DCT
2:25-cv-00181
Orckit Corporation v. Cisco Systems, Inc.
I. Executive Summary and Procedural Information
- Parties & Counsel:
- Plaintiff: Orckit Corporation (Delaware)
- Defendant: Cisco Systems, Inc. (Delaware)
- Plaintiff’s Counsel: Kobre & Kim LLP
- Case Identification: 2:25-cv-00181, E.D. Tex., 03/19/2025
- Venue Allegations: Plaintiff alleges venue is proper because Defendant maintains a regular and established place of business in the district, including a large data center in Allen, Texas, and has committed acts of infringement there.
- Core Dispute: Plaintiff alleges that Defendant’s networking hardware and software, including stackable switches and platforms for MPLS and Software-Defined Networking, infringe six patents related to network architecture, path recovery, and deep packet inspection.
- Technical Context: The technologies at issue concern methods for improving the reliability, efficiency, and security of large-scale data networks, which are foundational to modern telecommunications and enterprise IT infrastructure.
- Key Procedural History: This action is a refiling of a prior lawsuit between the parties that was dismissed without prejudice after Defendant initiated inter partes review (IPR) proceedings against several of the asserted patents. The complaint notes that the Patent Trial and Appeal Board (PTAB) has since issued Final Written Decisions confirming the patentability of asserted claims in U.S. Patent Nos. 6,680,904; 8,830,821; and 10,652,111. The complaint also alleges that Defendant had knowledge of certain patents-in-suit as early as March 2017 through licensing discussions with a prior patent owner.
Case Timeline
| Date | Event |
|---|---|
| 1999-12-27 | ’904 Patent Priority Date |
| 2004-01-20 | ’904 Patent Issue Date |
| 2011-06-22 | ’821 Patent Priority Date |
| 2014-04-22 | ’111, ’305, ’986, ’475 Patents Priority Date |
| 2014-09-09 | ’821 Patent Issue Date |
| 2017-03-20 | Prior patent owner sends letter to Cisco regarding patent portfolio |
| 2018-11-20 | Prior patent owner identifies ’904 Patent in email to Cisco |
| 2019-12-27 | ’904 Patent Expiration Date |
| 2020-05-12 | ’111 Patent Issue Date |
| 2022-07-22 | Original complaint filed in prior action |
| 2023-09-07 | Markman hearing held in prior action |
| 2023-09-11 | PTAB IPR proceedings instituted |
| 2023-10-18 | Prior action dismissed without prejudice |
| 2024-09-17 | PTAB Final Written Decision issued for ’111 Patent |
| 2024-10-08 | PTAB Final Written Decision issued for ’904 Patent |
| 2024-10-22 | PTAB Final Written Decision issued for ’821 Patent |
| 2025-02-18 | ’305 Patent Issue Date |
| 2025-02-25 | ’986 Patent Issue Date |
| 2025-03-04 | ’475 Patent Issue Date |
| 2025-03-19 | First Amended Complaint Filing Date (Current Action) |
II. Technology and Patent(s)-in-Suit Analysis
U.S. Patent No. 6,680,904 - “BI-DIRECTIONAL CHAINING OF NETWORK ACCESS PORTS,” Issued January 20, 2004
The Invention Explained
- Problem Addressed: The patent describes architectures for Digital Subscriber Line Access Multiplexer (DSLAM) systems, which concentrate traffic from many subscribers onto network trunks. The background implies a need for a robust and scalable architecture that can provide high reliability for these critical access points. (’904 Patent, col. 1:10-40).
- The Patented Solution: The invention proposes a network access apparatus with two master units—an "active master" and a "standby master"—and multiple "slave" units connected between them in one or more "daisy chains." This architecture allows data packets to be transmitted in either direction along a chain. If a failure occurs at a slave unit or a link, the traffic direction in the affected part of the chain is reversed to route through the standby master, providing seamless failover and redundancy. (’904 Patent, col. 2:5-18; Compl. ¶28). The complaint includes a figure from the patent showing the active master (30), standby master (32), and daisy-chained slave units (34). (Compl. p. 7).
