jun. 7, 2011
`
`Prior Publication Data
`US 2012/OO72968 A1
`Mar. 22, 2012
`
`Related U.S. Application Data
`(63) Continuation-in-part of application No. 12/884,544,
`filed on Sep. 17, 2010, which is a continuation-in-part
`of application No. 12/819,627, filed on Jun. 21, 2010,
`which is a continuation-in-part of application No.
`12/031,918, filed on Feb. 15, 2008, now Pat. No.
`8,499,353.
`Provisional application No. 61/243,735, filed on Sep.
`18, 2009, provisional application No. 61/352,079,
`filed on Jun. 7, 2010, provisional application No.
`60/901,874, filed on Feb. 16, 2007.
`
`(60)
`
`(51)
`
`(52)
`
`(58)
`
`(2006.01)
`
`Int. C.
`H04L 29/06
`U.S. C.
`USPC ............................................... 726/19; 726/22
`Field of Classification Search
`USPC ...................................................... 726/19, 22
`See application file for complete search history.
`
`4,527,237 A
`4,533,997 A
`4,931,928 A
`5,263,162 A
`5,325,531 A
`
`Frieder et al.
`7, 1985
`Furgerson
`8, 1985
`Greenfeld
`6, 1990
`Lundeby
`11, 1993
`McKeeman et al.
`6, 1994
`(Continued)
`
`FOREIGN PATENT DOCUMENTS
`
`WO
`WO
`WO
`WO
`
`WO-0186427 A2
`WO-2004003706 A2
`WO-2008103286 A2
`WO-200909761.0 A1
`
`11, 2001
`1, 2004
`8, 2008
`8, 2009
`
`OTHER PUBLICATIONS
`
`Ahpah Software, Inc. SourceAain and Java Decompilation Up
`dated Dec. 9, 2001. White Paper: SourceAgain and Java Decompila
`tion retrieved from http://www.ahpah.com/whitepaper.html on Dec.
`4, 2002.
`
`(Continued)
`
`Primary Examiner — Jeffrey Pwu
`Truong
`Assistant Examiner — Thong
`(74) Attorney, Agent, or Firm
`- Goodwin Procter LLP
`
`(57)
`ABSTRACT
`Security analysis and Vulnerability testing results are "pack
`aged' or “bound to the actual software it describes. By
`linking the results to the software itself, downstream users of
`the software can access information about the software, make
`informed decisions about implementation of the software,
`and analyze the security risk across an entire system by
`accessing all (or most) of the reports associated with the
`executables running on the system and Summarizing the risks
`identified in the reports.
`
`16 Claims, 12 Drawing Sheets
`
`APPLICATION
`0.
`
`EXTERNAL
`THREATs
`SOURCES5
`
`councAtNS
`SERWER
`2.
`
`ANALYSSENGINE
`125
`
`
`
`DYNAMI
`TSTING
`ENGINE3
`
`STAT&
`TESTING
`ENGINESS
`
`PEN
`TESTING
`ENGINE14
`
`ANUAL CE
`REWEW
`MoDULEas
`
`
`
`RTY
`THREAT
`DATABASE
`5
`
`
`
`ASSESSMENT
`RESULTS
`DATABASE
`155
`
`sECURITY AssEssMENTPLATFoRMiGs
`
`WIZ, Inc. EXHIBIT - 1036
`WIZ, Inc. v. Orca Security LTD.
`
`
`
`US 8,613,080 B2
`US 8,613,080 B2
`Page 2
`
`Page 2
`
`(56)
`(56)
`
`References Cited
`References Cited
`
`U.S. PATENT DOCUMENTS
`U.S. PATENT DOCUMENTS
`
`7,856,624 B2 12/2010 Plum
`7,856,624 B2
`12/2010 Plum
`7,874,001 B2
`1/2011 Becket al.
`7,874,001 B2
`1/2011 Becket al.
`7,891,003 B2
`2/2011 Mir et al.
`7,891,003 B2
`2/2011 Miret al.
`7,930,753 B2
`4/2011 Mellinger et al.
`7,930,753 B2
`4/2011 Mellingeret al.
`7,937,693 B2
`5, 2011 Victorov
`7,937,693 B2
`5/2011 Victorov
`8,069,487 B2 11/2011 Fanton et al.
`8,069,487 B2
`11/2011 Fantonetal.
`8,087,067 B2 12/2011 Mahaffey et al.
`8,087,067 B2
`12/2011 Mahaffey et al.
`8, 108,933 B2
`1/2012 Mahaffey
`8,108,933 B2
`1/2012 Mahaffey
`8,136,104 B2
`3/2012 Papakipos et al.
`8,136,104 B2
`3/2012 Papakiposetal.
`8,161,464 B2
`4/2012 Archambault et al.
`8,161,464 B2
`4/2012 Archambaultet al.
`8, 161,548 B1
`4/2012 Wan ................................ 726/22
`8,161,548 BL*
`4/2012 Wan ccccccccererenes 726/22
`8,171,553 B2
`5, 2012 Aziz et al.
`8,171,553 B2
`5/2012 Aziz etal.
`8, 181,251 B2
`5/2012 Kennedy
`8,181,251 B2
`5/2012 Kennedy
`8,225,409 B2
`7/2012 Newman et al.
`8,225,409 B2
`7/2012 Newman et al.
`8,272,058 B2
`9/2012 Brennan
`8,272,058 B2
`9/2012 Brennan
`8,281.290 B2 10/2012 Thompson
`8,281,290 B2
`10/2012 Thompson
`8,290,245 B2 10/2012 Turbell et al.
`8,290,245 B2
`10/2012 Turbell etal.
`8.332,944 B2 12/2012 Rozenberg et al.
`8,332,944 B2
`12/2012 Rozenberg et al.
`8,347,386 B2
`1/2013 Mahaffey et al.
`8,347,386 B2
`1/2013 Mahaffey etal.
