{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,2]],"date-time":"2026-03-02T02:54:34Z","timestamp":1772420074468,"version":"3.50.1"},"reference-count":34,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2026,3,2]],"date-time":"2026-03-02T00:00:00Z","timestamp":1772409600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2026,3,2]],"date-time":"2026-03-02T00:00:00Z","timestamp":1772409600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Cybersecurity"],"abstract":"<jats:title>Abstract<\/jats:title>\n                  <jats:p>\n                    Modern System-on-Chip (SoC) designs integrate various embedded instruments and proprietary data to support critical operations such as testing, diagnosis, and in-field health monitoring. The IEEE Std. 1687 (IJTAG) is widely adopted to provide efficient and flexible access to these on-chip instruments. However, its reconfigurable nature exposes a significant attack surface, making it vulnerable to advanced security threats, including machine learning, differential analysis, and power analysis attacks, which can extract Chip IDs and cryptographic keys. To enhance the security of the IJTAG architecture, a secure access protocol has been proposed in the literature. In this secure access scheme, a random number generator produces a bitstream, and whenever a predefined template matches, a key bit is inserted into the bitstream; this process continues until all key bits are embedded. However, the reliance on a single static template renders the scheme predictable and susceptible to key recovery. To overcome this limitation, we propose a\n                    <jats:italic>multi-dynamic template based secure access protocol<\/jats:italic>\n                    , where multiple templates are employed for key insertion. For each comparison, the specific template is dynamically selected based on the last generated bit of the bitstream, thereby introducing randomness into the embedding process and obfuscating adversarial analysis. The experimental evaluation demonstrates that, with eight templates, the proposed protocol reduces machine learning attack accuracy from 98.31 to 0.0002%, increases the complexity of differential analysis by extending the key retrieval time from 3 ms to approximately\n                    <jats:inline-formula>\n                      <jats:alternatives>\n                        <jats:tex-math>$$ 1.67 \\times 10^{10} $$<\/jats:tex-math>\n                        <mml:math xmlns:mml=\"http:\/\/www.w3.org\/1998\/Math\/MathML\">\n                          <mml:mrow>\n                            <mml:mn>1.67<\/mml:mn>\n                            <mml:mo>\u00d7<\/mml:mo>\n                            <mml:msup>\n                              <mml:mn>10<\/mml:mn>\n                              <mml:mn>10<\/mml:mn>\n                            <\/mml:msup>\n                          <\/mml:mrow>\n                        <\/mml:math>\n                      <\/jats:alternatives>\n                    <\/jats:inline-formula>\n                    years, and renders power analysis attacks completely infeasible. In addition, the proposed scheme significantly reduces the bitstream length required for key insertion. For instance, with a 16-bit template and a 256-bit key, the required bitstream length decreases from 16.6 million to 12.8 thousand, while for a 24-bit template and a 256-bit key, it decreases from 4.2 billion to 57.2 thousand, while maintaining security. Furthermore, hardware synthesis on ITC\u201916 IJTAG benchmarks confirms negligible implementation cost, with area overheads of only 1.65% and 1.53% for the TreeFlatEx and TreeBalanced benchmarks, respectively. These results demonstrate that the proposed protocol provides scalable, resource-efficient and robust protection for IJTAG-enabled SoCs against state-of-the-art attacks.