DCT

7:26-cv-00025

Athena Security LLP v. Dell Tech Inc

Log In
Key Events
Complaint
complaint

I. Executive Summary and Procedural Information

  • Parties & Counsel:
  • Case Identification: Athena Security, LLP v. Dell Technologies Inc., 7:26-cv-00025, W.D. Tex., 01/23/2026
  • Venue Allegations: Plaintiff alleges venue is proper in the Western District of Texas because Defendant Dell Technologies Inc. has regular and established places of business in the district, including its corporate headquarters in Round Rock, Texas.
  • Core Dispute: Plaintiff alleges that Defendant’s security software, servers, and network switches infringe four patents related to secure code execution, network memory transactions, power management, and packet relaying.
  • Technical Context: The patents-in-suit relate to foundational technologies in enterprise computing, including cybersecurity, high-performance data center operations, energy efficiency, and network load balancing.
  • Key Procedural History: The complaint does not mention any prior litigation involving the asserted patents, any post-grant proceedings before the U.S. Patent and Trademark Office, or any prior licensing history.

Case Timeline

Date Event
2004-12-03 Priority Date for U.S. Patent No. 7,698,744
2005-01-18 Priority Date for U.S. Patent No. 7,702,742
2006-08-11 Priority Date for U.S. Patent No. 7,969,880
2007-06-25 Priority Date for U.S. Patent No. 8,225,323
2010-04-13 U.S. Patent No. 7,698,744 Issued
2010-04-20 U.S. Patent No. 7,702,742 Issued
2011-06-28 U.S. Patent No. 7,969,880 Issued
2012-07-17 U.S. Patent No. 8,225,323 Issued
2026-01-23 Complaint Filed

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 7,698,744 - "Secure system for allowing the execution of authorized computer program code," Issued April 13, 2010

The Invention Explained

  • Problem Addressed: The patent’s background section describes conventional malware detection methods, such as signature-based system scans, as "ineffective against the next variation of the virus" because they require constant updates to a database of known threats (’744 Patent, col. 1:41-48).
  • The Patented Solution: The invention proposes a "proactive whitelist approach" that secures a computer system by allowing only authorized program code to execute ’744 Patent, col. 3:19-27 This is achieved using a kernel-level driver that intercepts system requests to create a new process or load a code module. The request is then authenticated using a multi-level whitelist architecture, which may include a most recently used (MRU) cache, a local whitelist, and a global whitelist, to determine if the code is approved for execution ’744 Patent, Abstract; Fig. 1
  • Technical Importance: This whitelisting approach represented a shift from a reactive "blacklist" model (blocking known threats) to a proactive security posture that defines a secure state by only permitting "known good" software to run, thereby protecting against unknown or "zero-day" threats ’744 Patent, col. 3:17-27

Key Claims at a Glance

  • The complaint asserts independent claim 37 ’744 Patent, Compl. ¶11
  • The essential elements of claim 37, a program storage device claim, include:
    • intercepting a request to create a process associated with a code module;
    • determining whether to authorize the request by causing a cryptographic hash value of the code module to be authenticated with reference to a remote whitelist database maintained by a trusted service provider;
    • wherein the remote whitelist database contains cryptographic hash values of approved code modules known not to contain viruses or malicious code; and
    • allowing the code module to be loaded and executed if the cryptographic hash value matches one of the values in the remote whitelist database.
  • The complaint does not explicitly reserve the right to assert dependent claims.

U.S. Patent No. 7,702,742 - "Mechanism for enabling memory transactions to be conducted across a lossy network," Issued April 20, 2010

The Invention Explained

  • Problem Addressed: The patent describes how standard commodity networks like Ethernet are "lossy," meaning they can drop packets and do not guarantee that packets will be received in the order they were sent. These characteristics make such networks unsuitable for remote programmed I/O, where processors expect memory transactions to be processed reliably and in an order consistent with the processor bus protocol (’742 Patent, col. 2:5-14).
  • The Patented Solution: The invention is a network interface that enables remote programmed I/O over a lossy network. The interface receives memory transaction messages (MTMs), encapsulates them into network packets, and assigns each packet a sending priority based on the MTM's transaction type (e.g., posted request, response). It then organizes packets into priority-based groups for sending. Crucially, it "ensures" that packets are received in the proper sequence by maintaining a linked-list of sent packets and re-sending any packet (and all subsequent packets in its list) for which a timely acknowledgement is not received from the remote node ’742 Patent, Abstract; col. 3:1-24
  • Technical Importance: This mechanism allowed for high-performance computing tasks, which require reliable remote memory access, to be implemented using inexpensive, standardized Ethernet hardware rather than costly proprietary network solutions ’742 Patent, col. 2:15-24