`8,365,155 B2
`1/2013 Rioux
`8,365,155 B2
`1/2013 Rioux
`2001/0020272 Al
`9/2001 Le Pennecetal.
`2001/0020272 A1
`9, 2001 Le Pennec et al.
`2004/OO73445 A1
`4/2004 Mellinger et al.
`2004/0073445 Al
`4/2004 Mellingeretal.
`2004.0102923 A1
`5/2004 Tracy et al.
`2004/0102923 Al
`5/2004 ‘Tracyetal.
`2004/0267700 Al
`12/2004 Dumaisetal.
`2004/0267700 A1 12/2004 Dumais et al.
`2005/0108037 Al
`5/2005 Bhimanietal.
`2005, 0108037 A1
`5/2005 Bhimani et al.
`2005, 0138426 A1
`6/2005 Styslinger
`2005/0138426 Al
`6/2005 Styslinger
`2006, 0021055 A1
`1/2006 Judge et al.
`2006/0021055 Al
`1/2006 Judgeetal.
`2006/0095967 Al
`5/2006 Durham etal.
`2006/0095967 A1
`5, 2006 Durham et al.
`2006, O136424 A1
`6/2006 Nuggehallietal.
`2006/0136424 Al
`6/2006 Nuggehalli et al.
`2006/O190769 A1
`8/2006 Doddapaneni et al.
`2006/0190769 Al
`8/2006 Doddapanenietal.
`2006/0218639 Al
`9/2006 Newman etal.
`2006/0218639 A1
`9, 2006 Newman et al.
`2006/0277607 A1 12/2006 Chung
`2006/0277607 Al
`12/2006 Chung
`2007/0022287 AL*
`1/2007 Becketal. we 713/164
`2007/0022287 A1
`1/2007 Becket al. .................... T13, 164
`2007/0101433 Al
`5/2007 Louchetal.
`2007/0101433 A1
`5/2007 Louch et al.
`2007/0180490 Al
`8/2007 Renzi etal.
`2007,0180490 A1
`8, 2007 Renzi et al.
`2007/0240218 Al
`10/2007 Tuvelletal.
`2007/0240218 A1 10, 2007 Tuvellet al.
`2007/0261061 Al
`11/2007 Staniford etal.
`2007/0261061 A1 11/2007 Staniford et al.
`2007/0294766 Al
`12/2007 Miretal.
`2007,0294.766 A1 12/2007 Mir et al.
`2008/0005782 Al
`1/2008 Aziz
`2008.0005782 A1
`1/2008 AZiz
`2008/0204763 Al
`8/2008 Turbell et al.
`2008/0204763 A1
`8, 2008 Turbell et al.
`2008/0209567 Al
`8/2008 Lockhart et al.
`2008/0209567 A1
`8, 2008 Lockhart et al.
`2009/0165135 Al
`6/2009 Lomontetal.
`2009/O165135 A1
`6/2009 Lomont et al.
`2010/0031353 Al
`2/2010 Thomaset al.
`2010, OO31353 A1
`2/2010 Thomas et al.
`2010/0058474 Al
`3/2010 Hicks
`2010.00584.74 A1
`3/2010 Hicks
`2010.00584.75 A1
`3/2010 Thummalapenta et al.
`2010/0058475 Al
`3/2010 Thummalapentaetal.
`2010/0281248 Al
`11/2010 Lockhart et al.
`2010/0281248 A1 11/2010 Lockhart et al.
`2011/004.7594 A1
`2/2011 Mahaffey et al.
`2011/0047594 Al
`2/2011 Mahaffey etal.
`2011 0145920 A1
`6/2011 Mahaffey et al.
`2011/0145920 Al
`6/2011 Mahaffey etal.
`2011/0173693 A1
`7/2011 Wysopal et al.
`2011/0173693 Al
`7/2011 Wysopaletal.
`2012fOO72968 A1
`3/2012 Wysopal et al.
`2012/0072968 Al
`3/2012 Wysopaletal.
`2012/01 17650 A1
`5/2012 Nachenberg
`2012/0117650 Al
`5/2012 Nachenberg
`2012/0174224 Al
`7/2012 Thomaset al.
`2012/0174224 A1
`7/2012 Thomas et al.
`2013/0097706 Al
`4/2013 Titoniset al.
`2013/00977O6 A1
`4/2013 Titonis et al.
`OTHER PUBLICATIONS
`OTHER PUBLICATIONS
`
`Ahpah Software, Inc. SourceAgain PC Professional, Ahpah Soft
`Ahpah Software, Inc. SourceAgain PC Professional, Ahpah Soft-
`ware, Inc. / SourceAgain PC Professional retrieved from http://www.
`ware,Inc. / SourceAgain PC Professionalretrieved from http://www.
`ahpah.com/sourceagain? sourceagain. Sub.--professional.html
`O
`ahpah.com/sourceagain/sourceagain.sub.--professional html
`on
`Dec. 4, 2002.
`Dec. 4, 2002.
`Backer StreetSoftware. REC Reverse Engineering Compiler. REC
`BackerStreet Software. REC—Reverse Engineering Compiler. REC
`Decompiler Home Page retrieved from http://www.backerstreet.
`Decompiler Home Page retrieved from http:/Avww.backerstreet.
`com/rec/rec.htm on Dec. 3, 2002.
`com/rec/rec.htm on Dec. 3, 2002.
`Blume, W. & Eigenmann, R., “Demand-driven Symbolic Range
`Blume, W. & Eigenmann, R., “Demand-driven Symbolic Range
`Propagation'. University of Illinois Urbana-Champaign, 1-15
`Propagation”, University of Illinois Urbana-Champaign,
`1-15
`(1995).
`(1995).
`Blume, W.J., “Symbolic Analysis Techniques for Effective Auto
`Blume, W.J., “Symbolic Analysis Techniques for Effective Auto-
`matic Parallelization'. University of Illinois at Urbana-Champaign
`matic Parallelization”, University of Illinois at Urbana-Champaign
`(1995).