\n                  <\/jats:p>","DOI":"10.1186\/s42400-025-00498-8","type":"journal-article","created":{"date-parts":[[2026,3,2]],"date-time":"2026-03-02T02:01:11Z","timestamp":1772416871000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Secure and scalable access protocol for enhancing IEEE 1687 network security"],"prefix":"10.1186","volume":"9","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-2357-6382","authenticated-orcid":false,"given":"Gaurav","family":"Kumar","sequence":"first","affiliation":[]},{"given":"Mahendra Kumar","family":"Gurve","sequence":"additional","affiliation":[]},{"family":"Nitin","sequence":"additional","affiliation":[]},{"given":"Yamuna","family":"Prasad","sequence":"additional","affiliation":[]},{"given":"Satyadev","family":"Ahlawat","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2026,3,2]]},"reference":[{"key":"498_CR1","doi-asserted-by":"publisher","unstructured":"Ahlawat S, Vaghani D, Singh V (2017a) An efficient test technique to prevent scan-based side-channel attacks. In: 2017 22nd IEEE European test symposium (ETS), pp 1\u20132. https:\/\/doi.org\/10.1109\/ETS.2017.7968241","DOI":"10.1109\/ETS.2017.7968241"},{"key":"498_CR2","doi-asserted-by":"publisher","unstructured":"Ahlawat S, Vaghani D, Tudu J, Singh V (2017b) On securing scan design from scan-based side-channel attacks. In: 2017 IEEE 26th Asian test symposium (ATS), pp 58\u201363. https:\/\/doi.org\/10.1109\/ATS.2017.23","DOI":"10.1109\/ATS.2017.23"},{"key":"498_CR3","doi-asserted-by":"publisher","unstructured":"Ahlawat S, Tudu J, Gaur MS, Fujita M, Singh V (2019) Preventing scan attack through test response encryption. In: IEEE international symposium on defect and fault tolerance in VLSI and nanotechnology systems (DFT), pp 1\u20136. https:\/\/doi.org\/10.1109\/DFT.2019.8875355","DOI":"10.1109\/DFT.2019.8875355"},{"key":"498_CR4","doi-asserted-by":"publisher","DOI":"10.1109\/TCAD.2015.2391266","author":"R Baranowski","year":"2015","unstructured":"Baranowski R, Kochte MA, Wunderlich H-J (2015) Fine-grained access management in reconfigurable scan networks. IEEE Trans Comput-Aided Des Integr Circuits Syst. https:\/\/doi.org\/10.1109\/TCAD.2015.2391266","journal-title":"IEEE Trans Comput-Aided Des Integr Circuits Syst"},{"issue":"14","key":"498_CR5","doi-asserted-by":"publisher","first-page":"12112","DOI":"10.1109\/JIOT.2021.3134755","volume":"10","author":"Y Chen","year":"2023","unstructured":"Chen Y, Li J, Wang F, Yue K, Li Y, Xing B, Zhang L, Chen L (2023) Ds2pm: a data-sharing privacy protection model based on blockchain and federated learning. IEEE Internet Things J 10(14):12112\u201312125. https:\/\/doi.org\/10.1109\/JIOT.2021.3134755","journal-title":"IEEE Internet Things J"},{"key":"498_CR6","doi-asserted-by":"publisher","unstructured":"Das A, Touba NA (2019) A graph theory approach towards IJTAG security via controlled scan chain isolation. In: IEEE 37th VLSI test symposium (VTS), pp 1\u20136. https:\/\/doi.org\/10.1109\/VTS.2019.8758608","DOI":"10.1109\/VTS.2019.8758608"},{"key":"498_CR7","doi-asserted-by":"publisher","unstructured":"Dworak J, Crouch A (2015) A call to action: securing IEEE 1687 and the need for an IEEE test security standard. In: IEEE 33rd VLSI test symposium (VTS), pp 1\u20134. https:\/\/doi.org\/10.1109\/VTS.2015.7116256","DOI":"10.1109\/VTS.2015.7116256"},{"key":"498_CR8","doi-asserted-by":"publisher","unstructured":"Dworak J, Crouch A, Potter J, Zygmontowicz A, Thornton M (2013) Don\u2019t forget to lock your SIB: hiding instruments using P1687. In: IEEE international test conference (ITC), pp 