Explainable AI-Augmented DevSecOps for Secure and Reproducible Cloud-Native Research Software
摘要
Current DevSecOps automation for cloud-native applications relies on black-box machine learning models that lack transparency and formal reproducibility guarantees essential for research software validation. This paper presents the first unified framework integrating explainable artificial intelligence (XAI) throughout CI/CD pipelines while enforcing continuous reproducibility auditing. Our key contributions include: (1) novel XAI modules providing human-readable explanations for vulnerability detection, policy compliance, and anomaly identification; (2) a mathematical utility function \(U(Q) = \alpha (1-S(Q)) + (1-\alpha )R(Q)\) that jointly optimizes security risk and reproducibility; and (3) automated reproducibility checkpoints with environment snapshotting and result verification. Evaluation across fintech and climate simulation domains demonstrates substantial improvements: 62.5% reduction in mean time to remediate critical vulnerabilities (4.0 to 1.5 days), reproducibility rates increasing from 70–80% to 95–100%, and 16,000 \(\times \) return on investment through proactive security prevention. The framework addresses the transparency-security-reproducibility trilemma, enabling trustworthy innovation in cloud-native research software.