`(1995).
`Bohme, Rainer “A Comparison of Market Approaches to Software
`Bohme, Rainer “A Comparison of Market Approaches to Software
`Vulnerability Disclosure'. Springer-Verlag Berlin Heidelberg, 2006
`Vulnerability Disclosure”, Springer-Verlag Berlin Heidelberg, 2006
`(14 pages).
`(14 pages).
`Breuer et al., “Decompilation: The enumeration of types and gram
`Breuer et al, “Decompilation: The enumeration of types and gram-
`mars'. ACM Trans. on Prog. Lang, and Sys, vo. 16, No. 5, pp.
`mars”, ACM Trans. on Prog. Lang. and Sys. vo. 16, No. 5, pp.
`1613-1647, 1994.
`1613-1647, 1994.
`Breuer, P.T. and Bowen, J.P. (1992d), “Generating Decompilers'.
`Breuer, P.T. and Bowen, J.P., (1992d), “Generating Decompilers”,
`Draft, Oxford University Computing Laboratory. Submitted for Pub
`Draft, Oxford University Computing Laboratory. Submitted for Pub-
`lication.
`lication.
`
`PPPPPEEPEEEEPPPEEPPEPrrrrEEPPS
`
`Bl
`B2
`B2
`Bl
`B2
`B2
`B2
`B2
`B2
`B2
`B2
`B2
`B2
`B2
`B2
`Bl
`Bl
`Bl
`Bl
`Bl
`Bl
`Bl
`Bl
`B2
`B2
`B2
`B2
`B2
`Bl
`
`Bl
`
`5.432,942
`5,432,942
`5,481,708
`5,481,708
`5,586,328
`5,586,328
`5,590,330
`5,590,330
`5,715.403
`5,715,403
`5,793,374
`5,793,374
`5,812,851
`5,812,851
`5,819,097
`5,819,097
`5,854,924
`5,854,924
`5,854,929
`5,854,929
`5,862.382
`5,862,382
`5,864,871
`5,864,871
`5,875,334
`5,875,334
`5,881,290
`5,881,290
`5,892,900
`5,892,900
`5,918,035
`5,918,035
`5,933,635
`5,933,635
`5.937,190
`5,937,190
`5.937,192
`5,937,192
`6,009.256
`6,009,256
`6,014,518
`6,014,518
`6,026,485
`6,026,485
`6,064,819
`6,064,819
`6,071,317
`6,071,317
`6,078,745
`6,078,745
`6,125,439
`6,125,439
`6,151,701
`6,151,701
`6,151,706
`6,151,706
`6,154,876
`6,154,876
`6,175,948
`6,175,948
`6,240,376
`6,240,376
`6,240,547
`6,240,547
`6,243,848
`6,243,848
`6,249,910
`6,249,910
`6,311,327
`6,311,327
`6,336,087
`6,336,087
`6,381,738
`6,381,738
`6,412,106
`6,412,106
`6.457,172
`6,457,172
`6,594,761
`6,594,761
`6,601.235
`6,601,235
`6,631473
`6,631,473
`6,668,325
`6,668,325
`6,766,481
`6,766,481
`6,779,114
`6,779,114
`6,820.256
`6,820,256
`6,892,303
`6,892,303
`6,925,638
`6,925,638
`6,928,638
`6,928,638
`6,961,925
`6,961,925
`6,980,927
`6,980,927
`7,051,322
`7,051,322
`7,089,590
`7,089,590
`7,140,008
`7,140,008
`7,155,708
`7,155,708
`7,162.473
`7,162,473
`7,171,655
`7,171,655
`7,185,323
`7,185,323
`7,266,813
`7,266,813
`7,284.274
`7,284,274
`7,315,903
`7,315,903
`7,376,939
`7,376,939
`7,389,208
`7,389,208
`7,430,670
`7,430,670
`7,437,764
`7,437,764
`7,458,067
`7,458,067
`7,548,946
`7,548,946
`7,594,269
`7,594,269
`7,707,566
`7,707,566
`7,743,336
`7,743,336
`7,752,609
`7,752,609
`7,779,394
`7,779,394
`7,779.472
`7,779,472
`7,840,845
`7,840,845
`7,840,951
`7,840,951
`
`T1995
`7, 1995
`1/1996
`1, 1996
`12/1996
`12, 1996
`12/1996
`12, 1996
`2/1998
`2, 1998
`8/1998
`8, 1998
`9/1998
`9, 1998
`10/1998
`10, 1998
`12/1998
`12, 1998
`12/1998
`12, 1998
`1/1999
`1, 1999
`1/1999
`1, 1999
`2/1999
`2, 1999
`3/1999
`3, 1999
`4/1999
`4, 1999
`6/1999
`6, 1999
`8/1999
`8, 1999
`8/1999
`8, 1999
`8/1999
`8, 1999
`12/1999
`12, 1999
`1/2000
`1, 2000
`2/2000
`2, 2000
`5/2000
`5, 2000
`6/2000
`6, 2000
`6/2000
`6, 2000
`9/2000
`9, 2000
`11/2000
`11, 2000
`11/2000
`11, 2000
`11/2000
`11, 2000
`1/2001
`1, 2001
`5/2001
`5, 2001
`5/2001
`5, 2001
`6/2001
`6, 2001
`6/2001
`6, 2001
`10/2001
`10, 2001
`1/2002
`1, 2002
`4/2002
`4, 2002
`6/2002
`6, 2002
`9/2002
`9, 2002
`7/2003
`T/2003
`7/2003
`T/2003
`10/2003
`10, 2003
`12/2003
`12, 2003
`7/2004
`T/2004
`8/2004
`8, 2004
`11/2004
`11, 2004
`5/2005
`5/2005
`8/2005
`8, 2005
`8/2005
`8, 2005
`11/2005
`11/2005
`12/2005
`12, 2005
`5/2006
`5, 2006
`8/2006
`8, 2006
`11/2006
`11, 2006
`12/2006
`12, 2006
`1/2007
`1/2007
`1/2007
`1/2007
`2/2007
`2, 2007
`9/2007
`9, 2007
`10/2007
`10, 2007
`1/2008
`1, 2008
`5/2008
`5/2008
`6/2008
`6, 2008
`9/2008
`9, 2008
`10/2008
`10, 2008
`11/2008
`11, 2008
`6/2009
`6, 2009
`9/2009
`9, 2009
`4/2010
`4, 2010
`6/2010
`6, 2010
`7/2010
`T/2010
`8/2010
`8, 2010
`8/2010
`8, 2010
`11/2010
`11, 2010
`11/2010
`11, 2010
`
`Trainer
`Trainer
`Kukol
`Kukol
`Caronet al.