- Technical Importance: This dual-master, bi-directional chaining architecture provided a resilient method for delivering "triple-play services" (data, voice, video) by enhancing network reliability, a crucial factor for telecommunications infrastructure. (Compl. ¶22).
Key Claims at a Glance
- The complaint asserts at least claim 6, which depends from independent claim 4. (Compl. ¶73).
- Essential elements of independent claim 4 include:
- First and second master units with interfaces to a packet-switched network.
- A plurality of slave units with ports for subscriber lines.
- A plurality of physical interface lines linking the slave units into one or more daisy chains, with each chain connected between the first and second master units.
- A description of normal operation, wherein downstream packets flow from the first master and upstream packets flow to the first master.
- The complaint also asserts dependent claims 5 (adding a protection interface between masters) and 6 (adding a "bicasting" function for upstream packets). (Compl. ¶29).
U.S. Patent No. 8,830,821 - “METHOD FOR SUPPORTING MPLS TRANSPORT PATH RECOVERY WITH MULTIPLE PROTECTION ENTITIES,” Issued September 9, 2014
The Invention Explained
- Problem Addressed: The background of the invention highlights the need in Multiprotocol Label Switching (MPLS) networks for very fast (sub-50 millisecond) recovery from network failures to maintain connection availability, noting that existing protection mechanisms may not adequately protect against multiple simultaneous failures. (’821 Patent, col. 1:47-55).
- The Patented Solution: The patent describes a system that selects both a "working" entity (primary path) and a "protection" entity (backup path) from a plurality of available network paths. The selection is performed by digital logic that considers both the probability of the two paths failing concurrently and an "entity cost" based on network metrics. The system can also re-evaluate and reselect the entity pair in response to a "reselection event," such as a change in network status or cost. (’821 Patent, Abstract; col. 2:5-21). A figure in the patent shows the logical components for this cost and failure analysis. (’821 Patent, Fig. 1).
- Technical Importance: This invention provided a method for enhancing the resilience of MPLS networks by selecting backup paths based on a sophisticated, multi-factor analysis of risk and performance, rather than simple path availability alone. (Compl. ¶36).
Key Claims at a Glance
- The complaint asserts at least independent claim 14. (Compl. ¶90).
- Essential elements of independent claim 14 include:
- A data structure with transport entity descriptors.
- An entity protection switch for switching between a working and a protection entity.
- Digital logic configured to select the working and protection entities by:
- Determining a probability of their concurrent failure.
- Determining an entity cost.
- Reselecting the entities upon a reselection event.
- A definition of a reselection event, including adding/removing an entity, an operational status change, or a change in overall cost.
U.S. Patent No. 10,652,111 - “METHOD AND SYSTEM FOR DEEP PACKET INSPECTION IN SOFTWARE DEFINED NETWORKS,” Issued May 12, 2020
- Technology Synopsis: This patent, from a family of patents related to Software Defined Networks (SDNs), describes a method for performing deep packet inspection (DPI) efficiently. It addresses the problem of potential bottlenecks and delays created by routing all network traffic to a central controller for inspection by instead having the external controller send an "instruction and a packet-applicable criterion" to a network node. The node then checks packets locally and routes them based on whether they satisfy the criterion, sending packets that match to a different entity than their original destination. (’111 Patent, col. 1:61-2:7; Compl. ¶¶ 40-41).
- Asserted Claims: Independent claim 1. (Compl. ¶105).
- Accused Features: The complaint accuses Cisco’s SD-WAN products, such as the Cisco ASR 1000 Series Routers, which use a central controller to distribute policies to network nodes for local enforcement and routing decisions. (Compl. ¶107).
U.S. Patent No. 12,231,305 - “METHOD AND SYSTEM FOR DEEP PACKET INSPECTION IN SOFTWARE DEFINED NETWORKS,” Issued February 18, 2025
- Technology Synopsis: Belonging to the same family as the ’111 Patent, this invention describes a network node for use in an IP network. The node has connections to receive instructions from an external controller and IP packets from a first entity. The node is configured to check if a received packet satisfies a criterion, where the criterion is that one or more flag bits in the packet's header are set, and to route the packet to a different entity if the criterion is met. (’305 Patent, Abstract; Compl. ¶¶ 46-47).