1\u201310. https:\/\/doi.org\/10.1109\/TEST.2013.6651903","DOI":"10.1109\/TEST.2013.6651903"},{"key":"498_CR9","doi-asserted-by":"publisher","unstructured":"Dworak J, Conroy Z, Crouch A, Potter J (2014) Board security enhancement using new locking sib-based architectures. In: 2014 international test conference, pp 1\u201310. https:\/\/doi.org\/10.1109\/TEST.2014.7035355","DOI":"10.1109\/TEST.2014.7035355"},{"key":"498_CR10","doi-asserted-by":"publisher","unstructured":"Elnaggar R, Karri R, Chakrabarty K (2018) Securing IJTAG against data-integrity attacks. In: IEEE 36th VLSI test symposium (VTS). https:\/\/doi.org\/10.1109\/VTS.2018.8368642","DOI":"10.1109\/VTS.2018.8368642"},{"key":"498_CR11","doi-asserted-by":"publisher","DOI":"10.1109\/TCAD.2020.3019167","author":"R Elnaggar","year":"2020","unstructured":"Elnaggar R, Karri R, Chakrabarty K (2020) Security against data-sniffing and alteration attacks in IJTAG. IEEE Trans Comput Aided Des Integr Circuits Syst. https:\/\/doi.org\/10.1109\/TCAD.2020.3019167","journal-title":"IEEE Trans Comput Aided Des Integr Circuits Syst"},{"issue":"20","key":"498_CR12","doi-asserted-by":"publisher","first-page":"17666","DOI":"10.1109\/JIOT.2023.3278411","volume":"10","author":"K Fizza","year":"2023","unstructured":"Fizza K, Jayaraman PP, Banerjee A, Auluck N, Ranjan R (2023) Iot-qwatch: a novel framework to support the development of quality-aware autonomic IoT applications. IEEE Internet Things J 10(20):17666\u201317679. https:\/\/doi.org\/10.1109\/JIOT.2023.3278411","journal-title":"IEEE Internet Things J"},{"issue":"1","key":"498_CR13","doi-asserted-by":"publisher","first-page":"777","DOI":"10.1109\/JIOT.2023.3285894","volume":"11","author":"Y Gao","year":"2024","unstructured":"Gao Y, Chen L, Han J, Wu G, Susilo W (2024) Iot privacy-preserving data mining with dynamic incentive mechanism. IEEE Internet Things J 11(1):777\u2013790. https:\/\/doi.org\/10.1109\/JIOT.2023.3285894","journal-title":"IEEE Internet Things J"},{"key":"498_CR14","doi-asserted-by":"publisher","unstructured":"Gupta S, Crouch A, Dworak J, Engels D (2017) Increasing IJTAG bandwidth and managing security through parallel locking-SIBs. In: IEEE international test conference (ITC), pp 1\u201310. https:\/\/doi.org\/10.1109\/TEST.2017.8242034","DOI":"10.1109\/TEST.2017.8242034"},{"key":"498_CR15","doi-asserted-by":"publisher","unstructured":"IEEE standard testability method for embedded core-based integrated circuits (2005). IEEE Std 1500-2005, pp 1\u2013136. https:\/\/doi.org\/10.1109\/IEEESTD.2005.96465","DOI":"10.1109\/IEEESTD.2005.96465"},{"key":"498_CR16","doi-asserted-by":"publisher","unstructured":"IEEE standard for test access port and boundary-scan architecture (2013). IEEE Std 1149.1-2013 (Revision of IEEE Std 1149.1-2001), pp 1\u2013444 https:\/\/doi.org\/10.1109\/IEEESTD.2013.6515989","DOI":"10.1109\/IEEESTD.2013.6515989"},{"key":"498_CR17","doi-asserted-by":"publisher","unstructured":"IEEE standard for access and control of instrumentation embedded within a semiconductor device (2014) IEEE Std 1687-2014, pp 1\u2013283. https:\/\/doi.org\/10.1109\/IEEESTD.2014.6974961","DOI":"10.1109\/IEEESTD.2014.6974961"},{"key":"498_CR18","doi-asserted-by":"publisher","unstructured":"Kan S, Dworak J, Dunham JG (2016) Echeloned IJTAG data protection. In: 2016 IEEE Asian hardware-oriented security and trust (AsianHOST), pp 1\u20136. https:\/\/doi.org\/10.1109\/AsianHOST.2016.7835558","DOI":"10.1109\/AsianHOST.2016.7835558"},{"key":"498_CR19","doi-asserted-by":"publisher","unstructured":"Kumar G, Riaz A, Prasad Y, Ahlawat S (2022a) Power analysis attack on locking SIB based IJTAG architecture. In: 2022 IFIP\/IEEE 30th international conference on very large scale integration (VLSI-SoC), pp 