Key Claims at a Glance

  • The complaint asserts independent claim 1 ’742 Patent, Compl. ¶18
  • The essential elements of claim 1, a method claim, include:
    • receiving a plurality of memory transaction messages (MTMs) conforming to a processor bus protocol;
    • determining the MTMs are destined for a remote node and determining a transaction type for each MTM;
    • composing a network packet for each MTM;
    • assigning each packet a sending priority based on the transaction type and the ordering rules of the processor bus protocol;
    • organizing the packets into groups based on the sending priority;
    • sending the packets into a lossy network; and
    • ensuring that a subset of packets with a particular priority are received by the remote node in a proper sequence.
  • The complaint does not explicitly reserve the right to assert dependent claims.

U.S. Patent No. 8,225,323 - "Control device and control method for reduced power consumption in network device," Issued July 17, 2012

  • Technology Synopsis: The patent addresses excessive power consumption in network devices that utilize multiple "transfer resources" (e.g., processing circuits) by keeping all resources active regardless of traffic load (’323 Patent, col. 1:24-31). The patented solution is a control device that manages these resources by setting them to one of several "standby states" based on measured network load, where each standby state has a different power consumption level and a different transition time required to return to a fully "transfer-enabled state" ’323 Patent, Abstract
  • Asserted Claims: The complaint asserts independent claim 23 Compl. ¶25
  • Accused Features: The complaint accuses the Dell PowerEdge R750 and PowerEdge XE9680 servers of infringement Compl. ¶23

U.S. Patent No. 7,969,880 - "Device and method for relaying packets," Issued June 28, 2011

  • Technology Synopsis: The patent addresses the potential for communication load imbalance in networks that use link aggregation, where multiple physical connections are bundled into a single virtual link (’880 Patent, col. 1:18-36). The invention provides a method for distributing packets across the physical links by using a computational expression, such as a hash function, that takes "seed information" from the packet header (e.g., source/destination addresses) to select an output port. The device includes a modifying module to alter this computational expression, allowing an administrator to change the load distribution behavior and alleviate imbalances ’880 Patent, Abstract; col. 2:4-16
  • Asserted Claims: The complaint asserts independent claim 1 Compl. ¶32
  • Accused Features: The complaint accuses a broad range of Dell PowerSwitch devices and associated software, including SmartFabric OS10, of infringement Compl. ¶30

III. The Accused Instrumentality

Product Identification

  • Security Software: Dell Safeguard and Response Compl. ¶9
  • Servers: Dell PowerEdge R670, R770, R7715, R7725, R750, and XE9680 product lines Compl. ¶16, ¶23
  • Network Switches and Software: Dell PowerSwitch devices running SmartFabric OS10, SmartFabric Director, and SmartFabric OS10 Software Compl. ¶30

Functionality and Market Context

The complaint alleges that these products, by being made, used, or sold, incorporate functionality that infringes the asserted patents (Compl. ¶9, ¶16, ¶23, ¶30). However, the complaint does not provide specific technical details regarding the operation of the accused features. For example, it does not describe the specific security architecture of Dell Safeguard and Response or the network protocol details of the PowerEdge servers. No probative visual evidence provided in complaint. The complaint also makes no specific allegations regarding the commercial importance or market positioning of the accused products.

IV. Analysis of Infringement Allegations

The complaint references, but does not include, claim chart exhibits detailing its infringement theories Compl. ¶11, ¶18, ¶25, ¶32 In the absence of these exhibits, the infringement allegations are summarized below in prose based on the complaint's narrative.

