<p>Cyber-Physical Systems (CPS) operate in increasingly complex and security-critical environments where system faults, misconfigurations, and cyberattacks can compromise safety, availability, and operational integrity. This paper presents CROSS (Cross-platform Remediation and Observability Self-Healing System), a cloud-native, cross-platform approach that extends the self-healing paradigm beyond anomaly detection to encompass autonomous, security-aware remediation. Building upon the Log Intelligence and Self-Healing System (<span>LISH</span>)&#xa0;(Johnphill et&#xa0;al. 2023a), which utilised CountVectorizer and Multinomial Naive Bayes (<span>MNB</span>) for log-based anomaly classification, <span>CROSS</span> introduces a policy-driven remediation layer that executes context-specific recovery actions such as service restarts, system updates, device reboots, and configuration enforcement across Android, Linux, macOS, and Windows. Prometheus-based observability&#xa0;(Pai and Srinivas 2024) provides fine-grained telemetry on anomalies and remedial actions, enabling continuous monitoring, auditability, and adaptive security governance. Experimental evaluation demonstrates measurable reductions in mean time to recovery (MTTR) and improvements in anomaly containment and resilience across heterogeneous CPS environments.<BlockQuote> <p>Although CROSS includes mechanisms that are applicable to cybersecurity scenarios, the present evaluation focuses on operational anomalies rather than explicit attack-induced behaviours. Accordingly, its cybersecurity relevance is framed as an architectural capability, with empirical security benchmarking identified as future work. The proposed approach bridges the gap between anomaly detection and active cyber defence, embedding explainable, automated remediation within the operational lifecycle of CPS.</p> </BlockQuote></p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Cross: a cloud-native approach to automated remediation and self-healing in cyber-physical systems

  • Obinna Johnphill,
  • Ali Safaa Sadiq,
  • Omprakash Kaiwartya,
  • Mohammed Adam Taheir

摘要

Cyber-Physical Systems (CPS) operate in increasingly complex and security-critical environments where system faults, misconfigurations, and cyberattacks can compromise safety, availability, and operational integrity. This paper presents CROSS (Cross-platform Remediation and Observability Self-Healing System), a cloud-native, cross-platform approach that extends the self-healing paradigm beyond anomaly detection to encompass autonomous, security-aware remediation. Building upon the Log Intelligence and Self-Healing System (LISH) (Johnphill et al. 2023a), which utilised CountVectorizer and Multinomial Naive Bayes (MNB) for log-based anomaly classification, CROSS introduces a policy-driven remediation layer that executes context-specific recovery actions such as service restarts, system updates, device reboots, and configuration enforcement across Android, Linux, macOS, and Windows. Prometheus-based observability (Pai and Srinivas 2024) provides fine-grained telemetry on anomalies and remedial actions, enabling continuous monitoring, auditability, and adaptive security governance. Experimental evaluation demonstrates measurable reductions in mean time to recovery (MTTR) and improvements in anomaly containment and resilience across heterogeneous CPS environments.

Although CROSS includes mechanisms that are applicable to cybersecurity scenarios, the present evaluation focuses on operational anomalies rather than explicit attack-induced behaviours. Accordingly, its cybersecurity relevance is framed as an architectural capability, with empirical security benchmarking identified as future work. The proposed approach bridges the gap between anomaly detection and active cyber defence, embedding explainable, automated remediation within the operational lifecycle of CPS.