`Caron et al.
`Coskunetal.
`Coskun et al.
`Stefik
`Stefk
`Guenteret al.
`Guenter et al.
`Levy et al.
`Levyetal.
`Brookset al.
`Brooks et al.
`Rickelet al.
`Rickel et al.
`Van Praet etal.
`Van Praet et al.
`Kataoka
`Kataoka
`Kitain et al.
`Kitain et al.
`Chowetal.
`Chow et al.
`Ansari et al.
`Ansarietal.
`Ginteret al.
`Ginter et al.
`Van Praet etal.
`Van Praet et al.
`Holzle et al.
`Holzle et al.
`Gregory et al.
`Gregory et al.
`Martin
`Martin
`Tseng et al.
`Tsenget al.
`Steensgaard
`Steensgaard.
`O’Connoret al.
`O'Connor et al.
`Franssen etal.
`Franssen et al.
`Nagel
`Nagel
`De Greefet al.
`De Greef et al.
`Tremblay et al.
`Tremblay etal.
`Humphreys et al.
`Humphreyset al.
`Lo et al.
`Lo et al.
`Haley et al.
`Haleyet al.
`Miller et al.
`Miller et al.
`Raynaud et al.
`Raynaudetal.
`Holzle et al.
`Holzle et al.
`Guignet et al.
`Guignet et al.
`Ju etal.
`Ju et al.
`O’Brienet al.
`O'Brien et al.
`Burgun et al.
`Burgunetal.
`Choiet al.
`Choi et al.
`Leasket al.
`Leask et al.
`Carmichaelet al.
`Carmichael et al.
`Chowetal.
`Chow et al.
`Holzle et al.
`Holzle et al.
`Townsend
`Townsend
`Collberg et al.
`Collberget al.
`Estep et al.
`Estep et al.
`Chowetal.
`Chow et al.
`Fleehart et al.
`Fleehart et al.
`Le Pennecetal.
`Le Pennec et al.
`Kovedet al.
`Koved et al.
`Parvathalaet al.
`Parvathala et al.
`Callahan, II et al.
`Callahan,II et al.
`Tracy et al.
`Tracy et al.
`Rioux
`Rioux
`Judge et al.
`Judgeet al.
`Chilimbi et al.
`Chilimbi et al.
`Hammeset al.
`Hammes et al.
`Dumais etal.
`Dumais et al.
`Gordonetal.
`Gordon et al.
`Nairet al.
`Nair et al.
`Nistleretal.
`Nistler et al.
`Walls et al.
`Walls et al.
`Bowden
`Bowden
`Nayak et al.
`Nayak etal.
`Solinsky
`Solinsky
`Horning et al.
`Horninget al.
`Sobel et al. nee 726/22
`Sobel et al. ..................... 726/22
`Tirumalaiet al.
`Tirumalai et al.
`Saulpaugh et al.
`Saulpaughetal.
`Durham etal.
`Durham et al.
`Groveretal.
`Grover et al.
`Louchetal.
`Louch et al.
`Rioux
`Rioux
`Homing et al.
`Homingetal.
`Lou
`Lou
`Doddapaneni et al.
`Doddapaneni etal.
`Wright et al.
`Wrightetal.
`
`
`
`US 8,613,080 B2
`US 8,613,080 B2
`
`Page 3
`Page 3
`
`(56)
`(56)
`
`References Cited
`References Cited
`OTHER PUBLICATIONS
`OTHER PUBLICATIONS
`
`Burke, "An interval based approach to exaustive and incremental
`Burke, “An interval based approach to exaustive and incremental
`interprocedural data flow analysis'. ACM Trans. on Prog. Language
`interprocedural data flow analysis”, ACM Trans. on Prog. Language
`and Systems, vol. 12, No. 3, pp. 341-395, 1990.
`and Systems, vol. 12, No. 3, pp. 341-395, 1990.
`Business Wire, “The Kernel Group Unveils Java Support for
`Business Wire, “The Kernel Group Unveils Java Support for
`AutoTracel Serviceability Solution Expands Capabilities; Provides
`AutoTracel Serviceability Solution Expands Capabilities; Provides
`JavaSupport and Key Features that Extend its Power and Flexibility”.
`Java Support and Key Features that Extend its Power and Flexibility”,
`Jun. 4, 2001.
`Jun. 4, 2001.
`Choi, J.D. & Ferrante, J., “Static Slicing in the Presence of GOTO
`Choi, J.D. & Ferrante, J., “Static Slicing in the Presence of GOTO
`Statements', IBM T.J. Watson Research Center.
`Statements”, IBM T.J. Watson Research Center.
`Cifuentes, C., “An Environment for the Reverse Engineering of
`Cifuentes, C., “An Environment for the Reverse Engineering of
`Executable Programs”. Proceedings of the Asia-Pacific Software
`Executable Programs”, Proceedings of the Asia-Pacific Software
`Engineering Conference (APSEC), IEEE Computer Society Press,
`Engineering Conference (APSEC), IEEE Computer Society Press,
`Brisbane, Australia, pp. 41-419, Dec. 1995.
