Searching over 5,500,000 cases.


searching
Buy This Entire Record For $7.95

Download the entire decision to receive the complete text, official citation,
docket number, dissents and concurrences, and footnotes for this case.

Learn more about what you receive with purchase of this case.

SRI International, Inc. v. CISCO Systems, Inc.

United States Court of Appeals, Federal Circuit

July 12, 2019

SRI INTERNATIONAL, INC., Plaintiff-Appellee
v.
CISCO SYSTEMS, INC., Defendant-Appellant

          Opinion Issued: March 20, 2019

          Appeal from the United States District Court for the District of Delaware in No. 1:13-cv-01534-SLR-SRF, Judge Sue L. Robinson.

          Frank Scherkenbach, Fish & Richardson, PC, Boston, MA, argued for plaintiff-appellee. Also represented by Proshanto Mukherji; David Michael Hoffman, Austin, TX; Howard G. Pollack, Redwood City, CA; Francis J. Albert, John Winston Thornburgh, San Diego, CA.

          William F. Lee, Wilmer Cutler Pickering Hale and Dorr LLP, Boston, MA, argued for defendant-appellant. Also represented by Andrew J. Danford, Lauren B. Fletcher, Louis W. Tompros.

          Before Lourie, O'Malley, and Stoll, Circuit Judges.

          OPINION

          Stoll, Circuit Judge.

         This is an appeal from a final judgment in a patent case. Cisco Systems, Inc. ("Cisco") appeals the district court's (1) denial of Cisco's motion for summary judgment of patent ineligibility under § 101, (2) construction of the claim term "network traffic data," (3) grant of summary judgment of no anticipation, and (4) denial of judgment as a matter of law of no willful infringement. Cisco also appeals the district court's grant of enhanced damages, attorneys' fees, and ongoing royalties.

         We affirm the district court's denial of summary judgment of ineligibility, adopt its construction of "network traffic data," and affirm its summary judgment of no anticipation. We vacate and remand the district court's denial of judgment as a matter of law of no willful infringement, and therefore vacate and remand the district court's enhancement of damages and award of attorneys' fees. Finally, we affirm the district court's award of ongoing royalties on post-verdict sales of products that were actually found to infringe or are not colorably different. Accordingly, we affirm-in-part, vacate-in-part, and remand for further proceedings consistent with this opinion.

         Background

         I

         While the interconnectivity of computer networks facilitates access for authorized users, it also increases a network's susceptibility to attacks from hackers, malware, and other security threats. Some of these security threats can only be detected with information from multiple sources. For instance, a hacker may try logging in to several computers or monitors in a network. The number of login attempts for each computer may be below the threshold to trigger an alert, making it difficult to detect such an attack by looking at only a single monitor location in the network. In an attempt to solve this problem, SRI developed the inventions claimed in U.S. Patent Nos. 6, 484, 203 and 6, 711, 615. The '615 patent (titled "Network Surveillance") is a continuation of the '203 patent (titled "Hierarchical Event Monitoring and Analysis").

         II

         SRI had performed considerable research and development on network intrusion detection prior to filing the pa-tents-in-suit. In fact, SRI's Event Monitoring Enabling Responses to Anomalous Live Disturbances ("EMERALD") project had attracted considerable attention in this field. The Department of Defense's Defense Advanced Research Projects Agency, which helped fund EMERALD, called it a "gem in the world of cyber defense" and "a quantum leap improvement over" previous technology. J.A. 1272-73 at 272:16-17, 273:7-9. In October 1997, SRI presented a paper entitled "EMERALD: Event Monitoring Enabling Responses to Anomalous Live Disturbances" ("EMERALD 1997") at the 20th National Information Systems Security Conference.

         EMERALD 1997 is a conceptual overview of the EMERALD system. It describes in detail SRI's early research in intrusion detection technology and outlines the development of next generation technology for detecting network anomalies. SRI Int'l Inc. v. Internet Sec. Sys., Inc., 647 F.Supp.2d 323, 334 (D. Del. 2009). The parties do not dispute that EMERALD 1997 constitutes prior art under 35 U.S.C. § 102(b). EMERALD 1997 is listed as a reference on the face of the '615 patent.

         III

         The patents share a nearly identical specification and a priority date of November 9, 1998. At the summary judgment stage, SRI asserted claims 1-4, 14-16, and 18 of the '615 patent and claims 1-4, 12-15, and 17 of the '203 patent. By the time of trial, SRI had narrowed the asserted claims to claims 1, 2, 12, and 13 of the '203 patent and claims 1, 2, 13, and 14 of the '615 patent. The jury considered only this narrower set of claims.

         The parties identify different representative claims. Cisco proposes claim 1 of the '203 patent, while SRI proposes claim 1 of the '615 patent. The claims are substantially similar, as the minor differences between them are not material to any issue on appeal. As such, we adopt SRI's proposal and use '615 patent claim 1 as the representative claim.[1] It reads:

1. A computer-automated method of hierarchical event monitoring and analysis within an enterprise network comprising:
deploying a plurality of network monitors in the enterprise network;
detecting, by the network monitors, suspicious network activity based on analysis of network traffic data selected from one or more of the following categories: (network packet data transfer commands, network packet data transfer errors, network packet data volume, network connection requests, network connection denials, error codes included in a network packet, network connection acknowledgements, and network packets indicative of well-known network-service protocols};
generating, by the monitors, reports of said suspicious activity; and
automatically receiving and integrating the reports of suspicious activity, by one or more hierarchical monitors.

'615 patent col. 15 ll. 2-21.