- Asserted Claims: Independent claim 1. (Compl. ¶121).
- Accused Features: The complaint targets Cisco's SD-WAN products that apply policies based on inspecting packet headers, including TCP flags, to make routing decisions. (Compl. ¶¶ 123, 128).
U.S. Patent No. 12,237,986 - “METHOD AND SYSTEM FOR DEEP PACKET INSPECTION IN SOFTWARE DEFINED NETWORKS,” Issued February 25, 2025
- Technology Synopsis: Also in the same family as the ’111 Patent, this invention details a system for transporting packets between first, second, and third entities. An external controller sends an instruction to a network node that identifies a third entity and a criterion. If an incoming packet satisfies the criterion, the node sends it only to the third entity and blocks it from its original destination (the second entity); otherwise, the packet is sent to the second entity. (’986 Patent, Abstract; Compl. ¶¶ 52-53).
- Asserted Claims: Independent claim 1. (Compl. ¶140).
- Accused Features: The complaint accuses Cisco's SD-WAN systems where a controller can apply policies that block and redirect traffic to a third entity (such as a security appliance) based on packet inspection. (Compl. ¶¶ 142, 147).
U.S. Patent No. 12,244,475 - “METHOD AND SYSTEM FOR DEEP PACKET INSPECTION IN SOFTWARE DEFINED NETWORKS,” Issued March 4, 2025
- Technology Synopsis: The final asserted patent from the same family, this invention describes a method for handling TCP packets in an SDN. A network node receives and stores an instruction and criterion from an external controller. When the node receives a TCP packet, it checks if the packet satisfies the criterion. If it does, the packet is sent to the controller; if not, it is sent to its original destination. (’475 Patent, Abstract; Compl. ¶¶ 58-59).
- Asserted Claims: Independent claim 1. (Compl. ¶156).
- Accused Features: The complaint targets Cisco's SD-WAN products where policies can dictate that certain TCP packets are forwarded to the central controller for processing, while other traffic is routed normally. (Compl. ¶¶ 158, 163).
III. The Accused Instrumentality
Product Identification
- The complaint identifies a range of Cisco networking products, with exemplary products including the Cisco 550X Series Stackable Managed Switches, the Cisco Network Convergence System 4000 Series, and the Cisco ASR 1000 Series Aggregation Services Routers. (Compl. ¶¶ 74, 91, 107, 123).
Functionality and Market Context
- The accused products are infrastructure-level networking hardware and software used to build large-scale enterprise and service provider networks.
- The Cisco 550X Series switches can be physically stacked and configured to operate as a single logical device with "master," "master backup," and "slave" roles. The complaint alleges these can be set up in a "chain topology" for failover and redundancy. (Compl. ¶¶ 75, 77). A visual from a Cisco video, included in the complaint, depicts this master/slave hierarchy. (Compl. p. 22).
- The Cisco NCS 4000 Series is an optical transport platform that supports MPLS. It includes features for establishing "working" and "protecting" paths (LSPs) and uses protocols like Constrained Shortest Path First (CSPF) to select paths based on cost and policies like "SRLG-Aware Path Protection" to ensure path diversity for resilience. (Compl. ¶¶ 91-94).
- The Cisco ASR 1000 Series Routers are identified as key components in Cisco's Software-Defined WAN (SD-WAN) solution. In this architecture, a central controller provides policies to the ASR 1000 routers, which act as network nodes. These routers perform deep packet inspection to enforce the policies locally, enabling them to control, route, redirect, or block traffic based on specified criteria. (Compl. ¶¶ 107, 109, 142). A diagram from Cisco's documentation illustrates the centralized controller influencing reachability between edge routers. (Compl. p. 39).
