Addressing trust concerns in Smart Home (SH) systems is imperative due to the limited study on preservation approaches that focus on analyzing and evaluating privacy threats for effective risk management. While most research focuses primarily on user privacy, device data privacy, especially identity privacy, is almost neglected, which can significantly impact overall user privacy within the SH system. To this end, our study incorporates privacy engineering (PE) principles in the SH system that consider user and device data privacy. We start with a comprehensive reference model for a typical SH system. Based on the initial stage of LINDDUN PRO for the PE framework, we present a data flow diagram (DFD) based on a typical SH reference model to better understand SH system operations. To identify potential areas of privacy threat and perform a privacy threat analysis (PTA), we employ the LINDDUN PRO threat model. Then, a privacy impact assessment (PIA) was carried out to implement privacy risk management by prioritizing privacy threats based on their likelihood of occurrence and potential consequences. Finally, we suggest possible privacy enhancement techniques (PETs) that can mitigate some of these threats. The study aims to elucidate the main threats to privacy, associated risks, and effective prioritization of privacy control in SH systems. The outcomes of this study are expected to benefit SH stakeholders, including vendors, cloud providers, users, researchers, and regulatory bodies in the SH systems domain.

翻译：解决智能家居系统中的信任问题至关重要，因为当前针对隐私威胁分析与评估的有效风险管理方法研究有限。现有研究主要关注用户隐私，而设备数据隐私（尤其是身份隐私）几乎被忽视，这会显著影响智能家居系统的整体用户隐私。为此，本研究将隐私工程原则融入智能家居系统，综合考虑用户与设备数据隐私。我们首先构建了典型智能家居系统的综合参考模型。基于LINDDUN PRO隐私工程框架的初始阶段，我们以典型智能家居参考模型为基础提出数据流图，以深入理解系统运行机制。采用LINDDUN PRO威胁模型识别潜在隐私威胁区域并进行隐私威胁分析，随后通过隐私影响评估实施隐私风险管理，依据威胁发生概率与潜在后果的优先级排序。最后，我们提出可缓解部分威胁的潜在隐私增强技术。本研究旨在阐明智能家居系统的主要隐私威胁、相关风险及隐私控制的有效优先级排序。研究结果预计将惠及智能家居系统领域的供应商、云服务商、用户、研究人员及监管机构等利益相关方。