1\u20136. https:\/\/doi.org\/10.1109\/VLSI-SoC54400.2022.9939634","DOI":"10.1109\/VLSI-SoC54400.2022.9939634"},{"key":"498_CR20","doi-asserted-by":"publisher","unstructured":"Kumar G, Riaz A, Prasad Y, Ahlawat S (2022b) A new access protocol for elevating the security of IJTAG network. In: 2022 IEEE 31st Asian test symposium (ATS), pp 31\u201336. https:\/\/doi.org\/10.1109\/ATS56056.2022.00018","DOI":"10.1109\/ATS56056.2022.00018"},{"key":"498_CR21","doi-asserted-by":"publisher","unstructured":"Kumar G, Riaz A, Prasad Y, Ahlawat S (2022c) On attacking IJTAG architecture based on locking SIB with security LFSR. In: 2022 IEEE 28th international symposium on on-line testing and robust system design (IOLTS), pp 1\u20136. https:\/\/doi.org\/10.1109\/IOLTS56730.2022.9897172","DOI":"10.1109\/IOLTS56730.2022.9897172"},{"key":"498_CR22","doi-asserted-by":"publisher","unstructured":"Kumar G, Riaz A, Prasad Y, Ahlawat S (2022d) On attacking locking SIB based IJTAG architecture. In: Proceedings of the Great Lakes symposium on VLSI 2022. GLSVLSI \u201922. Association for Computing Machinery, New York, NY, USA, pp 105\u2013109. https:\/\/doi.org\/10.1145\/3526241.3530370","DOI":"10.1145\/3526241.3530370"},{"issue":"11","key":"498_CR23","doi-asserted-by":"publisher","first-page":"8036","DOI":"10.1109\/JIOT.2021.3117971","volume":"9","author":"T Li","year":"2022","unstructured":"Li T, Liu W, Xie S, Dong M, Ota K, Xiong NN, Li Q (2022) Bpt: a blockchain-based privacy information preserving system for trust data collection over distributed mobile-edge network. IEEE Internet Things J 9(11):8036\u20138052. https:\/\/doi.org\/10.1109\/JIOT.2021.3117971","journal-title":"IEEE Internet Things J"},{"issue":"2","key":"498_CR24","doi-asserted-by":"publisher","first-page":"3392","DOI":"10.1109\/JIOT.2023.3296460","volume":"11","author":"X Li","year":"2024","unstructured":"Li X, Zhao H, Deng W (2024) Bfod: blockchain-based privacy protection and security sharing scheme of flight operation data. IEEE Internet Things J 11(2):3392\u20133401. https:\/\/doi.org\/10.1109\/JIOT.2023.3296460","journal-title":"IEEE Internet Things J"},{"key":"498_CR25","doi-asserted-by":"publisher","unstructured":"Liu H, Agrawal VD (2015) Securing IEEE 1687-2014 standard instrumentation access by LFSR key. In: 2015 IEEE 24th Asian test symposium (ATS), pp 91\u201396. https:\/\/doi.org\/10.1109\/ATS.2015.23","DOI":"10.1109\/ATS.2015.23"},{"issue":"1","key":"498_CR26","doi-asserted-by":"publisher","first-page":"36","DOI":"10.1109\/MDT.2010.9","volume":"27","author":"K Rosenfeld","year":"2010","unstructured":"Rosenfeld K, Karri R (2010) Attacks and defenses for JTAG. IEEE Design Test Comput 27(1):36\u201347. https:\/\/doi.org\/10.1109\/MDT.2010.9","journal-title":"IEEE Design Test Comput"},{"key":"498_CR27","doi-asserted-by":"publisher","unstructured":"Sao Y, Riaz A, Ahlawat S, Ali SS (2022) Evaluating security of new locking SIB-based architectures. In: 2022 IEEE European test symposium (ETS), pp 1\u20136. https:\/\/doi.org\/10.1109\/ETS54262.2022.9810460","DOI":"10.1109\/ETS54262.2022.9810460"},{"key":"498_CR28","doi-asserted-by":"publisher","unstructured":"T\u0161ertov A, Jutman A, Devadze S, Reorda MS, Larsson E, Zadegan FG, Cantoro R, Montazeri M, Krenz-Baath R (2016) A suite of IEEE 1687 benchmark networks. In: IEEE international test conference (ITC), pp 1\u201310. https:\/\/doi.org\/10.1109\/TEST.2016.7805840","DOI":"10.1109\/TEST.2016.7805840"},{"issue":"23","key":"498_CR29","doi-asserted-by":"publisher","first-page":"38829","DOI":"10.1109\/JIOT.2024.3454483","volume":"11","author":"W Wang","year":"2024","unstructured":"Wang W, Gong X, Wang X, Cai S, Liu P, Xiong NN (2024) Daf: an effective design-for-testability authorization framework based on obfuscation mechanisms for defending complex attacks. IEEE Internet Things J 