Analysis of the Susceptibility of Smart Home Programming Interfaces to End User Error

2019 IEEE Security and Privacy Workshops (SPW) Pub Date : 2019-05-01 DOI:10.1109/SPW.2019.00034

Mitali Palekar, Earlence Fernandes, Franziska Roesner

{"title":"Analysis of the Susceptibility of Smart Home Programming Interfaces to End User Error","authors":"Mitali Palekar, Earlence Fernandes, Franziska Roesner","doi":"10.1109/SPW.2019.00034","DOIUrl":null,"url":null,"abstract":"Trigger-action platforms enable end-users to program their smart homes using simple conditional rules of the form: if \"condition\" then \"action\". Although these rules are easy to program, subtleties in their interpretation can cause users to make errors that have consequences ranging from incorrect and undesired functionality to security and privacy violations. Based on prior work, we enumerate a set of nine classes of errors that users can make, and we empirically study the relationship between these classes and the interface design of eight commercially available trigger-action platforms. Particularly, we examine whether each interface prevents (e.g., via good design) or allows each class of error. Based on this analysis, we develop a framework to classify errors and extract insights that lay a foundation for the design of future trigger-action programming interfaces where certain classes of errors can be mitigated by technical means or by alerting the user of the possibility of an error. For instance, we identify that an analysis of a dataset of functionally-similar trigger-action rules could be used to predict whether certain types of error patterns are about to occur.","PeriodicalId":125351,"journal":{"name":"2019 IEEE Security and Privacy Workshops (SPW)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"16","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE Security and Privacy Workshops (SPW)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SPW.2019.00034","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 16

Abstract

Trigger-action platforms enable end-users to program their smart homes using simple conditional rules of the form: if "condition" then "action". Although these rules are easy to program, subtleties in their interpretation can cause users to make errors that have consequences ranging from incorrect and undesired functionality to security and privacy violations. Based on prior work, we enumerate a set of nine classes of errors that users can make, and we empirically study the relationship between these classes and the interface design of eight commercially available trigger-action platforms. Particularly, we examine whether each interface prevents (e.g., via good design) or allows each class of error. Based on this analysis, we develop a framework to classify errors and extract insights that lay a foundation for the design of future trigger-action programming interfaces where certain classes of errors can be mitigated by technical means or by alerting the user of the possibility of an error. For instance, we identify that an analysis of a dataset of functionally-similar trigger-action rules could be used to predict whether certain types of error patterns are about to occur.

查看原文本刊更多论文

智能家居编程接口对终端用户错误的易感性分析

触发操作平台使最终用户能够使用简单的条件规则来编程他们的智能家居:如果“条件”，那么“操作”。尽管这些规则很容易编程，但其解释的微妙之处可能会导致用户犯错误，从而导致从不正确和不希望的功能到违反安全和隐私的后果。基于先前的工作，我们列举了用户可能犯的九类错误，并实证研究了这些错误与八种商用触发器操作平台的界面设计之间的关系。特别是，我们检查每个接口是否防止(例如，通过良好的设计)或允许每一类错误。基于此分析，我们开发了一个框架来对错误进行分类并提取见解，为设计未来的触发-操作编程接口奠定基础，其中某些类型的错误可以通过技术手段或通过提醒用户错误的可能性来减轻。例如，我们确定对功能相似的触发-操作规则数据集的分析可用于预测某些类型的错误模式是否即将发生。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2019 IEEE Security and Privacy Workshops (SPW)

自引率

0.00%

发文量