On the Identification, Evaluation and Treatment of Risks in Smart Homes: A Systematic Literature Review

The emergence of smart technologies in homes comes with various services and functions for everyday life. While a smart home (SH) is associated with great potential in terms of comfort and risk treatment, it also introduces new and alters existing risks. Despite a growing number of academic studies on SH risks, research is fragmented with regard to its focus on certain disciplines and is still rather technology-focused. In this paper, we fill this gap by providing a comprehensive understanding of relevant risks through a systematic literature review. Following the guidelines of the PRISMA reporting protocol, we search 1196 academic and practitioners’ publications related to household risks or risk perceptions of SH users. A final set of 59 records results in three main themes. They include (1) a synthesis of pre-existing and emerging risks sketching the new risk landscape of SH households, (2) a discussion of the prevailing risk evaluation methods, and (3) a presentation of SH-related risk treatment options with a particular emphasis on insurance. We specify the influence of SH on risks and risk perception, and highlight the relevance of analyzing the interconnection of risks in complex systems, such as SH. Our review lays the basis for assessing SH risks and for enabling more comprehensive and effective risk management optimization.


Introduction
Increasing households' inclusiveness, safety, resilience, and sustainability is a global trend supported by the emergence of new technologies (Salhi et al. 2019). Smart technologies and services also facilitate the integration of work life into the private home, a trend that has been amplified by the surge in momentum brought by the COVID-19 pandemic (Von Gaudecker et al. 2020). A smart home (SH) can address needs as energy management (Reinisch et al. 2011;Scott 2007), health (Alam et al. 2012;Ehrenhard et al. 2014), security (Blythe and Johnson 2019;Schiefer 2015), lifestyle, and convenience (Chan et al. 2012) through the use of connected and embedded devices. Early definitions by Lutolf (1992), and later Aldrich (2006), discuss the essence of SH in a capacious manner. They capture the technical dimension, the services and functions that SHs provide, and the types of user needs that the technologies are designed to meet. Today, two types of SH definitions are used: one that refers to the technological attributes and another that characterizes the service perspective (Sovacool and Furszyfer Del Rio 2020). However, Marikyan et al. (2019) show that both types of definitions address three typical attributes of SH, namely the technological aspects regarding hardware and software, the services enabled by SH, and, thus, the ability to satisfy certain household needs. In this research, we consider SH as a home equipped with a set of smart technologies that offer remote, digitalized, and automated services to a resident improving its quality of home life. Risks 2021, 9, 113 2 of 30 As homes become "smarter", our way of living changes accordingly (Keller et al. 2018). As such, the risks associated with a household change fundamentally. SH is associated with great potential in terms of risk treatment, but, at the same time, causes new risks (Denning et al. 2013). In fact, new risks, especially in the area of cyber security and privacy, emerge and have been discussed in recent literature (Loi et al. 2017). Thereby, human-related or software-related risk sources, e.g., inadequate access control, are identified as crucial (Jacobsson et al. 2016). While much attention is given to privacy and cyber security risks, other household risks, such as water, fire, or theft, have attracted little academic attention in SH settings so far. Practitioners' studies, however, promote SH as an important risk mitigation measure. For example, a study by Davis (2020b) show that the risk of water damage could be significantly reduced with the implementation of SH. To date, there are no systematic reviews of the literature on risks in SH. Various reviews following more narrow approaches exist. For example, Amiribesheli et al. (2015) summarize the state of affairs from a health perspective, Hosseini et al. (2017) take the viewpoint of energy management services and Marikyan et al. (2019) conduct a use-case overarching usercentered analysis. In addition to some purely technical analyses of cyber risks (Ali et al. 2019;Nawir et al. 2016), the study by Blythe and Johnson (2019) synthesizes the literature on crimes facilitated by Internet of Things (IoT) environments, with a particular emphasis on the home environment.
Hence, despite a growing number of academic studies on SH and the associated risks, research is fragmented in that it focuses on selected risks or risk perception in the context of SH acceptance. As such risks are mainly analyzed from information security or technology acceptance disciplines, separately and predominantly field-specific but have not yet been systematically synthesized. As a consequence, the literature on risks in SH lacks a comprehensive picture about which risks emerge or change with SH dynamics.
In this systematic literature review, we identify and analyze the risks that are associated with SH households. By adopting an interdisciplinary approach, we aim to improve the understanding of the (changing) risk exposure of SHs. A more comprehensive understanding of risks and their drivers lays the basis for the optimization of risk management. This also enables future research to propose measures that effectively address risks in their entirety and thereby generate value out of SH from a risk management perspective.
From an initial collection of 1196 academic and practitioners' publications, we retain 59 references that we include in our systematic literature review. The study of the final corpus resulted in three main themes of SH risk research. First, we identify pre-existing and emerging risks in SH on the basis of an inductive categorization. Emerging risks related to cyber and dependency are the most prominent in the literature. In the case of pre-existing risks, the extant literature mainly focuses on financial aspects or household risks known from the insurance business. Second, we present applied risk evaluation methods, most of which are methods from the information security discipline or from acceptance research. In addition, risks are evaluated using well-known frameworks (e.g., ISO 31 000). Third, we structure risk treatment options in two groups. Those that are recommendations for SH technology and service providers and those representing options for end-users. Implications for the insurance industry are studied hereunder.
The paper is organized as follows. In Section 2, we present the methodology used to review the literature and to derive the corpus of records that we analyze. We present our findings on the risk identification in SHs and our synthesis on pre-existing and emerging risks in Section 3. In Section 4, we discuss the prevailing risk evaluation methods. Finally, we present the identified risk treatment options in Section 5. Thereby, we put special emphasis on the risk transfer to insurance in the SH context. We conclude in Section 6. In the Appendix, we provide a comprehensive synopsis of the reviewed papers (Tables A1 and A2), as well as a detailed overview of the identified risks (Table A3).