IV. Analysis of Infringement Allegations
U.S. Patent No. 6,680,904 Infringement Allegations
| Claim Element (from Independent Claim 4 and Dependent Claims 5-6) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| Network access apparatus, comprising: first and second master units, each comprising a physical interface to a packet-switched network; a plurality of slave units... | The Cisco 550X Series are network access apparatuses that can be configured in a stack with a "MASTER," a "MASTER BACKUP," and multiple "SLAVE" units. | ¶74-76 | col. 6:28-36 |
| a plurality of physical interface lines, which link the slave units in one or more daisy chains... each daisy chain comprising at least a first slave unit connected... to the first master unit and a last slave unit connected... to the second master unit | Cisco documentation describes connecting the switches in a "chain topology" using stacking links, where each unit connects to its neighbor until the last unit is linked. | ¶77 | col. 7:1-9 |
| wherein in normal operation, downstream data packets received from the network are passed from the first master unit... and upstream data packets received by the slaves... are passed... to the first master unit | The Cisco 550X is configured for bidirectional operation, with features such as Storm Control for downstream broadcast traffic and Unidirectional Link Detection for upstream traffic paths. | ¶78 | col. 8:1-12 |
| [from claim 5] comprising a protection interface, which couples the second master unit to the first master unit... in case of a fault. | The accused products provide resiliency such that if the master switch fails, another switch takes over, which allegedly requires a connection between the first and second master units to convey data packets in case of a fault. | ¶79 | col. 8:13-19 |
| [from claim 6] wherein the first master unit bicasts the upstream data packets that it receives from the slave units to the network and, via the protection interface, to the second master unit... | The complaint alleges that if the first master fails, the second master sends the packets to the network, and that the accused products support Port Mirroring, which forwards copies of packets to another port. | ¶80-81 | col. 8:20-27 |
Identified Points of Contention
- Scope Questions: A central question may be whether the "master backup" role in the accused Cisco stack functions as the claimed "second master unit" at all times, as the claim language suggests, or only becomes active after a failure event. Another question is whether the term "bicasts" in claim 6 requires simultaneous transmission of two identical packet streams or can be satisfied by a failover mechanism or a monitoring feature like port mirroring.
- Technical Questions: What evidence does the complaint provide that the accused products' failover capability constitutes the claimed "bicasting" of upstream data packets to both the network and the second master unit via a "protection interface"? The complaint’s reliance on the separate feature of "Port Mirroring" raises the question of whether this monitoring function performs the claimed redundancy function.
U.S. Patent No. 8,830,821 Infringement Allegations
| Claim Element (from Independent Claim 14) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| a data structure comprising a plurality of transport entity descriptors; | The Cisco NCS 4000 includes label-switched paths ("LSPs") that employ protocols which describe "working co-routed LSP pairs" and "protecting co-routed LSP pairs." | ¶92 | col. 8:42-45 |
| an entity protection switch configured to switch between a working entity and a protection entity; | The accused products can associate a protecting MPLS-TE tunnel with a working MPLS-TE LSP, and when the working LSP goes down, the protecting LSP is automatically activated. | ¶92 | col. 2:32-34 |
| digital logic configured to... determine a probability of concurrent failure of said working entity and said protection entity; | The accused products include features such as "SRLG-Aware Path Protection" and "Bidirectional Forwarding Detection" that detect failures and ensure path diversity to reduce the probability of simultaneous connection failures. | ¶93 | col. 9:1-3 |
| logic configured to determine an entity cost of said plurality of transport entity descriptors; | The accused products use Constrained Shortest Path First (CSPF) protocol, which computes a path based on satisfying constraints such as required bandwidth and is described as the "shortest path (measured in terms of cost)." | ¶94 | col. 9:4-6 |
| logic configured to reselect said working entity and said protection entity... upon a reselection event, wherein said reselection event is selected from a group consisting of adding an entity..., an operational status change..., and a change in over all cost... | The accused products resize, readjust, and reoptimize LSPs to align with network traffic, which allegedly occurs when an "operational status change or overall cost change occurs." | ¶95-96 | col. 10:1-8 |
Identified Points of Contention
- Scope Questions: A primary issue for construction and infringement will be whether the accused "SRLG-Aware Path Protection" feature meets the claim limitation of "determin[ing] a probability of concurrent failure." Does ensuring paths do not share a "Shared Risk Link Group" constitute a determination of probability, or is it a binary check that falls outside the claim's scope?
