DCT

2:24-cv-00927

AttestWave LLC v. SOTI Inc

Log In
Key Events
Complaint
complaint

I. Executive Summary and Procedural Information

  • Parties & Counsel:
  • Case Identification: 2:24-cv-00927, E.D. Tex., 11/13/2024
  • Venue Allegations: Plaintiff alleges venue is proper because Defendant maintains an established place of business in the Eastern District of Texas and has committed acts of patent infringement within the district.
  • Core Dispute: Plaintiff alleges that Defendant’s unspecified software products infringe a patent related to methods for ensuring the secure and trusted operation of software programs over a network.
  • Technical Context: The technology addresses the challenge of verifying that software on a remote computer is operating correctly and has not been tampered with, which is significant for network security, quality of service, and preventing denial-of-service attacks.
  • Key Procedural History: The complaint does not mention any prior litigation, Inter Partes Review (IPR) proceedings, or licensing history related to the patent-in-suit.

Case Timeline

Date Event
2002-03-16 U.S. Patent 7,895,643 Priority Date
2002-08-14 U.S. Patent 7,895,643 Application Filed
2011-02-22 U.S. Patent 7,895,643 Issued
2024-11-13 Complaint Filed

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 7,895,643 - “Secure logic interlocking”

  • Patent Identification: U.S. Patent No. 7,895,643, “Secure logic interlocking,” issued February 22, 2011 (the “’643 Patent”).

The Invention Explained

  • Problem Addressed: In computer networks like the internet, it is difficult to ensure that software running on a user's machine is behaving as intended and not misusing resources, which can lead to problems like denial-of-service attacks and unstable network performance (’643 Patent, col. 1:15-24). Unlike traditional telephone networks where the network controls the user device, software-based networks allow users to potentially modify software and "control the network rather than the network controlling the users" (’643 Patent, col. 2:35-38).
  • The Patented Solution: The invention proposes a system of "interlocking" a primary software program (e.g., a networking application) with a secondary, security-focused program into a single, inseparable functional unit (’643 Patent, Abstract). This "combined functionality" generates unpredictable security signals or tags that are embedded in the data packets sent by the program. A corresponding "checker" at a network interface, such as a firewall, can then validate these tags. If the tags are correct, the checker can confirm the originating software has not been tampered with and is operating as a "trusted flow," granting it privileged network access (’643 Patent, col. 2:7-19, Fig. 1).
  • Technical Importance: This approach provides a mechanism for a network to verify the integrity and proper behavior of remote client software, allowing the network to differentiate "trusted" traffic from untrusted traffic and apply different quality of service or security policies accordingly (’643 Patent, col. 10:35-46).

Key Claims at a Glance

  • The complaint does not identify specific claims but references "Exemplary '643 Patent Claims" in an un-filed exhibit (Compl. ¶11, ¶16). Independent claim 1 is representative of the core system invention.
  • The essential elements of independent claim 1 include:
    • An "integrated combination" of a "software application logic module" and an "operation assurance logic module."
    • The modules executing to provide combined computing functions, including the "integrated concurrent generation of unique security tags."
    • Storage for the integrated software program and a controller for its execution.
    • The unique security tags are generated only when the integrated program is executed and has not been "tampered with."
    • An "associated operational checking logic" for validating the integrated program by checking the unique security tags.
  • The complaint reserves the right to assert other claims (Compl. ¶11).

III. The Accused Instrumentality

Product Identification

  • The complaint does not name any specific accused products. It refers generally to "Exemplary Defendant Products" that are purportedly identified in an exhibit not filed with the complaint (Compl. ¶11).

Functionality and Market Context

  • The complaint does not provide any description of the accused products' functionality, operation, or market position.

IV. Analysis of Infringement Allegations

The complaint alleges that the "Exemplary Defendant Products" practice the technology of the ’643 Patent and satisfy all elements of the asserted claims (Compl. ¶16). However, it incorporates all specific factual support for this allegation by reference to "the claim charts of Exhibit 2," an exhibit that was not provided with the publicly filed complaint (Compl. ¶17). Without this exhibit, a detailed analysis of the infringement allegations is not possible.