Methodology
In this section, we present the review strategy and descriptive statistics on the retained body of literature. Finally, we synthesize the final corpus by presenting the main themes and by introducing the underlying theoretical concepts and terminology.

Review Strategy and Data Collection
Our review identifies and summarizes risks in SHs, using a systematic methodological approach. To ensure a high degree of reliability, we follow Tranfield et al. (2003) and use the Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) protocol (Page et al. 2020) as a reporting guide.
Before starting the systematic review and to obtain an initial understanding of the topic, we conducted a preparatory literature review which included the identification of gaps in research, study objectives and development of a review protocol. This preparatory review has revealed several gaps that pointed to the need for a systematic investigation of risks in the context of SHs. It has also shown that beyond academic research, an increasing number of practitioners' studies point to relevant aspects regarding risks in SHs. For this reason, we organize our research in two streams (see Figure 1). In the first search stream, we focus on academic research articles. In the second search, we pinpoint relevant industry expertise, such as reports from risk management experts, government departments, or insurance companies. We view them as a relevant expert group, especially, since insurance companies, for example, have the most comprehensive data on household risks and possess distinct risk analysis skills.

Identification
Records from databases and risk journals (1 123)

Practitioners' studies
Records from websites (50) Full text (50) Records excluded (33) Figure 1. Flow diagram for the identification and screening of records along PRISMA guidelines.
For the academic search stream, we selected Web of Science, EbscoHost, and ProQuest as information sources, considering all citation indexes of the Web of Science Core Collection, only Business Source Premier in EbscoHost, and ABI/INFORM Global, as well as ABI/INFORM Trade and Industry, in ProQuest. To guarantee a holistic view of all risks that appear in SHs, we further identified 16 risk journals (e.g., Risk Management and Insurance Review or Asia-Pacific Journal of Risk and Insurance), which were not covered by the selected databases. We screened these journals using the same selection criteria. The choice of keywords focused on the terms "smart home" and "risk". (The full search streams used are as follows: AB("smart home*" OR "connected home*" OR "smart living" OR "smart building*" OR "smart technology") AND AB("risk*" OR "threat*" OR "barrier*" OR "limit*"), as well as AB("iot" OR "internet of things" OR "big data") AND AB("risk*" OR "threat*" OR "limit*") AND AB("home*" OR "household*" OR "house*").) We defined eligibility criteria in terms of time span (years from 2002 to 2020), language (English, German, French, and Italian), and included all types of sources since no prior work systematically covered risks in SHs. The data collection process was facilitated by the use of a reference manager software (Mendeley) and clear decision rules on the origin of the data. If two sources pointed to the same results, the primary dataset was collected. The final query in the databases and the risk journals was performed in July 2020 and resulted in 1123 records.
Following the identification of the academic research articles, a screening process was conducted (see Figure 1). We used inclusion criteria coded on a scale ranging from 0 to 3 as follows: Level 3 is used when risks are analyzed in a systematic and holistic way in the source, level 2 indicates that risks are discussed but the focus is on a single risk (e.g., technological risk), level 1 denotes work wherein some aspects of risk management are mentioned, or where the context suggests that risks may be discussed, and level 0 indicates that no relevant aspects on risks are discussed. Further, we excluded studies focusing on medical aspects concerning certain disease risks (e.g., risk of a stroke in a home-care setting) or technical studies (e.g., household energy management) that do not discuss risks. While one of the authors handled the selection and scoping of the articles, the other authors acted as reviewers and conducted the proof-reading to validate the collection. Independence was guaranteed since no knowledge on the other reviewer's scoring was shared. Disagreements were resolved afterwards by a look-up of the detailed results and, if necessary, by a discussion whether the study should be ranked up or down. (To limit any inappropriate use of the methodology and to counteract the risk of bias, the recommendations of Thomé et al. (2016) were followed. The review protocol and the inclusion criteria were jointly developed by the team of authors. We consequently sought to work with more than one independent reviewer and compared individual selections only after scoring was completed. Finally, for certainty assessment of the literature, we included several factors. One indicator was the degree to which additional search streams led to known results identified in a prior search stream. Dedicated search processes were done for grey literature to validate the existing knowledge and reveal new content. Moreover, we performed text mining on the final corpus of records to validate whether any relevant themes were not covered by the full-text articles.) In the first step of screening, reviewers scored the studies based on the titles and the abstract, resulting in 159 references scored 1 or higher that were retained.
Based on these 159 records, a backward and forward citation search was performed. This led to 11 and 12 documents being added, respectively, from backward and forward tracking. A set of 182 records was considered for full-text assessment. After excluding 140 records that did not meet the SH inclusion criteria, 42 academic research articles ranked as relevant.
In the second search stream, we identified practitioner's studies in the grey literature. A dedicated web search pursued a specific search strategy focusing exclusively on organizations engaged in household risks or SH technology. A total of 24 insurance companies and 63 other organizations were included in the search. (An example query for web search is as follows: "smart home" AND "risk" site:lexisnexis.com.) We extracted the results of the top-ranked results for each organization and retained 50 references scoring 1 or higher.
Full-text screening on these records resulted in the exclusion of 33 records and, finally, 17 practitioners' studies are retained.
The final corpus of literature that we use in the sequel includes 59 records: 42 academic research articles and 17 practitioners' studies. A synopsis of the records is provided in Tables A1 and A2 in Appendix A. For each record, we provide the geographical scope (column "region"), type of publication (column "type"), and the research method used (column "method"), as well as information on key contents and main results. Further, we identify the records related to risk identification (RI), risk evaluation (RE), and risk treatment methods (RT), including insurance.

