{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,2]],"date-time":"2025-08-02T18:18:48Z","timestamp":1754158728098,"version":"3.41.2"},"reference-count":23,"publisher":"Emerald","issue":"4","license":[{"start":{"date-parts":[[2024,2,1]],"date-time":"2024-02-01T00:00:00Z","timestamp":1706745600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["ICS"],"published-print":{"date-parts":[[2024,9,25]]},"abstract":"<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Purpose<\/jats:title>\n<jats:p>This study aims to explore auto mechanics awareness of repairs and maintenance related to the car\u2019s cybersecurity and provide insights into challenges based on current practice.<\/jats:p>\n<\/jats:sec>\n<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Design\/methodology\/approach<\/jats:title>\n<jats:p>This study is based on an empirical study consisting of semistructured interviews with representatives from both branded and independent auto workshops. The data was analyzed using thematic analysis. A version of the capability maturity model was introduced to the respondents as a self-evaluation of their cybersecurity awareness.<\/jats:p>\n<\/jats:sec>\n<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Findings<\/jats:title>\n<jats:p>Cybersecurity was not found to be part of the current auto workshop work culture, and that there is a gap between independent workshops and branded workshops. Specifically, in how they function, approach problems and the tools and support available to them to resolve (particularly regarding previously unknown) issues.<\/jats:p>\n<\/jats:sec>\n<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Research limitations\/implications<\/jats:title>\n<jats:p>Only auto workshop managers in Sweden were interviewed for this study. This role was picked because it is the most likely to have come in contact with cybersecurity-related issues. They may also have discussed the topic with mechanics, manufacturers or other auto workshops \u2013 thus providing a broader view of potential issues or challenges.<\/jats:p>\n<\/jats:sec>\n<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Practical implications<\/jats:title>\n<jats:p>The challenges identified in this study offers actionable advice to car manufacturers, branded workshops and independent workshops. The goal is to further cooperation, improve knowledge sharing and avoid unnecessary safety or security issues.<\/jats:p>\n<\/jats:sec>\n<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Originality\/value<\/jats:title>\n<jats:p>As cars become smarter, they also become potential targets for cyberattacks, which in turn poses potential threats to human safety. However, research on auto workshops, which has previously ensured that cars are road safe, has received little research attention with regards to the role cybersecurity can play in repairs and maintenance. Insights from auto workshops can therefore shed light upon the unique challenges and issues tied to the cybersecurity of cars, and how they are kept up-to-date and road safe in the digital era.<\/jats:p>\n<\/jats:sec>","DOI":"10.1108\/ics-11-2023-0211","type":"journal-article","created":{"date-parts":[[2024,1,31]],"date-time":"2024-01-31T07:24:16Z","timestamp":1706685856000},"page":"407-419","source":"Crossref","is-referenced-by-count":0,"title":["Cybersecurity in modern cars: awareness and readiness of auto workshops"],"prefix":"10.1108","volume":"32","author":[{"given":"David","family":"Hedberg","sequence":"first","affiliation":[]},{"given":"Martin","family":"Lundgren","sequence":"additional","affiliation":[]},{"given":"Marcus","family":"Nohlberg","sequence":"additional","affiliation":[]}],"member":"140","published-online":{"date-parts":[[2024,2,1]]},"reference":[{"article-title":"Thematic analysis: a critical review of its process and evaluation","volume-title":"WEI International European Academic Conference Proceedings","year":"2012","key":"key2024092315394852900_ref001"},{"issue":"1","key":"key2024092315394852900_ref002","doi-asserted-by":"publisher","first-page":"21","DOI":"10.22215\/timreview\/863","article-title":"Securing the car: how intrusive manufacturer-supplier approaches can reduce cybersecurity vulnerabilities","volume":"5","year":"2015","journal-title":"Technology Innovation Management Review"},{"volume-title":"The Auto Repair Shop\u2019s Role in Connected Car Cybersecurity","year":"2017","key":"key2024092315394852900_ref003"},{"volume-title":"Nya Krav p\u00e5 Verkst\u00e4der","year":"2021","key":"key2024092315394852900_ref004"},{"volume-title":"Using the IBM Security Framework and IBM Security Blueprint to Realize Business-Driven Security","year":"2014","key":"key2024092315394852900_ref005"},{"issue":"4","key":"key2024092315394852900_ref006","doi-asserted-by":"publisher","first-page":"399","DOI":"10.1016\/j.dcan.2020.04.007","article-title":"Attacks and defences on intelligent connected vehicles: a survey","volume":"6","year":"2020","journal-title":"Digital Communications and Networks"},{"issue":"2","key":"key2024092315394852900_ref007","doi-asserted-by":"publisher","first-page":"45","DOI":"10.1109\/MVT.2017.2669348","article-title":"Driving with sharks: rethinking connected vehicles with vehicle