{"id":"https://openalex.org/W7130944294","doi":"https://doi.org/10.1186/s42400-026-00549-8","title":"Cross: a cloud-native approach to automated remediation and self-healing in cyber-physical systems","display_name":"Cross: a cloud-native approach to automated remediation and self-healing in cyber-physical systems","publication_year":2026,"publication_date":"2026-02-22","ids":{"openalex":"https://openalex.org/W7130944294","doi":"https://doi.org/10.1186/s42400-026-00549-8"},"language":"en","primary_location":{"id":"doi:10.1186/s42400-026-00549-8","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s42400-026-00549-8","pdf_url":"https://link.springer.com/content/pdf/10.1186/s42400-026-00549-8.pdf","source":{"id":"https://openalex.org/S3035238565","display_name":"Cybersecurity","issn_l":"2523-3246","issn":["2523-3246"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Cybersecurity","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://link.springer.com/content/pdf/10.1186/s42400-026-00549-8.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5092493832","display_name":"Obinna Johnphill","orcid":"https://orcid.org/0000-0001-8373-0727"},"institutions":[{"id":"https://openalex.org/I52590639","display_name":"Nottingham Trent University","ror":"https://ror.org/04xyxjd90","country_code":"GB","type":"education","lineage":["https://openalex.org/I52590639"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Obinna Johnphill","raw_affiliation_strings":["Cyber Security Research Group (CSRG), Department of Computer Science, Nottingham Trent University, Clifton Lane, Nottingham, NG11 8NS, UK"],"affiliations":[{"raw_affiliation_string":"Cyber Security Research Group (CSRG), Department of Computer Science, Nottingham Trent University, Clifton Lane, Nottingham, NG11 8NS, UK","institution_ids":["https://openalex.org/I52590639"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5003286788","display_name":"Ali Safaa Sadiq","orcid":null},"institutions":[{"id":"https://openalex.org/I52590639","display_name":"Nottingham Trent University","ror":"https://ror.org/04xyxjd90","country_code":"GB","type":"education","lineage":["https://openalex.org/I52590639"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Ali Safaa Sadiq","raw_affiliation_strings":["Cyber Security Research Group (CSRG), Department of Computer Science, Nottingham Trent University, Clifton Lane, Nottingham, NG11 8NS, UK"],"affiliations":[{"raw_affiliation_string":"Cyber Security Research Group (CSRG), Department of Computer Science, Nottingham Trent University, Clifton Lane, Nottingham, NG11 8NS, UK","institution_ids":["https://openalex.org/I52590639"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5126567580","display_name":"Omprakash Kaiwartya","orcid":null},"institutions":[{"id":"https://openalex.org/I52590639","display_name":"Nottingham Trent University","ror":"https://ror.org/04xyxjd90","country_code":"GB","type":"education","lineage":["https://openalex.org/I52590639"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Omprakash Kaiwartya","raw_affiliation_strings":["Cyber Security Research Group (CSRG), Department of Computer Science, Nottingham Trent University, Clifton Lane, Nottingham, NG11 8NS, UK"],"affiliations":[{"raw_affiliation_string":"Cyber Security Research Group (CSRG), Department of Computer Science, Nottingham Trent University, Clifton Lane, Nottingham, NG11 8NS, UK","institution_ids":["https://openalex.org/I52590639"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5055031651","display_name":"Mohammed Adam Taheir","orcid":null},"institutions":[{"id":"https://openalex.org/I3130857668","display_name":"University of Zalingei","ror":"https://ror.org/042x9qq51","country_code":"SD","type":"education","lineage":["https://openalex.org/I2799859618","https://openalex.org/I3130857668"]}],"countries":["SD"],"is_corresponding":false,"raw_author_name":"Mohammed Adam Taheir","raw_affiliation_strings":["Faculty of Technology Sciences, Zalingei University, Zalingei, Sudan"],"affiliations":[{"raw_affiliation_string":"Faculty of Technology Sciences, Zalingei University, Zalingei, Sudan","institution_ids":["https://openalex.org/I3130857668"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5003286788"],"corresponding_institution_ids":["https://openalex.org/I52590639"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.52581361,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"9","issue":"1","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.7182999849319458,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.7182999849319458,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.05530000105500221,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.028699999675154686,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.7330999970436096},{"id":"https://openalex.org/keywords/observability","display_name":"Observability","score":0.699999988079071},{"id":"https://openalex.org/keywords/resilience","display_name":"Resilience (materials science)","score":0.49399998784065247},{"id":"https://openalex.org/keywords/it-service-continuity","display_name":"IT service continuity","score":0.4334000051021576},{"id":"https://openalex.org/keywords/benchmarking","display_name":"Benchmarking","score":0.37790000438690186},{"id":"https://openalex.org/keywords/service","display_name":"Service (business)","score":0.37209999561309814},{"id":"https://openalex.org/keywords/relevance","display_name":"Relevance (law)","score":0.3619000017642975},{"id":"https://openalex.org/keywords/critical-infrastructure","display_name":"Critical infrastructure","score":0.33410000801086426}],"concepts":[{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.7330999970436096},{"id":"https://openalex.org/C36299963","wikidata":"https://www.wikidata.org/wiki/Q1369844","display_name":"Observability","level":2,"score":0.699999988079071},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5367000102996826},{"id":"https://openalex.org/C2779585090","wikidata":"https://www.wikidata.org/wiki/Q3457762","display_name":"Resilience (materials science)","level":2,"score":0.49399998784065247},{"id":"https://openalex.org/C67069471","wikidata":"https://www.wikidata.org/wiki/Q1140205","display_name":"IT service continuity","level":2,"score":0.4334000051021576},{"id":"https://openalex.org/C86251818","wikidata":"https://www.wikidata.org/wiki/Q816754","display_name":"Benchmarking","level":2,"score":0.37790000438690186},{"id":"https://openalex.org/C2780378061","wikidata":"https://www.wikidata.org/wiki/Q25351891","display_name":"Service (business)","level":2,"score":0.37209999561309814},{"id":"https://openalex.org/C158154518","wikidata":"https://www.wikidata.org/wiki/Q7310970","display_name":"Relevance (law)","level":2,"score":0.3619000017642975},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3424000144004822},{"id":"https://openalex.org/C29852176","wikidata":"https://www.wikidata.org/wiki/Q373338","display_name":"Critical infrastructure","level":2,"score":0.33410000801086426},{"id":"https://openalex.org/C77019957","wikidata":"https://www.wikidata.org/wiki/Q2689057","display_name":"Dependability","level":2,"score":0.3292999863624573},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.3248000144958496},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.31850001215934753},{"id":"https://openalex.org/C201995342","wikidata":"https://www.wikidata.org/wiki/Q682496","display_name":"Systems engineering","level":1,"score":0.2879999876022339},{"id":"https://openalex.org/C12997251","wikidata":"https://www.wikidata.org/wiki/Q567560","display_name":"Anomaly (physics)","level":2,"score":0.28130000829696655},{"id":"https://openalex.org/C31170391","wikidata":"https://www.wikidata.org/wiki/Q188619","display_name":"Hierarchy","level":2,"score":0.28130000829696655},{"id":"https://openalex.org/C113863187","wikidata":"https://www.wikidata.org/wiki/Q17498","display_name":"SCADA","level":2,"score":0.27810001373291016},{"id":"https://openalex.org/C2780428219","wikidata":"https://www.wikidata.org/wiki/Q16952335","display_name":"Cover (algebra)","level":2,"score":0.2752000093460083},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.274399995803833},{"id":"https://openalex.org/C2777019822","wikidata":"https://www.wikidata.org/wiki/Q390066","display_name":"Containment (computer programming)","level":2,"score":0.25999999046325684},{"id":"https://openalex.org/C200601418","wikidata":"https://www.wikidata.org/wiki/Q2193887","display_name":"Reliability engineering","level":1,"score":0.2508000135421753}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1186/s42400-026-00549-8","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s42400-026-00549-8","pdf_url":"https://link.springer.com/content/pdf/10.1186/s42400-026-00549-8.pdf","source":{"id":"https://openalex.org/S3035238565","display_name":"Cybersecurity","issn_l":"2523-3246","issn":["2523-3246"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Cybersecurity","raw_type":"journal-article"},{"id":"pmh:oai:irep.ntu.ac.uk:55071","is_oa":false,"landing_page_url":null,"pdf_url":null,"source":{"id":"https://openalex.org/S4306400559","display_name":"Nottingham Trent University's Institutional Repository (Nottingham Trent Repository)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I52590639","host_organization_name":"Nottingham Trent University","host_organization_lineage":["https://openalex.org/I52590639"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"acceptedVersion","is_accepted":true,"is_published":false,"raw_source_name":null,"raw_type":"PeerReviewed"},{"id":"pmh:oai:doaj.org/article:69ab36c48c774a8fb3f150b160cdb458","is_oa":true,"landing_page_url":"https://doaj.org/article/69ab36c48c774a8fb3f150b160cdb458","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Cybersecurity, Vol 