Descriptive Statistics
In the following, we provide descriptive statistics on the screened records and the final corpus of literature. We perform a frequency analysis on the records sought for full-text screening (182 research articles and 50 practitioners' studies; see Figure 1) and text mining on the final body of records (42 articles and 17 studies). These analyses visualize key metrics of the literature and the results help to provide an initial mapping of the main concepts.

Frequency analysis of the screened records
Using the 182 academic research articles and the 50 practitioners' studies retained for full-text screening, we perform a frequency analysis on the publication year of the records and on the geographical region under investigation. The graph in Figure 2a shows the development of the number of records between 2011 and 2020. It becomes evident that the relevant research field steadily grows. The number of publications in our database increased from 2 records in 2012 to 56 records in 2019. In the earlier 2000s, there are only sporadic occurrences with one or two records per year. We do not discuss the figure for 2020, as it is incomplete since the search covered publications until July 2020. We illustrate the geographical distribution of records in Figure 2b. The anglo-saxon region dominates the research activities, with the U.S. and UK contributing most, respectively, with 52 and 34 records. South Korea (KR,19) and China (CN, 12) follow next. Overall, more publications originate from Europe (57) than Asia (47). Text mining on the final body of records Text mining on the main corpus of 42 research articles and 17 practitioners' studies was used to quantitatively assess the concepts included in the body of literature. A visualization of the results is given in Figure 3. (The criteria for the scoring were English language, at least 3 letters and on the basis of a word stem (e.g., the key term "secur" includes among others the words "security" and "secure").) Expectedly, the key terms "smart", "home", and "risk" are the most frequent since they were searched for to initially determine the records. An interesting finding is that "secur" appears far more often than "privac". This reflects the relevance of security, which is of particular concern for the SH risk literature in terms of cyber security and physical security (see Section 3.1). The relatively high frequency of terms with "use", especially compared to "technology", is likewise of interest. It indicates that usage drives risks, yet research remains primarily technology-focused. Insurancerelated research ("insur") counts a relatively high number of hits when compared to the keys "servic", "user", or "perceiv". This is mainly due to the range of insurance-related practitioners' studies that resulted from the web search.

Data Synthesis
To synthesize the data, we adopted an inductive thematic analysis method as defined by Braun and Clarke (2006). To minimize the risk of bias, we pursued a six-phase process where topics are coded with no pre-existing categorization within the research field (see, e.g., the orientation by Mikkonen and Kääriäinen (2020)). The value of an inductive thematic analysis for our research question relates to the capacity to analyze latent themes. Since there is no prior work reviewing risks in SH and we combine different disciplines analyzing risks separately, the chosen bottom-up approach leads to the best possible completeness. Our analysis results in three main themes, to which all risk relevant statements can be assigned. The relevant themes are the following: • Risk identification. The difficulty of identifying risks for SHs resides in having different terminologies due to the diversity of disciplinary origins. We present our findings on risk in SHs in Section 3 and attempt to keep a simple structure. For this reason, we adopt the risk management framework ISO 31000 (ISO, International Organization for Standardization 2018). That framework is generally applicable, simple to use and proven in the corporate context. We summarize the identified risks along their influence on impact and acceptance (see Table 1 in Section 3 and Table A3 in Appendix A). • Risk evaluation. Methods to assess risks can be found in different research areas. In Section 4, we present the risk evaluation methods available from the literature and attribute them to the respective disciplines. Findings from academic literature are synthesized together with the methods found in practitioners' studies (see Table 2 in Section 4). • Risk treatment and insurance. Finally, selecting and implementing appropriate measures to address risks of SHs represents a nascent topic of SH risk research. However, the focus here is still entirely on cyber risks. Since we cannot fall back on any established concepts for structuring, the measures are divided into two categories. The first presents options that act as recommendations for SH providers. The second presents options for the users. The effect of SH on insurance, which represent a treatment option in their own right, is further discussed in depth.
While other topics, such as technology characteristics, benefits, adoption, sustainability, society, commercial, and legal, emerged, they are interesting for SH overall, but, since they are not relevant for our risk focus, we do not discuss them further. Both Tables A1 and A2 in Appendix A provide a synopsis of the final corpus of records and the association of the literature to the three main themes.

Risk Identification
In general terms, a risk is a deviation from a desired condition (ISO, International Organization for Standardization 2018). With the broad variety of technology available for home, likewise, various targets and various possible deviations arise (Nurse et al. 2016). This section presents the risks identified from the final corpus of 59 records. We summarize the risks along their influence on impact and acceptance. Furthermore, we structure our synthesis in emerging and pre-existing risks. On the one hand, pre-existing risks are considered as those already being discussed for households without SH devices or services. Often, they include risks from insurance-related studies. Emerging risks, on the other hand, refer to risks emerging with the integration of SH applications in a household. They are typically developing or changing risks that are more difficult to quantify (Mazri 2017). Emerging risks to privacy and cyber security have been signaled early on by Radomirovic (2010). (We observe that risk analyses from the information security literature often take a distinct approach in describing risks by identifying the asset, vulnerability and threat of a risk (Jacobsson et al. 2016). For such risks, we follow this structure. Similarly, risk analyses from the technology acceptance literature use a specific vocabulary. Given their user-centric orientation, the risks identified from this literature are described as perceived risks by lay users. As an example, perceived privacy risks relate to consumers' concern of having personal data misused or disclosed to third parties without their agreement (Kang and Kim 2009). Thus, the focus is fully on the user's perception.) At the end of the section, we provide an overview of the risks that we discuss (see Table 1).