`Brisbane, Australia, pp. 41-419, Dec. 1995.
`Cifuentes, C., “Partial Automation of an Integrated Reverse Engi
`Cifuentes, C., “Partial Automation of an Integrated Reverse Engi-
`neering Environment of Binary Code'. Proceedings. Third Working
`neering Environment of Binary Code”, Proceedings Third Working
`Conference on Reverse Engineering, Monterey, CA, IEEE CS
`Conference on Reverse Engineering, Monterey, CA, IEEE—CS
`Press, pp. 50-56, Nov. 8-10, 1996.
`Press, pp. 50-56, Nov. 8-10, 1996.
`Cifuentes, C., “Reverse Compilation Techniques', Queensland Uni
`Cifuentes, C., “Reverse Compilation Techniques”, Queensland Uni-
`versity of Technology (Jul. 1994).
`versity of Technology (Jul. 1994).
`Cifuentes, C. et al., “Assembly to High-Level Language Translation'.
`Cifuentes, C. et al., “Assembly to High-Level Language Translation’,
`University of Queensland, Brisbane, Australia, Dept. of Comp. Sci.
`University of Queensland, Brisbane, Australia, Dept. of Comp. Sci.
`& Elec. Eng., Technical Report 439, Aug. 1993.
`& Elec. Eng., Technical Report 439, Aug. 1993.
`Cifuentes, C. et al., “The Design of a Resourceable and Retargetable
`Cifuentes, C. et al., “The Design of a Resourceable and Retargetable
`Binary Translator'. University of Queensland, Dept. Comp. Sci. &
`Binary Translator’, University of Queensland, Dept. Comp. Sci. &
`Elec. Eng. & Ramsey, N., University of Virginia, Dept. Comp. Sci.
`Elec. Eng. & Ramsey, N., University of Virginia, Dept. Comp. Sci.
`Cifuentes, C. & Fraboulet, A., “Intraprocedural Static Slicing of
`Cifuentes, C. & Fraboulet, A., “Intraprocedural Static Slicing of
`Binary Executables'. University of Queensland, Dept. Comp. Sci.,
`Binary Executables”, University of Queensland, Dept. Comp. Sci.,
`Centre for Software Maintenance.
`Centre for Software Maintenance.
`Cifuentes, C. & Gough, K.J., “Decompilation of Binary Programs”.
`Cifuentes, C. & Gough, K.J., “Decompilation of Binary Programs”,
`Software—Practice and Experience, vol. 25, pp. 811-829, Jul. 1995.
`Software—Practice and Experience, vol. 25, pp. 811-829, Jul. 1995.
`Cifuentes, C. & Sendall, S., “Specifying the Semantics of Machine
`Cifuentes, C. & Sendall, S., “Specifying the Semantics of Machine
`Instructions'. University of Queensland, Dept. Comp. Sci. & Elec.
`Instructions”, University of Queensland, Dept. Comp. Sci. & Elec.
`Eng., Technical Report 442, Dec. 1997.
`Eng., Technical Report 442, Dec. 1997.
`Cifuentes, C. & Simon, D., “Precedural Abstration Recovery from
`Cifuentes, C. & Simon, D., “Precedural Abstration Recovery from
`Binary Code'. University of Queensland, Dept. Comp. Sci. & Elec.
`Binary Code”, University of Queensland, Dept. Comp. Sci. & Elec.
`Eng., Technical Report 448, Sep. 1999.
`Eng., Technical Report 448, Sep. 1999.
`Cifuentes, C. & Van Emmerik, M., “Recovery of Jump Table Case
`Cifuentes, C. & Van Emmerik, M., “Recovery of Jump Table Case
`Statements from Binary Code'. University of Queensland, Dept.
`Statements from Binary Code”, University of Queensland, Dept.
`Comp. Sci. & Elec. Eng. Technical Report 444, Dec. 1998.
`Comp. Sci. & Elec. Eng., Technical Report 444, Dec. 1998.
`Cytron, R. et al., “Efficiently Computing Static Single Assignment
`Cytron, R.et al., “Efficiently Computing Static Single Assignment
`Form and the Control Dependence Graph'. IBM Research Division,
`Form and the Control Dependence Graph”, IBM Research Division,
`Mar. 7, 1991.
`Mar. 7, 1991.
`Dejean et al., “A definition optimization technique used in a code
`Dejean et al, “A definition optimization technique used in a code
`translation algorithm”. Comm... of the ACM, vol. 32, No. 1, pp.
`translation algorithm”, Comm.. of the ACM,vol. 32, No. 1, pp.
`94-105, 1989.
`94-105, 1989.
`Di Lucca Guiseppe A., et al. “Testing Web-based applications: The
`Di Lucca Guiseppe A., et al. “Testing Web-based applications: The
`state of the art and future trends” Information and Software Technol-
`state of the art and future trends' Information and Software Technol
`ogy, 2006 (pp. 1172-1186).
`ogy, 2006 (pp. 1172-1186).
`Duesterwald etal, “A demand driven analyzer for data flow testing at
`Duesterwald et al, “A demand driven analyzer for data flow testing at
`the integration level”, IEEE ICSE, pp. 575-584, 1996.
`the integration level”, IEEE ICSE, pp. 575-584, 1996.
`Duesterwald, E. et al., “A Practical Framework for Demand-Driven
`Duesterwald, E. et al., “A Practical Framework for Demand-Driven
`Interprocedural Data Flow Analysis”. ACM Transactions on Pro
`Interprocedural Data Flow Analysis”, ACM Transactions on Pro-
`gramming Languages and Systems 19, pp. 992-1030, Nov. 1997.
`gramming Languages and Systems 19, pp. 992-1030, Nov. 1997.