9, Iss 1 (2026)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1186/s42400-026-00549-8","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s42400-026-00549-8","pdf_url":"https://link.springer.com/content/pdf/10.1186/s42400-026-00549-8.pdf","source":{"id":"https://openalex.org/S3035238565","display_name":"Cybersecurity","issn_l":"2523-3246","issn":["2523-3246"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Cybersecurity","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320311701","display_name":"Nottingham Trent University","ror":"https://ror.org/04xyxjd90"},{"id":"https://openalex.org/F4320319941","display_name":"Trent University","ror":"https://ror.org/03ygmq230"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W7130944294.pdf","grobid_xml":"https://content.openalex.org/works/W7130944294.grobid-xml"},"referenced_works_count":17,"referenced_works":["https://openalex.org/W2897660303","https://openalex.org/W2955636261","https://openalex.org/W3177208329","https://openalex.org/W4283736653","https://openalex.org/W4313051232","https://openalex.org/W4384694727","https://openalex.org/W4385694441","https://openalex.org/W4385695873","https://openalex.org/W4386159989","https://openalex.org/W4386214303","https://openalex.org/W4388212317","https://openalex.org/W4388483449","https://openalex.org/W4388925133","https://openalex.org/W4402190641","https://openalex.org/W4403601400","https://openalex.org/W4404250799","https://openalex.org/W6912092435"],"related_works":[],"abstract_inverted_index":{"Abstract":[0],"Cyber-Physical":[1],"Systems":[2],"(CPS)":[3],"operate":[4],"in":[5,135,143],"increasingly":[6],"complex":[7],"and":[8,15,21,30,56,69,99,106,111,119,126,141,146,201],"security-critical":[9],"environments":[10],"where":[11],"system":[12,95],"faults,":[13],"misconfigurations,":[14],"cyberattacks":[16],"can":[17],"compromise":[18],"safety,":[19],"availability,":[20],"operational":[22,167,211],"integrity.":[23],"This":[24],"paper":[25],"presents":[26],"CROSS":[27,80,153],"(Cross-platform":[28],"Remediation":[29],"Observability":[31],"Self-Healing":[32,57],"System),":[33],"a":[34,82],"cloud-native,":[35],"cross-platform":[36],"approach":[37,194],"that":[38,86,156],"extends":[39],"the":[40,53,162,196,210],"self-healing":[41],"paradigm":[42],"beyond":[43],"anomaly":[44,78,144,199],"detection":[45,200],"to":[46,138,159],"encompass":[47],"autonomous,":[48],"security-aware":[49],"remediation.":[50],"Building":[51],"upon":[52],"Log":[54],"Intelligence":[55],"System":[58],"(":[59,73],"LISH":[60],")":[61,75],"(Johnphill":[62],"et":[63],"al.":[64],"2023a),":[65],"which":[66],"utilised":[67],"CountVectorizer":[68],"Multinomial":[70],"Naive":[71],"Bayes":[72],"MNB":[74],"for":[76],"log-based":[77],"classification,":[79],"introduces":[81],"policy-driven":[83],"remediation":[84,208],"layer":[85],"executes":[87],"context-specific":[88],"recovery":[89,139],"actions":[90],"such":[91],"as":[92,180,189],"service":[93],"restarts,":[94],"updates,":[96],"device":[97],"reboots,":[98],"configuration":[100],"enforcement":[101],"across":[102,148],"Android,":[103],"Linux,":[104],"macOS,":[105],"Windows.":[107],"Prometheus-based":[108],"observability":[109],"(Pai":[110],"Srinivas":[112],"2024)":[113],"provides":[114],"fine-grained":[115],"telemetry":[116],"on":[117,166],"anomalies":[118,168],"remedial":[120],"actions,":[121],"enabling":[122],"continuous":[123],"monitoring,":[124],"auditability,":[125],"adaptive":[127],"security":[128,186],"governance.":[129],"Experimental":[130],"evaluation":[131,164],"demonstrates":[132],"measurable":[133],"reductions":[134],"mean":[136],"time":[137],"(MTTR)":[140],"improvements":[142],"containment":[145],"resilience":[147],"heterogeneous":[149],"CPS":[150],"environments.":[151],"Although":[152],"includes":[154],"mechanisms":[155],"are":[157],"applicable":[158],"cybersecurity":[160,176],"scenarios,":[161],"present":[163],"focuses":[165],"rather":[169],"than":[170],"explicit":[171],"attack-induced":[172],"behaviours.":[173],"Accordingly,":[174],"its":[175],"relevance":[177],"is":[178],"framed":[179],"an":[181],"architectural":[182],"capability,":[183],"with":[184],"empirical":[185],"benchmarking":[187],"identified":[188],"future":[190],"work.":[191],"The":[192],"proposed":[193],"bridges":[195],"gap":[197],"between":[198],"active":[202],"cyber":[203],"defence,":[204],"embedding":[205],"explainable,":[206],"automated":[207],"within":[209],"lifecycle":[212],"of":[213],"CPS.":[214]},"counts_by_year":[],"updated_date":"2026-03-20T23:20:44.827607","created_date":"2026-02-23T00:00:00"}