Emerging Risks
The implementation and use of smart technologies in homes gives rise to emerging risks (Denning et al. 2013). In the literature, these emerging risks are studied in particular from the viewpoints of information security and technology acceptance. In the former, cyber risks and their technological treatment are examined, whereas in the latter, the focus is on societal risks that affect users to varying degrees.

•
Privacy. We find emerging cyber risks related to privacy and cyber security among the most relevant risks for SH (Loi et al. 2017). Privacy risks refer to the inappropriate handling of personal user data collected from SH (Gerber et al. 2019). As devices, like surveillance cameras or personal wearables, become part of the SH ecosystem, Jacobsson et al. (2016), among others, names privacy risks as the most undesirable consequence. Sovacool and Furszyfer Del Rio (2020), for example, attributes the highest probability of occurrence to privacy risks, while Park et al. (2019) attribute the highest severity to it. In addition, Tanczer et al. (2018) sees the status of privacy as the most fundamental risk under the dynamics of SH. The authors further warn that privacy risks are most likely to be accepted on an individual level, thus creating long-term risks for society as a whole.
In research on the acceptance of SH technology and services, perceived privacy risks are extensively analyzed. Several studies state that privacy risks contribute the strongest to the users' overall risk perception (Marikyan et al. 2019). Interestingly, all studies agree that while privacy risks have a strong influence on risk perception, overall risk perception does not influence acceptance Klobas et al. 2019;Wang et al. 2020). Hubert et al. (2019) shares the opinion but argue that perceived privacy risks remain significant in the context of adoption, as they have an indirect influence on other acceptance variables. Studies from Alaiad and Zhou (2017) and Wilson et al. (2017) also conclude that perceived privacy risks are not the most relevant factor for the overall risk perception. Park et al. (2018) categorizes the surveyed sample into three groups: low, moderate and high overall risk perceivers. For the low risk perceivers, privacy risks do not influence the overall risk perception, whereas for the modest and high risk perceivers, they have the largest influence. Lastly, the work of Hong et al. (2020) show no direct influence of perceived privacy risks, and thereby does not investigate the overall risk perception. In our literature study, we found two unique approaches to perceived privacy risks.
On the one hand, Lee (2020) analyzes how users perceive certain vulnerabilities. Vulnerabilities relating to user behavior are perceived as the most significant, technology vulnerabilities also result to be important, legal vulnerabilities are considered vaguely significant and provider vulnerabilities are not significant. On the other hand, Gerber et al. (2019) compares the significance of perceived privacy risk in the overall risk perception in SHs to the significance in social media and in smart health. Especially abstract risk scenarios, where consequences of privacy are rather vaguely defined without suggesting how users might be damaged (e.g., collection of usage patterns) are perceived the most likely, yet, in terms of severity, rated similarly significant throughout all domains.
Overall, we conclude that privacy risks are well-researched. Within the field of information security, experts' analyses of cyber risks consistently emphasize the importance of privacy risks. The literature points also to a large body of studies in the context of technology acceptance, although there is not yet conclusive agreement on the influence of privacy risks on acceptance. • Cyber security. In contrast to the misuse of personal data associated with privacy risks, cyber security risks refer to vulnerabilities and threats in hardware, software, and data of SH devices and services (Klobas et al. 2019). Technical studies providing risk analysis in this context are numerous. Across all studies, statements can be assigned to one of the following three themes, namely asset, vulnerability, or threat. The interplay of these three aspects leads to the definition of a given cyber risk. For example, Ali et al. (2019) defines a cyber risk as the potential loss caused to the SH ecosystem by a threat exploiting certain vulnerabilities. Assets are typically defined at the beginning of the risk analysis, based on a given SH architecture (Alexandrov et al. 2019;Ali et al. 2019;Jacobsson et al. 2016). Such assets include sensors, gateways, servers, application programming interfaces, mobile devices, and the mobile device apps. Within these components of the SH architecture, certain categories, such as software, hardware, information, communication protocols, and human factors, are ubiquitous.
Overall, the assets that are qualified as risky are mostly those that are used and whose properties are configured by the end user. Thus, cyber risks primarily arise from software and mobile devices and the related applications and services. Most reviewed studies proceed by identifying vulnerabilities of SHs based on the assets. In particular, the work by Jacobsson et al. (2016) is most comprehensive. In their study, 4 of 32 vulnerabilities result in high risks, 19 are classified as medium risks, 9 are low risks. The most relevant vulnerabilities are poor password selection, sloppy end user, gullible users and software security in applications. They all belong to the asset categories of human factors and software. Various studies emphasize the importance of human factors (e.g., Ali and Awad 2018;Li et al. 2018;Van Hoorde et al. 2018) and stress the relevance of software vulnerabilities (e.g., Ali et al. 2019).
A threat can be defined as a potential action that results in a loss (Ali et al. 2019). New capabilities of smart homes enable new types of attacks while permitting traditional attacks with novel consequences (Denning et al. 2013). The literature emphasizes this trend and discusses threats in greater detail compared to assets or vulnerabilities.
Most studies derive threats on the basis of previously identified vulnerabilities and the assets thereof. Jacobsson et al. (2016) identifies, in order of rank, circumvention of authentication mechanism, social engineering and unauthorized modification to a system as the top three threats to SHs. All are mainly caused by human-software combinations. The authors also note privacy and manipulation threats to hardware and communication protocols. Van Hoorde et al. (2018) emphasizes the fact that hardware-related manipulation should not be neglected, yet prioritize threats linked to privacy disclosure, inadequate access control and malware mitigation. Threats targeted toward smartphones, due to high risk exposure, are considered by Brauchli and Li (2015) the most relevant. Another prominent approach evaluates specific forms of attacks. Thereby, possible attacks from areas, such as information security, are summarized and then evaluated by assessing the vulnerabilities and assets (see Blythe and Johnson 2019 for an overview). There is a consensus that attacks with denial of service and eavesdropping are main threats (Ali et al. 2019;Nurse et al. 2016). Finally, some concepts take an in-depth look at the threats for a specific SH technology (e.g., RFID, Zigbee and Wi-Fi technologies in Krishnan et al. 2017; Zigbee technology in Wongvises et al. 2017). In risk analyses from technology acceptance research, the perceived importance of cyber security risks is minimal. Park et al. (2018) attributes minimal influence of cyber security to the overall risk perception, while Wang et al. (2020) attributes none at all. A possible reason for this could be the lack of understanding and the complexity of the topic, which prevents perception at all (Mani and Chouk 2017). Therefore, Klobas et al. (2019) analyzes cyber security risks separately from other risks. We conclude that cyber security is a major research subject in information security risk analyses. Human factors and software components are presented as critical sources of risks. Comparing these results to the technology acceptance literature illustrates how risk assessment depends on the perspective. Users rate the significance of cyber security risks as less important than information security experts. • Performance. The loss in performance of a SH product or service is linked to an emerging performance risk (Hong et al. 2020 Dependence. According to Sovacool and Furszyfer Del Rio (2020), there is a risk that SH technologies become a black box for average households, leading to isolation, vulnerability to fraud or lock-in effects. In the study by Wilson et al. (2017), other aspects, like mental aspects of a resulting dependence, are identified (e.g., SH as non-essential luxuries or driver of laziness). In acceptance research, the increase in dependence is studied as the effect of SHs on users' control perception (Sovacool and Furszyfer Del Rio 2020). Initially, SHs were supposed to increase control. However, usage may also result in a loss of control (Wilson et al. 2017). Such risks potentially have negative effects on the users' peace of mind. Hong et al. (2020) considers that dependence risks become increasingly important and have, for example, stronger influence on the overall risk perception than performance risks. • Access to technology. On a societal level, new risks related to the access to SH technology emerge. From a risk perspective, this is a distinct but cross-cutting risk. The exposure to today's pre-existing risks, such as water or fire, which we will address below, can largely be attributed to socio-economic factors (Banks and Bowman 2018). Today, it is still unclear whether SHs reinforces the significance of these factors or balance them out socially (Nilson and Bonander 2020 (Sovacool and Furszyfer Del Rio 2020). These considerations embody the user perspective and originate from unclear regulatory conditions or potentially limited longevity of vendors, as the latter are often start-ups. • Time. Perceived time risk refers to the time wasted when using SH technologies (Wang et al. 2020). However, this risk has been found to be insignificant in other studies (Klobas et al. 2019;Wang et al. 2020).