No probative visual evidence provided in complaint.

  • Identified Points of Contention: Based on the language of the patent and the general nature of the dispute, the infringement analysis may raise several questions:
    • Scope Questions: Does an "integrated combination" require a single compiled and obfuscated program, as described in some patent embodiments, or can it read on separate but coordinated software modules? Does the "operational checking logic" need to be part of the same accused product, or can it be a separate component that interacts with it?
    • Technical Questions: What evidence demonstrates that the accused products generate "unique security tags" that are inextricably linked to the correct execution of an "operation assurance logic module"? What is the mechanism of the "checking logic," and how does it validate that the originating program was not "tampered with" as claimed?

V. Key Claim Terms for Construction

  • The Term: "integrated combination" (of a software application logic module and an operation assurance logic module)

  • Context and Importance: This term is central to the "interlocking" concept of the invention. Its construction will determine how tightly coupled the operational and security functions of an accused product must be to infringe. Practitioners may focus on this term because it distinguishes the invention from systems where security and application logic are entirely separate.

  • Intrinsic Evidence for Interpretation:

    • Evidence for a Broader Interpretation: The Abstract describes taking logic modules and "transforming them into a hidden program by integrating modules to execute together into a logic," which could suggest a functional, rather than strictly structural, integration (’643 Patent, Abstract).
    • Evidence for a Narrower Interpretation: The specification repeatedly discusses making the software "unreadable" and "non-modifiable" through obfuscation and making parts "inseparable" (’643 Patent, col. 3:39-41; col. 4:22-23). The process of creating a "single logic program" from multiple modules, as shown in Figures 12A-12D, could support a narrower definition requiring code-level integration.

  • The Term: "operational checking logic"

  • Context and Importance: This term defines the component that validates the security tags. Whether this logic must be part of the accused product or can be a separate, interacting system (e.g., a third-party firewall) is critical for determining the scope of both direct and indirect infringement.

  • Intrinsic Evidence for Interpretation:

    • Evidence for a Broader Interpretation: The claims require an "associated" checking logic, which does not explicitly limit its location or ownership (’643 Patent, col. 38:5-9).
    • Evidence for a Narrower Interpretation: Figure 1 depicts the "Trusted Tag Checker" (TTC) as a distinct component at the network interface, separate from the "Trusted Flow Generator" (TFG) at the end-station (’643 Patent, Fig. 1). This architecture, described as a core part of the system, may suggest the checking logic is intended to be a separate network-side entity.

VI. Other Allegations

  • Indirect Infringement: The complaint alleges induced infringement, stating that Defendant distributes "product literature and website materials" that instruct end users to use the accused products in a manner that infringes the ’643 Patent (Compl. ¶14-15).
  • Willful Infringement: The complaint alleges willfulness based on knowledge obtained from the service of the complaint itself. It asserts that "The service of this Complaint...constitutes actual knowledge" and that Defendant's continued infringement thereafter is willful (Compl. ¶13-14).

VII. Analyst’s Conclusion: Key Questions for the Case

  1. An Evidentiary Question: The immediate and central issue is the complete lack of factual detail in the complaint. A primary question for the court will be to determine what specific products are accused and what technical evidence Plaintiff possesses to support its conclusory allegation that these products meet every limitation of the asserted claims, information which the complaint defers entirely to an un-filed exhibit.

  2. A Question of Claim Scope: Assuming the case proceeds, a key issue will be one of definitional scope: can the term "integrated combination," which is described in patent embodiments as a tightly-bound, obfuscated program, be construed to cover more loosely-coupled software systems where security and application functions might operate as distinct processes that merely communicate with each other?

  3. A Question of System Architecture: The infringement analysis will likely turn on whether the accused "Exemplary Defendant Products" contain both the "integrated combination" that generates security tags and the "operational checking logic" that validates them. Alternatively, if the checking logic is a separate component, the case will raise questions about divided infringement and the factual basis for inducement.