`Dyer, D. Java decompilers compared; Our detailed examples of how
`Dyer, D. Java decompilers compared ; Our detailed examples of how
`3 top decompilers handle an extensive test Suite will help you deter
`3 top decompilers handle an extensive test suite will help you deter-
`mine which, if any, meet your needs. JavaWorld (Jul. 1997).
`mine which,if any, meet your needs. JavaWorld (Jul. 1997).
`Gough, I., Queensland University of Technology & Klaeren, H.,
`Gough, I., Queensland University of Technology & Klaeren, H.,
`University of Tubingen, "Eliminating Range Checks using Static
`University of Tubingen, “Eliminating Range Checks using Static
`Single Assignment Form'. Dec. 19, 1994.
`Single Assignment Form’, Dec. 19, 1994.
`Gupta, R., University of Pittsburgh, "Optimizing Array Bound
`Gupta, R., University of Pittsburgh, “Optimizing Array Bound
`Checks. Using Flow Analysis”. ACM SIGPLAN Conference on Pro
`Checks Using Flow Analysis”, ACM SIGPLAN Conference on Pro-
`gramming Language Design and Implementation, White Plains, NY,
`gramming Language Design and Implementation, White Plains, NY,
`Preliminary Version (1995).
`Preliminary Version (1995).
`
`Harrold, M.J. & Soffa, M.L., “Efficient Computation of
`Harrold, MJ. & Soffa, M.L.,
`“Efficient Computation of
`Interprocedural Definition-Use Chains”. ACM Transactions on Pro
`Interprocedural Definition-Use Chains”, ACM Transactions on Pro-
`gramming Language and Systems 16, 175-204 (Mar. 1994).
`gramming Language and Systems 16, 175-204 (Mar. 1994).
`Hollingum, J., “Arithmetic robot modules control robotic produc
`Hollingum, J., “Arithmetic robot modules control robotic produc-
`tion”, Industrial Robot 22, 32-35 (1995).
`tion”, Industrial Robot 22, 32-35 (1995).
`International Search Report for PCT/US2008/002025, mailing date
`International Search Report for PCT/US2008/002025, mailing date
`Sep. 2, 2008 (4 pages).
`Sep. 2, 2008 ( 4 pages).
`Kumar, S., “DisC—Decompiler for TurboC': http://www.
`Kumar,
`S.,
`“DisC—Decompiler
`for TurboC”:
`http://www.
`debugmode.com/dcompile/disc.htm modified Oct. 22, 2001.
`debugmode.com/dcompile/disc.htm modified Oct. 22, 2001.
`Liang, D. & Harrold, M.J., “Efficient Computation of Parameterized
`Liang, D. & Harrold, M.J., “Efficient Computation of Parameterized.
`Pointer Information for Interprocedural Analyses”. Georgia Institute
`Pointer Information for Interprocedural Analyses”, GeorgiaInstitute
`of Technology, Tech Report GIT-CC-00-35, 1-17 (Dec. 2000).
`of Technology, Tech Report GIT-CC-00-35, 1-17 (Dec. 2000).
`Liang, D. & Harrold, M.J., “Light-Weight Context Recovery for
`Liang, D. & Harrold, M.J., “Light-Weight Context Recovery for
`Efficient and Accurate Program Analyses'. Proceedings of the 22nd
`Efficient and Accurate Program Analyses”, Proceedingsof the 22nd.
`International Conference on Software Engineering 1-10 (Jun. 2000).
`International Conference on Software Engineering 1-10 (Jun. 2000).
`MacUser, Programming & systems; Software Review; software for
`MacUser, Programming & systems; Software Review; software for
`the Apple Macintosh computer, Evaluation, vol. 8, 237 (Jan. 1993).
`the Apple Macintosh computer, Evaluation, vol. 8, 237 (Jan. 1993).
`Mittal et al., “Automatic translation of software binaries onto
`Mittal et al, “Automatic translation of software binaries onto
`FPGAs”, ACM DAC, pp. 389-394, 2004.
`FPGAs”, ACM DAC,pp. 389-394, 2004.
`Mycroft, A., “Type-Based Decompilation'. Cambridge University,
`Mycroft, A., “Type-Based Decompilation”, Cambridge University,
`Computer Laboratory.
`Computer Laboratory.
`Myreen et al., “Machine code verification for multiple architectures”
`Myreenet al, “Machine codeverification for multiple architectures”
`IEEE, pp. 1-8, 2008.
`IEEE,pp. 1-8, 2008.
`Orso, A. et al., “Effects of Pointers on Data Dependences”. Georgia
`Orso, A.et al., “Effects of Pointers on Data Dependences”, Georgia
`Institute of Technology, College of Computing, Technical Report
`Institute of Technology, College of Computing, Technical Report
`GIT-VV-00-33, 1-17 (Dec. 2000).
`GIT-VV-00-33, 1-17 (Dec. 2000).
`Partial International Search Report for EP12184590.3 dated May 10,
`Partial International Search Report for EP12184590.3 dated May 10,
`2013, 7 pages.
`2013, 7 pages.
`Patterson, J.R.C., "Accurate Static Branch Prediction by Value Range
`Patterson, J.R.C., “Accurate Static Branch Prediction byValue Range
`Propagation'. Proc. ACM SIGPLAN Conference on Programming
`Propagation”, Proc. ACM SIGPLAN Conference on Programming
`Language and Design Implementation, La Jolla, San Diego, 67-78
`Language and Design Implementation, La Jolla, San Diego, 67-78
`(Jun. 1995).
`(Jun. 1995).
`Pingali, K. & Bilardi G., “Optimal Control Dependence Computation
`Pingali, K. & Bilardi G., “Optimal Control Dependence Computation
`and the Roman-Chariots Problem”, ACM Transactions on Program
`and the Roman-Chariots Problem’, ACM Transactions on Program-
`ming Languages and Systems 19, 1-30 (May 1997).