Pre-Existing Risks
The literature suggests that SHs have an influence on pre-existing risks, such as fire, water, or burglary. As an example, Blythe and Johnson (2019) state the case where thousands of cameras were exploited by attackers in 2016 and emphasize that the potential form crime can take increases with the use of interconnected devices. Tanczer et al. (2018), studying risk patterns for IoT risk scenarios, rate the SH ecosystem as the most significant affected by this tendency. They conclude that crime exploits an increasing number of cyber-physical dependencies. Thus, it is likely that SHs may lead to an increase in illegal activities for economic, personal or political gain.

•
Theft. Blythe and Johnson (2019) (Tanczer et al. 2018). The SH context broadens the potential sources of financial consequences. According to a study by Hartford Steam Boiler (HSB) insurance company (Milewski 2017), 87% of the victims of cyber attacks in the U.S. suffered financial losses. Likewise, derived as a consequence of potentially increased dependence, there is a real risk that SH technologies leads to greater financial dependence (Sovacool and Furszyfer Del Rio 2020). Thus, emerging risks come with relevant new financial risks and many pre-existing risks ultimately have a financial impact on the household's individual.
In technology acceptance studies, perceived financial risks denote the possibility by which the product or service may not be worth its price (Hong et al. 2020). However, numerous studies find that the influence of perceived financial risks on overall risk perception is not significant (Alaiad and Zhou 2017;Hong et al. 2020;Kim et al. 2017;Sovacool and Furszyfer Del Rio 2020;Wang et al. 2020). The work of Park et al. (2018) is an exception as they point out that, in those that perceive financial risks as low, they have by far the greatest influence on the overall risk perception. • Fire. Average fire-related insurance claims are the most expensive losses for non-SH households (Insurance Information Institute 2020). Several studies point to SHs' potential in reducing the probability, as well as the severity of a fire incident (Feuerstein and Karmann 2017). Roost (Goldberg et al. 2019), an insurtech whose business model is built on the use of SH, reports a 15% reduction in claims frequency. BI Intelligence (Meola 2016) sees even greater potential in reducing the severity of the risk. Banks and Bowman (2018) confirm the potential mitigation of fire risk by SHs. Likewise, in comparison to commercial buildings, the potential of SH technologies for private households becomes especially obvious (Salhi et al. 2019). While the use of SH to prevent and treat fire risk is widely discussed, we found no indication of a change of the underlying risk. • Water. The risk of water damage is assessed in insurance practitioners' studies. Contrarywise to fire losses, the probability of water damage is high and the severity low (Insurance Information Institute 2020). ACE Group (2011) points out that 93% of all insurance costs from water damage could be prevented by SH technology. More recently, an empirical study from LexisNexis (Davis 2020b) confirm the finding by comparing households equipped with and without water sensors. One year after the installation of sensors, SHs saw a 96% decrease in paid water leakage claims and a 72% decrease in claims severity, while the control group recorded a 10% increase in frequency with unchanged severity levels. The risk of flooding has its own major field of research intensively discussing risk treatment measures. SH technology is listed by Azam et al. (2017) for reducing the severity of potential losses. • Health. Many SH use cases seek to promote health and well-being (Alam et al. 2012;Ehrenhard et al. 2014). In contradiction to these benefits, it is unclear whether new health risks arise from SH use (Sovacool and Furszyfer Del Rio 2020;Tanczer et al. 2018). The literature related to technology acceptance is scarce (Sovacool and Furszyfer Del Rio 2020). We only found Park et al. (2018) discussing the polarizing issue of electromagnetic radiation. For high risk perceivers, such radiation becomes overwhelmingly salient, while, for moderate and low risk perceivers, radiation leaves a low impact, respectively, negatively affecting the overall risk perception. • Other property damage. Finally, the reviewed literature mentions other pre-existing risks of non-SH households. The risks of property damage, excluding fire and water, that are discussed are for example wind and hail (Feuerstein and Karmann 2017). Early warning systems based on SH technology demonstrate their positive effect on pre-existing risks. In sum, while SH provides early warning or new risk treatment options, there is no indication of a change in the underlying risk.
In Table 1, we provide a summary of the risks identified in the literature. We also indicate the impact of SH on the risks (higher risk "H", lower risk "L", unclear effect "-"). Thereby, three risks result with SH as higher, eight as lower and for four the effect is unclear. Likewise, we indicate how strongly the various risks affect the acceptance of SH by lay users (high influence on acceptance "H", low influence on acceptance "L", unclear effect "-"). Five risks have a relevant influence on SH acceptance, five have no influence, and, in five others, the effect is unclear. More details on the identified risks are available in Table A3 in Appendix A.
Finally, there are interesting attempts to compare the risks of different use cases for a certain technology ecosystem to each other. König et al. (2017) discuss use case risks of ambient assisted living associated with inexperienced users and rank privacy the highest, followed by physical safety, social impact, and poorly secured devices. In contrast, for convenience use cases, i.e., disconnected from health considerations, physical safety is the most relevant, and privacy is ranked explicitly the lowest risk.
We observe that SH technology and related services change the risks landscape associated to a household. Especially, new risks related to technology usage emerge while treatment options for pre-existing risks improve. For the most part, extant research considers risks separately from each other. In particular, emerging cyber risks are well-researched in technical analyses. Further, results from the technology acceptance literature provide new perspectives and lead to the identification of additional risks. We also note that financial aspects are often overlooked. The security and comfort of SHs yields high maintenance and repair costs putting additional financial burden on the owners which may result in the risk of losing financial liquidity. In addition, although SH technology provides additional security, property damage from theft, fire, and water may incur higher costs for repair in SHs compared to other houses. Finally, a comparison of the results indicates that the assessment of risks differs by technical experts and users. Overall, we note that risks are not yet analyzed holistically nor evaluated with consistent metrics. A closer look at the methods and disciplines of risk research in the SH context in the next section confirms this shortcoming. Non-water or fire related property damage in and around the house L -Note: "Impact" describes the influence of SH on a risk, where "H" stands for higher risk, "L" for lower risk, and "-" for an unclear effect. "Acceptance" describes the risks' influence on the acceptance of SH, where "H" stands for high influence on acceptance, "L" for low influence on acceptance, and "-" for an unclear effect.