cybersecurity","volume":"12","year":"2017","journal-title":"IEEE Vehicular Technology Magazine"},{"volume-title":"Hackers Reveal Nasty New Car Attacks\u2013with Me behind the Wheel","year":"2013","key":"key2024092315394852900_ref008"},{"key":"key2024092315394852900_ref009","doi-asserted-by":"publisher","first-page":"107343","DOI":"10.1016\/j.comnet.2020.107343","article-title":"Secure over-the-air software updates in connected vehicles: a survey","volume":"178","year":"2020","journal-title":"Computer Networks"},{"key":"key2024092315394852900_ref010","doi-asserted-by":"publisher","first-page":"275","DOI":"10.1007\/978-3-031-38530-8_22","article-title":"Cyberthreats in modern cars: responsibility and readiness of auto workshops","volume-title":"Human Aspects of Information Security and Assurance","year":"2023"},{"volume-title":"Vehicle Cybersecurity Threats and Mitigation Approaches, No. NREL\/TP-5400-74247, 1559930, p. NREL\/TP-5400-74247, 1559930","year":"2019","key":"key2024092315394852900_ref011","doi-asserted-by":"publisher","DOI":"10.2172\/1559930"},{"volume-title":"Dags F\u00f6r Yrkesbevis Inom Fordonsbranschen","year":"2013","key":"key2024092315394852900_ref012"},{"key":"key2024092315394852900_ref013","doi-asserted-by":"publisher","first-page":"252","DOI":"10.1145\/2735960.2735992","article-title":"Cyber-physical security for smart cars: taxonomy of vulnerabilities, threats, and attacks","volume-title":"Proceedings of the ACM\/IEEE Sixth International Conference on Cyber-Physical Systems","year":"2015"},{"issue":"9","key":"key2024092315394852900_ref014","doi-asserted-by":"publisher","first-page":"16","DOI":"10.1016\/S1353-4858(15)30081-7","article-title":"Cars of the future: the internet of things in the automotive industry","volume":"2015","year":"2015","journal-title":"Network Security"},{"key":"key2024092315394852900_ref015","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1109\/VTCSpring.2018.8417690","article-title":"Advanced analytics for connected car cybersecurity","volume-title":"2018 IEEE 87th Vehicular Technology Conference (VTC Spring)","year":"2018"},{"key":"key2024092315394852900_ref016","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1016\/j.comcom.2021.08.027","article-title":"Security on in-vehicle communication protocols: issues, challenges, and future research directions","volume":"180","year":"2021","journal-title":"Computer Communications"},{"key":"key2024092315394852900_ref017","doi-asserted-by":"publisher","first-page":"120102","DOI":"10.1016\/j.techfore.2020.120102","article-title":"Cybersecurity threats in the auto industry: tensions in the knowledge environment","volume":"157","year":"2020","journal-title":"Technological Forecasting and Social Change"},{"issue":"6","key":"key2024092315394852900_ref018","doi-asserted-by":"publisher","first-page":"6160","DOI":"10.1109\/TSG.2017.2705188","article-title":"A risk-based optimization model for electric vehicle infrastructure response to cyber attacks","volume":"9","year":"2018","journal-title":"IEEE Transactions on Smart Grid"},{"key":"key2024092315394852900_ref019","first-page":"17","article-title":"DevSecOps: a multivocal literature review","volume-title":"Software Process Improvement and Capability Determination","year":"2017"},{"issue":"3","key":"key2024092315394852900_ref020","doi-asserted-by":"publisher","first-page":"49","DOI":"10.1109\/MS.2017.78","article-title":"Secure automotive software: the next steps","volume":"34","year":"2017","journal-title":"IEEE Software"},{"issue":"11","key":"key2024092315394852900_ref021","doi-asserted-by":"publisher","first-page":"11","DOI":"10.1016\/S1353-4858(15)30100-8","article-title":"Connected cars \u2013 the next target for hackers","volume":"2015","year":"2015","journal-title":"Network Security"},{"issue":"2","key":"key2024092315394852900_ref022","doi-asserted-by":"publisher","first-page":"276","DOI":"10.3390\/jcp2020015","article-title":"Towards agile cybersecurity risk management for autonomous software engineering teams","volume":"2","year":"2022","journal-title":"Journal of Cybersecurity and Privacy"},{"issue":"32","key":"key2024092315394852900_ref023","first-page":"1","article-title":"Reducing confusion about grounded theory and qualitative content analysis: similarities and differences","volume":"19","year":"2014","journal-title":"The Qualitative Report"}],"container-title":["Information &amp; Computer Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/ICS-11-2023-0211\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/ICS-11-2023-0211\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,25]],"date-time":"2025-07-25T01:23:23Z","timestamp":1753406603000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/ics\/article\/32\/4\/407-419\/1235754"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,2,1]]},"references-count":23,"journal-issue":{"issue":"4","published-online":{"date-parts":[[2024,2,1]]},"published-print":{"date-parts":[[2024,9,25]]}},"alternative-id":["10.1108\/ICS-11-2023-0211"],"URL":"https:\/\/doi.org\/10.1108\/ics-11-2023-0211","relation":{},"ISSN":["2056-4961","2056-4961"],"issn-type":[{"type":"print","value":"2056-4961"},{"type":"electronic","value":"2056-4961"}],"subject":[],"published":{"date-parts":[[2024,2,1]]}}}