         After SRI sued Cisco for infringement of the '615 patent and the '203 patent, Cisco unsuccessfully moved for summary judgment on several issues, including that the claims are ineligible and that the EMERALD 1997 reference anticipates the claims.[2] SRI Int'l, Inc. v. Cisco Sys., Inc., 179 F.Supp.3d 339 (D. Del. Apr. 11, 2016) ("Summary Judgment Op."). The district court denied Cisco's motions and instead sua sponte granted summary judgment of no anticipation in SRI's favor.[3] Id. at 369.

         The court then held a jury trial on infringement, validity, and willful infringement of claims 1, 2, 13, and 14 of the '615 patent and claims 1, 2, 12, and 13 of the '203 patent, as well as damages. The jury found that Cisco intrusion protection system ("IPS") products, Cisco remote management services, Cisco IPS services, Sourcefire[4] IPS products, and Sourcefire professional services directly and indirectly infringed the asserted claims. The jury awarded SRI a 3.5% reasonable royalty for a total of $23, 660, 000 in compensatory damages. The jury also found by clear and convincing evidence that Cisco's infringement was willful.

         After post-trial briefing, the district court denied Cisco's renewed motion for JMOL of no willfulness. SRI Int'l, Inc. v. Cisco Sys., Inc., 254 F.Supp.3d 680, 717 (D. Del. 2017) ("Post-Trial Motions Op."). Based on the willfulness verdict, the district court determined that "some enhancement is appropriate given Cisco's litigation conduct," the "fact that Cisco lost on all issues during summary judgment," and "its apparent disdain for SRI and its business model." Id. at 723. The court then doubled the damages award. It also granted SRI's motion for attorneys' fees, compulsory license, and prejudgment interest.

         Cisco appeals the district court's claim construction and denial of summary judgment of ineligibility, [5] as well as its grant of summary judgment of no anticipation, enhanced damages, attorneys' fees, and ongoing royalties. We have jurisdiction under 28 U.S.C. § 1295(a)(1).

         Discussion

         I

         We review de novo whether a claim is drawn to patent-eligible subject matter. Berkheimer v. HP Inc., 881 F.3d 1360, 1365 (Fed. Cir. 2018) (citing Intellectual Ventures I LLC v. Capital One Fin. Corp., 850 F.3d 1332, 1338 (Fed. Cir. 2017)). Section 101 defines patent-eligible subject matter as "any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof." 35 U.S.C. § 101. Laws of nature, natural phenomena, and abstract ideas, however, are not patentable. See Mayo Collaborative Servs. v. Prometheus Labs., Inc., 566 U.S. 66, 70-71 (2012) (citing Diamond v. Diehr, 450 U.S. 175, 185 (1981)).

         To determine whether a patent claims ineligible subject matter, the Supreme Court has established a two-step framework. First, we must determine whether the claims at issue are directed to a patent-ineligible concept such as an abstract idea. Alice Corp. v. CLS Bank Int'l, 573 U.S. 208, 217 (2014). Second, if the claims are directed to an abstract idea, we must "consider the elements of each claim both individually and 'as an ordered combination' to determine whether the additional elements 'transform the nature of the claim' into a patent-eligible application." Id. (quoting Mayo, 566 U.S. at 79). To transform an abstract idea into a patent-eligible application, the claims must do "more than simply stat[e] the abstract idea while adding the words 'apply it.'" Id. at 221 (quoting Mayo, 566 U.S. at 72 (internal alterations omitted)).

         We resolve the eligibility issue at Alice step one and conclude that claim 1 is not directed to an abstract idea. See Enfish, LLC v. Microsoft Corp., 822 F.3d 1327, 1337 (Fed. Cir. 2016). The district court concluded that the claims are more complex than merely reciting the performance of a known business practice on the Internet and are better understood as being necessarily rooted in computer technology in order to solve a specific problem in the realm of computer networks. Summary Judgment Op., 179 F.Supp.3d at 353-54 (citing '203 patent col. 1 ll. 37- 40; DDR Holdings, LLC v. Hotels.com, L.P., 773 F.3d 1245, 1257 (Fed. Cir. 2014)). We agree. The claims are directed to using a specific technique-using a plurality of network monitors that each analyze specific types of data on the network and integrating reports from the monitors-to solve a technological problem arising in computer networks: identifying hackers or potential intruders into the network.

         Contrary to Cisco's assertion, the claims are not directed to just analyzing data from multiple sources to detect suspicious activity. Instead, the claims are directed to an improvement in computer network technology. Indeed, representative claim 1 recites using network monitors to detect suspicious network activity based on analysis of network traffic data, generating reports of that suspicious activity, and integrating those reports using hierarchical monitors. '615 patent col. 15 ll. 2-21. The "focus of the claims is on the specific asserted improvement in computer capabilities"-that is, providing a network defense system that monitors network traffic in real-time to automatically detect large-scale attacks. Enfish, 822 F.3d at 1335-36.

         The specification bolsters our conclusion that the claims are directed to a technological solution to a technological problem. The specification explains that, while computer networks "offer users ease and efficiency in exchanging information," '615 patent col. 1 ll. 28-29, "the very interoperability and sophisticated integration of technology that make networks such valuable assets also make them vulnerable to attack, and make dependence on networks a potential liability." Id. at col. 1 ll. 36-39. The specification further teaches that, in conventional networks, seemingly localized triggering events can have globally disastrous effects on widely distributed systems-like the 1980 ARPAnet collapse and the 1990 AT&T collapse. See id. at col. 1 ll. 43-47. The specification explains that the claimed invention is directed to solving these weaknesses in conventional networks and provides "a ...


Buy This Entire Record For $7.95

Download the entire decision to receive the complete text, official citation,
docket number, dissents and concurrences, and footnotes for this case.

Learn more about what you receive with purchase of this case.