Risk Evaluation
The results on the risks identified in the previous section illustrate that they are researched from different areas. Accordingly, the choice of methods for their evaluation is broad. The most prominent field of study for risks in SHs is the information security discipline. Three main approaches can be found here: a risk-based, a security-based, and a privacy-based approach. The latter two typically emphasize a technological innovation for risk identification and mitigation (Ali and Awad 2018;Park et al. 2019;Schiefer 2015). Conversely, risk-based approaches attempt to address cyber risks comprehensively and focus on risk identification and assessment. Often used methods are, for example, information security risk analysis (Jacobsson et al. 2016), fuzzy set theory (Li et al. 2018), and fault tree analysis (Wongvises et al. 2017). All approaches share the common feature that they assess the risk based on a system's ability to meet three basic goals of system security, namely confidentiality, integrity, and availability (Jacobsson et al. 2014). Cyber risks result from a combination of assets, vulnerabilities and threats and are assessed by means of the probability and severity of the risk. More sophisticated models have evolved from this basis. Jacobsson et al. (2016) use a matrix-like risk map dividing the analysis into architecture components and subcategories derived from information systems. Li et al. (2018) complement the analysis with concepts from grey system theory to cover the relationship between the probability, severity and detection of a system failure. All risk-based methods share a semi-qualitative character. They combine qualitative interview techniques with quantitative assessment methods and validation metrics to varying extents of sophistication. Jacobsson et al. (2016) summarize that mixed methods can accommodate the heterogeneous structure and complex relationships between connected devices and people.
Despite technological maturity, SH technology and service adoption and diffusion rates remain low (Marikyan et al. 2019). Hence, there is a relevant body of literature studying risks in SHs from the perspective of technology acceptance. Since these studies are user-oriented, they describe perceived risks by users as potential downsides to acceptance (Sovacool and Furszyfer Del Rio 2020). Perceived risks by lay users differ from the objective assessment of an expert. However, while perception is a key driver of risk behavior, it does not change the underlying risk. Various papers examine the influence of perceived risks on technology acceptance using structural equation models (Alaiad and Zhou 2017;Klobas et al. 2019;Wang et al. 2020). Thereby, the overall risk perception is considered to be composed by individual risks. Some models are derived from resistance theory (Hong et al. 2020;Lee 2020), while Park et al. (2018) exclusively focus on risk perception without considering the acceptance context. Finally, further studies (Gerber et al. 2019) build on the comparison of risks in SHs with those from other online services and draw conclusions on the relative users' perception of privacy and cyber security risks.
Other risk evaluation methods are based on the international standards for risk management (ISO, International Organization for Standardization 2018). Analyses building on this framework commonly follow its explicit generic approach. The advantage in that approach is that the standard is ubiquitously applicable to every kind of system, regardless of its type, perspective or size (ISO, International Organization for Standardization 2018). Thus, frameworks specifically adapted to SH also build on the three phases of risk identification, risk assessment, and risk treatment. When comparing the methodology to other approaches, we observe an emphasis on the risk identification. The advanced SH risk management framework from Nurse et al. (2016) divide the ISO 31000 standard into five phases, with risk identification making up three of the five phases. One of the most recent publications based on ISO 31000 combines elements from the above mentioned information security risk analysis and risk management (James 2019). In addition to probability and impact of a risk, they introduce an additional factor described as the attractiveness of the targeted system as a compromised system. Similar to the ISO 31000 framework, several other industry standards are used for risk analysis in SHs. König et al. (2017) provides an overview of relevant industry standards for IoT systems. These approaches pursue risk, cyber-security, or privacy goals. The ISO 27000 standard summarizes best practices on information security, the ISA/IEC 62443 design cyber-security robustness and different publications under NIST SP800 give guidance on cyber vulnerabilities (NIST SP800-53), systems security engineering (800-160), or networks of things (NIST SP800-183). Several security-based or privacy-based frameworks (Nurse et al. 2016;Park et al. 2019;Varghese and Hayajneh 2018) of the information security discipline refer to these models indicating the incorporation its principles.
Finally, analyses from the insurance discipline also contribute to the methodological portfolio. Understanding and analyzing risks is a key pillar of the insurance business (Sheng et al. 2017). The focus today is on applying actuarial rate making to pre-existing household risks, such as fire, water, and theft. The shift to more sophisticated approaches to analyze behavior-related risks is gaining momentum (Banks and Bowman 2018). There is agreement on the importance of behavioral data for rate making of household risks. However, no specific methodologies for SHs can be found in the academic literature. For SHs, there are practitioners studies similar to the ones in the area of telematics that refer to models without going into greater depth (Matera and Salvador 2018). In addition, claims data analyses can be found that compare loss data from households with and without specific SH products (Davis 2020b).
