Fix the leaking tap: A survey of Trigger-Action Programming (TAP) security issues, detection techniques and solutions

The Internet of Things (IoT) connects all emerging devices and services while creating interactions between people and things. Allowing users to match devices and services by causal relationship, Trigger-Action Programming (TAP) is a common user-programming paradigm in IoT smart home platforms. Thus, the security issues of TAP need to be addressed to ensure the privacy and security of data and human safety. This paper summarizes the existing literature on 1) security issues caused by different types of logical errors found in TAP rules and the vulnerabilities on well-known TAP platforms, and 2) the corresponding detection techniques and solutions that are classified based on different types of approaches adopted (e.g., Model Checking and Natural Language Processing). Finally, we summarized the datasets from literature or publicly available on the Internet in a separate section for potential reference of future TAP security research. (C) 2022 Published by Elsevier Ltd.

Automated summary

This paper summarizes the existing literature on the security issues of Trigger-Action Programming (TAP) in IoT smart home platforms, including logical errors in TAP rules and vulnerabilities in well-known TAP platforms. It also provides detection techniques and solutions based on different approaches, such as Model Checking and Natural Language Processing. Additionally, datasets from literature or publicly available sources are summarized for potential future TAP security research.