- Technical Questions: What evidence does the complaint provide that the accused products' logic for reoptimizing LSPs based on traffic changes constitutes the specific "reselection events" enumerated in the claim, such as "adding an entity" or an "operational status change"?
V. Key Claim Terms for Construction
For the ’904 Patent:
- The Term: "bicasts" (Claim 6)
- Context and Importance: This term is critical to infringement of claim 6. Its interpretation will determine whether the accused failover and port mirroring capabilities meet the claim's requirements. Practitioners may focus on this term because the complaint's theory appears to equate a failover mechanism with simultaneous transmission.
- Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The patent does not explicitly define "bicasts." A party could argue for its plain and ordinary meaning, which might encompass any method of sending packets to two destinations, even if not perfectly simultaneous.
- Evidence for a Narrower Interpretation: The specification describes the function in the context of redundancy: "the first master unit bicasts the upstream data packets... to the network and, via the protection interface, to the second master unit, which transmits the upstream data packets to the network." (’904 Patent, col. 8:20-27). This suggests a specific protective function of sending two active streams, which may be narrower than a simple failover or monitoring capability.
For the ’821 Patent:
- The Term: "determine a probability of concurrent failure" (Claim 14)
- Context and Importance: This limitation defines a core function of the claimed digital logic. The infringement case depends on whether the accused system's method for ensuring path diversity performs this specific type of determination. Practitioners may focus on this term because the accused "SRLG-Aware" feature may operate based on rules rather than probabilistic calculations.
- Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: A party might argue that any logical process that assesses and minimizes the risk of concurrent failure (such as by ensuring paths are physically diverse) inherently "determines" a lower probability, even without an explicit numerical calculation.
- Evidence for a Narrower Interpretation: The patent specification explicitly refers to a "concurrent failure probability matrix (150)" and states that the logic "calculates the probability of concurrent failure for each entity pair." (’821 Patent, col. 4:45-48). This language strongly supports a narrower interpretation requiring a quantitative, mathematical determination of probability.
VI. Other Allegations
Indirect Infringement
- The complaint alleges both induced and contributory infringement for the asserted patents. Inducement is primarily based on Cisco allegedly providing its customers with the accused products along with instructional materials (manuals, data sheets, websites) that encourage and guide users to operate them in an infringing manner. (Compl. ¶¶ 82-83, 97-98, 107-111). Contributory infringement is alleged on the basis that the accused products are especially made for infringement and are not staple articles of commerce suitable for substantial non-infringing use. (Compl. ¶¶ 85, 100, 116).
Willful Infringement
- Willfulness is alleged based on both pre-suit and post-suit knowledge. For the ’904, ’821, and ’111 patents, the complaint alleges pre-suit knowledge dating back to at least March 2017 from licensing discussions initiated by a prior owner of the patents. (Compl. ¶¶ 66, 86, 101, 117). For the more recently issued ’305, ’986, and ’475 patents, knowledge is alleged as of the filing of the amended complaint, suggesting a theory of post-suit willfulness. (Compl. ¶¶ 49, 55, 61).
VII. Analyst’s Conclusion: Key Questions for the Case
- A core issue for the '904 patent will be one of architectural equivalence: does the "master/backup" relationship in Cisco's stacking technology, which is primarily designed for failover, perform the specific "bicasting" function claimed for the dual-master, daisy-chain architecture, or is there a fundamental difference in their operational mode?
- A key evidentiary question for the '821 patent will be one of functional specificity: does the accused system's logic for ensuring path diversity (e.g., SRLG-awareness) perform the claimed step of "determin[ing] a probability of concurrent failure," or does it instead apply a binary rule that falls short of the claim's quantitative requirement?
- For the family of SDN patents ('111, '305, '986, '475), a central dispute may revolve around the application of claim language to system operation: how closely do the specific, multi-step methods of instruction, checking, and conditional routing recited in the claims map onto the more general policy-based operation of Cisco's SD-WAN architecture?