In summary, the risk evaluation methods we found can be assigned to five areas: information security, acceptance, risk management frameworks, industry standards and insurance practice (see Table 2). For all but two studies (Li et al. 2018;Nurse et al. 2016), the reviewed works focus on applying risk analysis models to the field of SHs. The two exceptions are conceptual contributions that suggest changes to existing models or combine models to better address specific questions. All disciplines bring their own perspective and, thus, come with certain advantages. As such, the focus on information security has led to various risk evaluation methodologies for cyber security and privacy. Yet, as with the risks themselves, there are still no attempts to evaluate risks on the basis of an integrated risk metric. Such an approach would allow to assess and prioritize risks in SHs relative to each other, to assess risk scenarios with interrelations among several risks, to quantify the impact of SH, or to evaluate investments into risk treatment options.

Method Description References
Information security Information security risk analysis Review of a system's risk exposure based on its ability to fulfill the three basic goals of system security, i.e., confidentiality, integrity, and availability

Industry standards ISO 27000
Best practice in information security management aiming to manage information risks by information security means König et al. (2017) NIST SP800 Frameworks developed to address the security and privacy needs, e.g., systems security engineering (NIST SP800-160) and networks of things (NIST SP800-183) König et al. (2017) ISA/IEC-62443 Design framework to improve cyber security robustness and resilience in industrial automation control systems König et al. (2017) Insurance

Actuarial rate making
Determination of the price charged by insurance companies for pre-existing household risks Matera and Salvador (2018); Sheng et al. (2017) Claims data analysis Comparison of insurance claims data from households with and without specific SH products, e.g., water leakage or fire sensors Davis (2020b)

Risk Treatment
The reviewed literature also provides evidence on how to deal with the identified risks in SHs. This risk treatment is about the selection and implementation of suitable measures to address risks (ISO, International Organization for Standardization 2018). However, systematic studies are limited to the treatment of cyber risks and are technical. Thereby, we find recommendations that are addressed to SH technology and service providers and those directed to the users.
Among the former are the studies of Klobas et al. (2019) and Sovacool and Furszyfer Del Rio (2020). The focus therein is on initiatives that raise awareness, disseminate knowledge and empower users. The primary goal is to align the perceived level of risk to the objective level. In addition, it is important to consider the user interface of SH systems, devices and services and to enable users to simply participate in the protection of their systems. This is also the direction taken by Jacobsson et al. (2016), referring to the need for a model of security and privacy in the design phase of SHs. Accordingly, SH systems should be designed to provide users with methods to evaluate their own risk exposure, to provide them with security principles, and to point out privacy-sensitive information. The study is the only one that defines highly specific treatment measures for cyber risks aimed at the end-user. Based on the risks presented in Section 3, we draw on measures related to human factors and software as they represent a major source of cyber risks. The enforcement of password policies and verification tools represents an effective option for weak passwords, whereas policies and legal contracts are tools to address gullible end-users. Software-related vulnerabilities regarding the authentication mechanism can be mitigated through methods of public key infrastructure-based or multi-factor authentication and the continuous installation of updated software packages when available. However, keeping systems dynamic remains important. Even with security and privacy settings, users should configure their own settings instead of static patterns.
Our final corpus of academic research articles does not expand on treatments beyond cyber risks. However, practitioners' studies explore other risks. Thereby, SH is presented as an actual treatment option to address pre-existing risks in non-SH settings. The statement on SH by (Sevillano 2018) in the Swiss Re study is exemplary: for water, fire, and theft, the study predicts a 50% reduction of total insurance claims resulting from the use of connected devices (see Section 3).
Buying insurance is one option to mutualize risks (ISO, International Organization for Standardization 2018). We identify literature contributions that discuss new forms of insurance enabled by SHs. The assertion that the individualization of actuarial rate making creates opportunities with respect to insurance access is of particular interest for SH (Banks and Bowman 2018). Traditionally-rated high-risk households may be more attractive risks for insurance companies thanks to additional shared behavioral data stemming from SHs. The confirmation by practitioners' studies gives further weight to these considerations (Feuerstein and Karmann 2017). In addition, insurance is a technique to finance risks and serves for compensation of losses from specific risks. For example, emerging cyber security threats often result in a financial loss, and, where available, insurance can be an option that is rapidly implemented. Finally, insurers also act as experts and represent a source of knowledge for risk mitigation.