`ming Languages and Systems 19, 1-30 (May 1997).
`Reilly, D., “Decompilers—friend or foe?”, Java Coffee Breakupdaed
`Reilly, D., “Decompilers—friendor foe?”, Java Coffee Break updaed.
`Jun. 2, 2001 retrieved from http://www.javacoffeebreak.com/ar
`Jun. 2, 2001 retrieved from http://www.javacoffeebreak.com/ar-
`ticles/decompilers. Sub.--friend. Sub.--or-. Sub.--foe.html.
`ticles/decompilers.sub.--friend.sub.--or- .sub.--foe.html.
`Sagiv, M. etal. Precise Interprocedure Dataflow Analysis with Appli
`Sagiv, M.et al. Precise Interprocedure Dataflow Analysis with Appli-
`cations to Constant Propagation. University of Wisconsin-Madison,
`cations to Constant Propagation. University of Wisconsin-Madison,
`Computer Sciences Dept.
`Computer Sciences Dept.
`Saul, J. M. Hardware/Software Codesign fir FPGA-Based Systems.
`Saul, J. M. Hardware/Software Codesign fir FPGA-Based Systems.
`Proceedings of the 32.Sup,nd Hawaii International Conference on
`Proceedings of the 32.sup.nd Hawaii International Conference on
`System Sciences (1999).
`System Sciences (1999).
`Sinha, S. & Harold, M.J., “Analysis and Testing of Programs with
`Sinha, S. & Harold, M.J., “Analysis and Testing of Programs with
`Exception-Handling Constructs', IEEE Transactions on Software
`Exception-Handling Constructs”, IEEE Transactions on Software
`Eng. 26, 1-24 (Sep. 2000).
`Eng. 26, 1-24 (Sep. 2000).
`Stitt et al. “New decompilation techniques for binary level co-pro
`Stitt et al, “New decompilation techniques for binary level co-pro-
`cessor generation', IEEE, pp. 546-553, 2005.
`cessor generation”, IEEE, pp. 546-553, 2005.
`University of Queensland, Comp. Sci & Elec. Eng. The dcc
`University of Queensland, Comp. Sci & Elec. Eng., The dec
`Decompiler, updated on May 4, 2002, retrieved from http://itee.uq.
`Decompiler, updated on May 4, 2002,retrieved from http://itee.uq.
`edu.au/..about.cristinadcc.html on Dec. 4, 2002.
`edu.au/.about.cristina/dec html on Dec. 4, 2002.
`Ural et al. “Modeing software for acurate data flow representaion'.
`Ural et al, “Modeing software for acurate data flow representaion”,
`IEEE, pp. 277-286, 1993.
`IEEE,pp. 277-286, 1993.
`Van Emmerik, M. Signatures for Library Functions in Executable
`Van Emmerik, M. Signatures for Library Functions in Executable
`Files. Queensland University of Technology, Information Security
`Files. Queensland University of Technology, Information Security
`Research Centre.
`Research Centre.
`Van Tyle, S., “Engineering software tools meet demands'. Electronic
`Van Tyle, S., “Engineering software tools meet demands”, Electronic
`Design 42, 71 (Jun. 27, 1994).
`Design 42, 71 (Jun. 27, 1994).
`Written Opinion of the International Searching Authority for PCT/
`Written Opinion of the International Searching Authority for PCT/
`US2008/002025 mailing date Sep. 2, 2008 (6 pages).
`US2008/002025 mailing date Sep. 2, 2008 (6 pages).
`Xu et al., “Dynamic purity analysis for Java programs'. ACM Paste,
`Xu et al, “Dynamic purity analysis for Java programs”, ACM Paste,
`pp. 75-82, 2007.
`pp. 75-82, 2007.
`Yardimci et al., “Mostly static program partitioning of binary
`Yardimei et al, “Mostly static program partitioning of binary
`executables'. ACM Trans. on Prog.Lang, and Sys, vo. 31, No. 5,
`executables”, ACM Trans. on Prog.Lang. and Sys. vo. 31, No. 5,
`article 7, pp. 1-46, 2009.
`article 7, pp. 1-46, 2009.
`* cited by examiner
`* cited by examiner
`
`
`
`U.S. Patent
`U.S. Patent
`
`Dec. 17, 2013
`Dec. 17, 2013
`
`Sheet 1 of 12
`Sheet 1 of 12
`
`US 8,613,080 B2
`US 8,613,080 B2
`
`
`
`APPLICATION
`APPLICATION
`110
`110
`
`EXTERNAL
`EXTERNAL
`THREATS
`THREATS
`SOURCES 115
`SOURCES115
`
`ANALYSIS ENGINE
`ANALYSSENGINE
`125
`125
`
`COMMUNICATIONS
`COMMUNICATIONS
`SERVER
`SERVER
`120
`120
`