11(23):38829\u201338845. https:\/\/doi.org\/10.1109\/JIOT.2024.3454483","journal-title":"IEEE Internet Things J"},{"key":"498_CR30","doi-asserted-by":"publisher","unstructured":"Yang B, Wu K, Karri R (2004) Scan based side channel attack on dedicated hardware implementations of data encryption standard. In: 2004 International conference on test, pp 339\u2013344. https:\/\/doi.org\/10.1109\/TEST.2004.1386969","DOI":"10.1109\/TEST.2004.1386969"},{"issue":"10","key":"498_CR31","doi-asserted-by":"publisher","first-page":"2287","DOI":"10.1109\/TCAD.2005.862745","volume":"25","author":"B Yang","year":"2006","unstructured":"Yang B, Wu K, Karri R (2006) Secure scan: a design-for-test architecture for crypto chips. IEEE Trans Comput Aided Des Integr Circuits Syst 25(10):2287\u20132293. https:\/\/doi.org\/10.1109\/TCAD.2005.862745","journal-title":"IEEE Trans Comput Aided Des Integr Circuits Syst"},{"issue":"2","key":"498_CR32","doi-asserted-by":"publisher","first-page":"323","DOI":"10.1109\/TC.2021.3049543","volume":"71","author":"J Zhang","year":"2022","unstructured":"Zhang J, Shen C, Su H, Arafin MT, Qu G (2022a) Voltage over-scaling-based lightweight authentication for IoT security. IEEE Trans Comput 71(2):323\u2013336. https:\/\/doi.org\/10.1109\/TC.2021.3049543","journal-title":"IEEE Trans Comput"},{"issue":"16","key":"498_CR33","doi-asserted-by":"publisher","first-page":"14452","DOI":"10.1109\/JIOT.2021.3090475","volume":"9","author":"J Zhang","year":"2022","unstructured":"Zhang J, Shen C, Guo Z, Wu Q, Chang W (2022b) Ct puf: configurable tristate puf against machine learning attacks for iot security. IEEE Internet Things J 9(16):14452\u201314462. https:\/\/doi.org\/10.1109\/JIOT.2021.3090475","journal-title":"IEEE Internet Things J"},{"key":"498_CR34","doi-asserted-by":"crossref","unstructured":"Zygmontowicz A, Dworak J, Crouch A, Potter J (2014) Making it harder to unlock an LSIB: honeytraps and misdirection in a p1687 network. In: Proceedings of the conference on design, automation & test in Europe. DATE \u201914. European Design and Automation Association, Leuven, BEL","DOI":"10.7873\/DATE2014.208"}],"container-title":["Cybersecurity"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1186\/s42400-025-00498-8.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1186\/s42400-025-00498-8","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1186\/s42400-025-00498-8.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,3,2]],"date-time":"2026-03-02T02:01:12Z","timestamp":1772416872000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1186\/s42400-025-00498-8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,3,2]]},"references-count":34,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2026,12]]}},"alternative-id":["498"],"URL":"https:\/\/doi.org\/10.1186\/s42400-025-00498-8","relation":{},"ISSN":["2523-3246"],"issn-type":[{"value":"2523-3246","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026,3,2]]},"assertion":[{"value":"19 June 2025","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"28 September 2025","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"2 March 2026","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"Not applicable.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Ethics approval and consent to participate"}},{"value":"Not applicable.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Consent for publication"}},{"value":"This manuscript builds upon our previously published conference work (Kumar et\u00a0al.\n                      \n                      ) by introducing several key extensions mentioned with cover letter and supplementary material document.","order":4,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing interests"}}],"article-number":"37"}}