Conclusions
With the growing presence of technology and an increasing connectivity in many homes, SH technology and services pose substantial opportunities, but also introduce new risks and change the pre-existing landscape. The dynamics of SHs are fundamentally changing home life and, thus, the risks associated with it. Today, research on SH risks is primarily conducted in the disciplines of information security and technology acceptance. As such, in this literature review we present a comprehensive analysis of the extant research on the identification, evaluation and treatment of SH risks. Our results show that research continues to be technology-focused. With SH, a technology itself, this is obvious. From a risk perspective, however, such a specific focus results in risks being overlooked and hence not being managed holistically. Looking into the findings of SH acceptance studies shows that lay users perceive certain risks differently than experts. Thus, interdisciplinary analysis of the qualified literature is important. Beyond the synopsis on emerging and pre-existing risks, we also summarize the learnings on risk evaluation and risk treatment methods. Thereby, our study contributes to aggregating the findings from research "silos" and provides a more comprehensive risk understanding. Overall, we identify various emerging risks, such as cyber security, privacy, and dependency risks, which households using SH are exposed to. Likewise, we identify existing risks, such as theft, fire, and water, which were already present in non-SH settings.
In complex systems, such as SHs, relationships and dependencies among risks emerge and are greatly relevant. Their occurrence depends on the usage context and the behavior of the user. At present, though, research ignores these relationships. Our review offers a starting point for future research in this field that should take both context and use of SHs into account, as well as distinguish different risk scenarios. In addition, findings from various methods should be aggregated. The current risk assessment research is undertaken with a narrow focus on selected risks, foremost isolated on cyber risks or relating to technology acceptance. Thus, the results form a relative prioritization of the risks under study and their drivers rather than a quantitative assessment of the probability and severity. In our review, we outline the influence that SH technology and services have on risks. However, a systematic assessment of all risks using the same metric is missing. This should also be considered in further research. After all, an assessment is a prerequisite, for SH providers and end-users, to make an informed choice of alternatives or on potential risk treatment measures. Finally, risk exposure considerably depends on the users' behavior. However, risk behavior has yet to become a focal point for SH risk research. Therefore, future research should take behavioral components into account, not only concerning acceptance, but also with regard to SH usage.
The limitations of this review stem largely from the objective of the research. The intended identification of risks in SH led to a large number of papers that provide partial assessment of the risks identified. Our study takes these risks up where available but is not conclusive. The same applies when taking a risk management perspective. As a literature review, this paper does not ensure a comprehensive systematic identification of risks. Moreover, there are inherent limitations in academic studies on technologies due to the lower speed of research getting published. Our review presents a current picture of the state of research that needs to be updated vis-à-vis the fast-evolving technology concept of SH.

Conflicts of Interest:
The authors declare no conflict of interest.

Appendix A
The following tables provide additional information. -At least half of all crime now committed online, IoT represents substantial part -Different IoT ecosystems suffer from this trend; home is heavily exposed to it -New types of crimes include burglary, stalking, sex crimes, and political subjugation Bondarev and Prokhorov (2017)   -Perceived risks divided into performance, financial, privacy, and psychological risk -Only minor differences when surveyed sample divided into postponers and rejecters -Exception forms perceived privacy risks and perceived financial risks   -Individuals ignore potential risks and focus on potential benefits from SH usage -Perceived privacy, performance, and time risk significantly influence ORP -Perceived security and financial risk have no influence on ORP -Time is a key factor when dealing with domestic damages -Cost of damage increases at rate of USD 3000 per fire per minute of response time -Predictive modeling around behavior within the home will become a key domain -Individual coverage concepts are complex and time consuming -Technology makes these concepts possible within retail and commercial space -Coverage to adapt automatically and real-time to changing life and risk situations -Threats mainly relate to privacy, inadequate access control and malware mitigation -Additional risks to hardware are theft, manipulation and sabotage -Overall, the end-user still represents one of the weakest links Note: The types of references are coded as follows. "A" = article, "B" = book, "I" = insurance magazine, "P" = proceeding paper, "R" = report. The columns "RI", "RE", and "RT" stand for = risk identification, risk evaluation, and risk treatment and insurance, respectively.
Cyber security Inadequate access control and malware mitigation directed to SHs' user behavior or software (e.g., poor user credentials, identity credential theft, unauthorized modification to systems) Specific attacks directed at the software-human interface (e.g., eavesdropping, DoS, DDoS) Damage experienced personally as a user or societal damage building on hijacked personal SH system High probability, as household-related crime shifts increasingly into the cyber space   (2017) Note: The dimensions in this table stem from the ISO 31000 standard on risk management (ISO, International Organization for Standardization 2018). "Source" refers to the element which alone or in combination has the potential to give rise to the risk. "Events" denotes the occurrence or change of a particular set of circumstances. "Consequences" are outcomes of an event affecting the objectives. "Likelihood" is the chance of something happening. "n.a." stands for not available and refers to the fact that no information relating to the dimension can be found in the body of literature.