  • ’744 Patent Infringement Allegations: The complaint alleges that Defendant’s Dell Safeguard and Response products directly infringe at least claim 37 of the ’744 Patent Compl. ¶9, ¶11 The narrative theory is that these products implement a "secure system for allowing the execution of authorized computer program code" that satisfies all limitations of the asserted claim Compl. ¶8, ¶11 The complaint does not specify how the accused software performs the claimed steps of intercepting process requests or authenticating them via a cryptographic hash against a remote whitelist.
  • ’742 Patent Infringement Allegations: The complaint alleges that Defendant’s PowerEdge R670, R770, R7715, and R7725 server product lines directly infringe at least claim 1 of the ’742 Patent (Compl. ¶16, ¶18). The narrative theory is that these servers provide a "mechanism for enabling memory transactions to be conducted across a lossy network" that meets all limitations of the asserted claim (Compl. ¶15, ¶18). The complaint does not provide details on how the accused servers allegedly assign priorities to network packets based on processor bus protocol rules or how they "ensure" ordered delivery.
  • Identified Points of Contention:
    • Scope Questions (’744 Patent): A potential question is whether the architecture of Dell Safeguard and Response corresponds to the specific "remote whitelist database hosted by a trusted service provider" required by claim 37, or if it utilizes an alternative security model, such as a locally managed or enterprise-controlled list.
    • Technical Questions (’742 Patent): A central technical question may be whether the networking protocols used by the accused PowerEdge servers perform the specific "ensuring" function for ordered delivery as described in the patent—namely, a system of acknowledgements and sequenced re-transmissions from a maintained list of sent packets ’742 Patent, col. 11:1-24 The analysis will depend on whether the accused products implement this specific mechanism or an alternative, such as standard TCP/IP protocols that also provide for reliable delivery.

V. Key Claim Terms for Construction

  • For the ’744 Patent (Claim 37):

    • The Term: "cryptographic hash value"
    • Context and Importance: This term is central to the claimed authentication process. The infringement analysis may depend on whether the identifier used by the accused product qualifies as "cryptographic." Practitioners may focus on this term to determine if the accused system's method of identifying software meets the technical requirements of the claim.
    • Intrinsic Evidence for Interpretation:
      • Evidence for a Broader Interpretation: The term is used generally in the claims and summary, suggesting it could cover any hash function that provides a secure signature for a code module ’744 Patent, col. 2:20-21
      • Evidence for a Narrower Interpretation: The specification provides a specific example, "secure hash algorithm 256 (SHA-256)," which could be used to argue that the term implies a certain level of cryptographic strength or a recognized industry-standard algorithm ’744 Patent, col. 2:22-24

  • For the ’742 Patent (Claim 1):

    • The Term: "ensuring... that a particular subset of the network packets... are received by the particular remote node in a proper sequence"
    • Context and Importance: This functional language defines the reliability and ordering guarantee that distinguishes the invention from standard lossy networks. The outcome of the case may hinge on whether the mechanism used in the accused servers performs this "ensuring" function in the manner claimed.
    • Intrinsic Evidence for Interpretation:
      • Evidence for a Broader Interpretation: The claim language itself is functional, suggesting that any mechanism that achieves the result of guaranteed, in-order delivery could fall within its scope.
      • Evidence for a Narrower Interpretation: The detailed description discloses a specific implementation for this function: maintaining a linked-list of sent packets, monitoring for acknowledgements, and re-sending packets from the list upon a timeout to preserve order ’742 Patent, col. 3:1-15 A party might argue this detailed disclosure limits the scope of the broader functional claim language.

VI. Other Allegations

  • Indirect Infringement: For all four patents, the complaint alleges induced infringement under 35 U.S.C. § 271(b). The basis for this allegation is that Defendant provides "user manuals and online instruction materials on its website" that allegedly encourage and instruct customers on how to use the accused products in an infringing manner Compl. ¶10, ¶17, ¶24, ¶31
  • Willful Infringement: The complaint does not contain an explicit allegation of willful infringement. However, for each asserted patent, it alleges that Defendant has had knowledge of the patent and its infringement "Through at least the filing and service of this Complaint" Compl. ¶10, ¶17, ¶24, ¶31 This allegation may form the basis for a claim of post-suit willfulness and a request for enhanced damages.

VII. Analyst’s Conclusion: Key Questions for the Case

  • A central evidentiary question will be one of technical specificity: given the complaint's lack of detailed operational descriptions or claim charts, what evidence will emerge in discovery to demonstrate that the accused software, servers, and switches actually perform the specific, multi-step methods required by the asserted claims?
  • For the ’744 patent, a core issue will be one of architectural correspondence: does the "Dell Safeguard and Response" security product rely on a "remote whitelist database hosted by a trusted third party service provider" as recited in Claim 37, or does it operate on a different security model that may not align with the claim's specific requirements?
  • For the ’742 patent, a key question will be one of functional implementation: do the accused PowerEdge servers perform the claimed "ensuring" step for reliable, ordered delivery using the specific acknowledgement and re-transmission protocol disclosed in the patent, or do they rely on standard networking protocols (such as TCP) that achieve a similar result through a potentially non-infringing mechanism?