`SECURITY ASSESSMENTPLATFORM 105
`
`DYNAMIC
`DYNAMIC
`TESTING
`TESTING
`ENGINE130
`ENGINE 130
`
`STATIC
`STATIC
`TESTING
`TESTING
`ENGINE 135
`ENGINE 135
`
`PEN
`PEN
`TESTING
`TESTING
`ENGINE 140
`ENGINE 140
`
`MANUAL CODE
`MANUAL CODE
`REVIEW
`REVIEW
`MODULE 145
`MODULE145
`
`ECURIT
`THREAT
`THREAT
`DATABASE
`DATABASE
`150
`150
`
`RESULTS
`RESULTS
`DATABASE
`DATABASE
`155
`155
`
`SECURITY ASSESSMENT PLATFORM105
`
`FIG. 1
`FIG. 1
`
`
`
`U.S. Patent
`U.S. Patent
`
`Dec. 17, 2013
`Dec. 17, 2013
`
`Sheet 2 of 12
`Sheet 2 of 12
`
`US 8,613,080 B2
`US 8,613,080 B2
`
`ASSURANCE
`ASSURANCE
`RECOMMENDATION
`RECOMMENDATION
`ENGINE 205
`ENGINE 205
`
`WORKFLOW
`WORKFLOW
`CONSTRUCTOR
`CONSTRUCTOR
`210
`210
`
`WORKFLOW
`WORKFLOW
`ENGINE 220
`ENGINE 220
`o
`a
`
`TESTING
`TESTING
`ENGINES
`ENGINES
`130 - 145
`130 - 145
`
`ASSESSMENT
`ASSESSMENT
`CORRELATION
`CORRELATION
`ENGINE 225
`ENGINE 225
`
`BENCHMARK
`BENCHMARK
`MODULE 235
`MODULE235
`
`ANONYMIZER
`ANONYMIZER
`240
`
`
`
`FLAW
`FLAW
`VIEWER
`VIEWER
`245
`245
`
`GRADING AND
`GRADING AND
`REPORTING
`REPORTING
`MODULE 230
`MODULE 230
`
`STMULUS ANALYSIS
`STIMULUS ANALYSIS
`EVALUATION
`EVALUATION
`ENGINE 215
`ENGINE 215
`
`240
`
`
`DRM
`DRM
`PACKAGER
`PACKAGER
`250
`290
`
`APPLICATION
`APPLICATION
`110
`110
`
`FIG. 2
`FIG,2
`
`
`
`U.S. Patent
`U.S. Patent
`
`Dec. 17, 2013
`Dec. 17, 2013
`
`Sheet 3 of 12
`Sheet 3 of 12
`
`US 8,613,080 B2
`US 8,613,080 B2
`
`
`
`
`
`
`
`REPORTER
`VALIDATOR
`REPORTER
`270
`275
`
`
`275
`
`
`
`ANALYSIS ENGINE
`ANALYSIS ENGINE
`125
`125
`
`TESTING
`TESTING
`ENGINES
`ENGINES
`130 - 145
`130 - 145
`
`270 VALIDATOR
`
`LOAD 1 EXECUTE
`LOAD / EXECUTE
`MODULE
`MODULE
`260
`260
`
`FILE
`FILE
`EXTRACTOR
`EXTRACTOR
`265
`265
`
`VIRTUAL MACHINE
`VIRTUAL MACHINE
`IMAGE FILE
`IMAGE FILE
`F
`
`APPLICATION
`APPLICATION
`IDENTIFIER
`IDENTIFIER
`280
`280
`
`INTERACTION
`INTERACTION
`ANALYZER
`ANALYZER
`285
`285
`
`FIG. 2a
`FIG. 2a
`
`
`
`U.S. Patent
`
`Dec. 17, 2013
`
`Sheet 4 of 12
`
`US 8,613,080 B2
`
`
`
`Shah Maa Pr
`
`
`
`a
`
`
`
`
`
`Sarl Ontianal geasess
`
`
`
`
`
`
`
`
`
`
`
`
`
`as Lage)
`
`
`
`
`
`
`
`
`
`
`
`124
`
`
`
`
`
`
`
`
`¥
`
`
`¥¥
`
`【 有
`
`
`
`
`
`
`
`
`
` 和
`
`330
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`ae)
`
`
`
`
`
`
`
`
`
`
`Bull An
`
`Worktiow
`
`aw
`
`+
`
`
`
`
`
`
`
`
`
`
`
`a
`
`
`
`a
`
`ae
`
`
`
`
`
`
`
` Wiskivar
`SESS
`
`220
`
`
`
`
`
`
`
`网
`”
`
`FIG. 3
`
`
`
`
`
`
`
`
`
`
`
`
`
`U.S. Patent
`
`Dec. 17, 2013
`
`Sheet 5 of 12
`
`US 8,613,080 B2
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`¥
`
`
`
`二
`
`
`
`¥
`
`
`
`U 7
`
`
`
`
`
`
`
`
`
`
`ai
`
`i
`
`
`
`
`
`
`420
`
`+=
`
`Gorrekis Re
`
`
`
`
`
`
`
`
`
`425
`
`
`
`
`
`
`
`
`
`
`
`
`
`Agyication Grading,
`
`
`
`
`RPRSY
`
`
`
`
`
`
`
`FIG. 4
`
`
`
`
`
`
`
`
`
`
`
`
`
`U.S. Patent
`
`Dec. 17, 2013
`
`Sheet 6 of 12
`
`US 8,613,080 B2
`
`
`
`
`
`
`
`
`
`
`
`Spacky mscan conditions
`
`
`
`
`
`
`
`
`
`} 一 515
`
`
`1 Ago’
`
`ne
`
`FIG. 5
`
`
`
`
`
`
`
`
`
`U.S. Patent
`
`Dec. 17, 2013
`
`Sheet 7 of 12
`
`US 8,613,080 B2
`
`
`
`PT
`
`
`
`art BS
`iad Sean
`
`
`
`
`
`SER 2
`
`trent
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`210
`
`WAS
`
`¥
`
`【
`
`Bint ana
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`FIG. 6
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`U.S. Patent
`
`Dec. 17, 2013
`
`Sheet 8 of 12
`
`US 8,613,080 B2
`
`
`
`Stat Main Presses:
`
`}
`
`
`
`
` 705
`
`
`
`
`
`
`
`710
`
`
`
`
`
`
`
`Rinavy Anaiyets Erigits
`135
`
`
`
`
`
`
`
`
`
`
`
`【
`
`【
`
`
`
`
`
`
`
`
`
`715
`
`
`
`APRHYZS® BER
`
`
`
`Review Reesslis:
`
`
`
`
`
`
`
`
`
`720
`
`
`
`
`
`
`
`
`by
`ant
`A
`
`AS Fie deal
`
`
`
`
`
`
`
`
`
`
`|
`oem
` 245
`{serra}
`
`Flaw Viewer
`
`
`
`
`
`
`
`725
`
`
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
