Human control of privacy and security aspects in IoT settings

The digital technological evolution is driving exponential growth in connected sensors and objects within smart environments such as homes, workplaces, and social spaces. While automations bring new opportunities, they also introduce risks and challenges. It is essential to provide users with End-User Development (EUD) approaches and tools that let them create, modify, and control automations. In this perspective, a key challenge is enabling non-professional developers to understand and manage security and privacy risks. This paper presents a Systematic Literature Review analysing the intersection of EUD, the Internet of Things, and security and privacy issues, with particular attention to automations and trigger-action programming. We examined the research to identify major risks in smart environments, their sources, and consequences. We analysed approaches and tools designed to mitigate these risks, their user presentation, validation methods, user control levels, and application domains. Our findings offer an overview of current solutions and highlight opportunities for future research into tools that help non-professional developers understand IoT security, usability, and privacy.