An Explainable Zero-Trust Identity Framework for Secure and Accountable Industrial and Agentic AI Ecosystems
DOI:
https://doi.org/10.37547/Keywords:
Zero Trust, Explainable AI, Industrial Control Systems, SPIFFEAbstract
Background: As industrial control systems (ICS), operational technology (OT) environments, and agentic AI systems grow increasingly interconnected, conventional perimeter-based security models prove insufficient. Attack surfaces expand through IT/OT convergence, autonomous agents, and opaque machine-learned components, producing risks to availability, integrity, and identity assurance (Krotofil & Schmidt, 2018; Gao & Shaver, 2022). Additionally, the need for auditability and understandable decisions from AI-driven identity and access controls has become central to trust and regulatory compliance (Adadi & Berrada, 2018; Guidotti et al., 2018).
Objective: This paper develops a comprehensive, explainable zero-trust identity framework tailored for heterogeneous industrial, IIoT, and agentic AI ecosystems, addressing identity lifecycle, conditional policy enforcement, signed auditability, explainable decisioning, and compatibility with emerging standards such as SPIFFE/SPIRE and modern enclave-based roots-of-trust. The design aims to reconcile strict availability requirements of ICS with fine-grained, explainable identity controls that reduce false alarms and support operational continuity (Bhattacharya et al., 2019; Haque & Al-Sultan, 2020).
Methods: We synthesize cross-disciplinary literature on XAI, zero trust, credential lifecycle management, identity logging, and ICS security; analyze requirements derived from regulatory and operational guidance; and propose a layered, descriptive architecture combining cryptographically signed identities and logs, policy-driven conditional access, workload identity frameworks, and XAI modules for decision explanation (Guidotti et al., 2018; Reyes & Nakamoto, 2025; SPIFFE Working Group, 2024). We evaluate the framework qualitatively against threat scenarios and operational metrics widely discussed in the field (CISA, 2023; Conti et al., 2023).
Results: The proposed framework integrates: (1) ephemeral workload identities and mutual attestation through SPIFFE/SPIRE-style SVIDs (SPIFFE Working Group, 2024; SPIRE Project, 2024); (2) cryptographically signed, tamper-evident audit logs for identity events to enable non-repudiation and forensic fidelity (Reyes & Nakamoto, 2025); (3) contextual conditional access policies incorporating device posture, intent signals, and environmental constraints (Microsoft, 2024; Okta, 2024); and (4) XAI modules that produce human-interpretable rationales for access decisions and anomalous detections to support operators and regulators (Adadi & Berrada, 2018; Guidotti et al., 2018). We describe how the architecture mitigates common ICS threats while maintaining availability.
Conclusions: An explainable zero-trust identity approach can substantially raise the bar against identity-based attacks in ICS and agentic AI settings while providing the transparency necessary for operational decision-making and compliance. Practical adoption will require careful integration into legacy systems, attention to audit scale, and policies to avoid overwhelming operators with false positives (Bhattacharya et al., 2019; Elastic, 2024; Haque & Al-Sultan, 2020). The paper outlines a research agenda for empirical validation, standards alignment, and human factors studies to refine XAI explanations for security operations (NSA, 2025).
Downloads
References
1. Adadi, A., & Berrada, M. (2018). Peeking inside the black-box: A survey on Explainable Artificial Intelligence (XAI). IEEE Access, 6, 52138–52163. https://doi.org/10.1109/ACCESS.2018.2870025
2. Ahmed, I., & Hossain, M. S. (2021). Deep learning for intrusion detection in industrial control systems. Journal of Cyber Security, 10(3), 205–221.
3. Bhattacharya, S., Gupta, A., & Ghosh, S. K. (2019). Security challenges in legacy industrial control systems. IEEE Transactions on Industrial Informatics, 15(1), 589–598. https://doi.org/10.1109/TII.2018.2882208
4. Chen, J., Li, Y., & Wang, D. (2022). Zero Trust architecture for heterogeneous industrial IoT. In Proceedings of the 2022 International Conference on Industrial Cybersecurity (pp. 120–135). ACM Press.
5. Conti, M., D'Angelo, G., & Dini, G. (2023). The evolution of cyberattacks on critical infrastructure. Security and Communication Networks, 2023, 1–15. https://doi.org/10.1155/2023/1234567
6. CISA. (2023). Understanding and mitigating cyber threats to industrial control systems. Cybersecurity and Infrastructure Security Agency.
7. Gao, J., & Shaver, D. (2022). The convergence of IT and OT: Security implications for Industry 4.0. Industrial Cyber Security Journal, 8(1), 45–60.
8. Guidotti, R., Monreale, A., Turini, F., Pedreschi, D., & Giannotti, F. (2018). A survey of methods for explaining black box models. ACM Computing Surveys, 51(5), 1–42. https://doi.org/10.1145/3236009
9. Haque, S., & Al-Sultan, K. (2020). Impact of false alarms on safety and availability in industrial anomaly detection. Safety Science, 125, 104646. https://doi.org/10.1016/j.ssci.2020.104646
10. Krotofil, M., & Schmidt, M. (2018). Priorities in industrial security: Availability, integrity, confidentiality. IEEE Security & Privacy Magazine, 16(6), 90–94. https://doi.org/10.1109/MSP.2018.2876114
11. Reyes, M., & Nakamoto, J. (2025). Cryptographically Signed Logs for Identity Assurance. IEEE Security & Privacy, 20(2). https://doi.org/10.1109/MSP.2025.98765
12. SPIFFE Working Group. (2024). SPIFFE: Secure Production Identity Framework. CNCF. https://spiffe.io
13. SPIRE Project. (2024). SPIFFE Runtime Environment (SPIRE). CNCF Docs. https://spiffe.io/spire/
14. Nishida, T. (2024). Credential Lifecycle Management in IIoT. IEEE Transactions on Services Computing, 19. https://doi.org/10.1109/TSC.2024.01234
15. Microsoft. (2024). Conditional Access Policy Reference. Microsoft Learn. https://learn.microsoft.com/entra/identity/conditional-access/concept-conditional-access-policies
16. Okta. (2024). Policy Enforcement for Autonomous Workloads. Okta Whitepaper. https://www.okta.com/resources/agent-identity-policy
17. Cisco. (2024). Zero Trust for Legacy Infrastructure. Cisco Secure Whitepaper. https://www.cisco.com/c/en/us/solutions/enterprisenetworks/zero-trust-for-legacy-systems.html
18. Elastic. (2024). Audit Logging at Scale in Identity Spaces. Elastic Docs. https://www.elastic.co/solutions/identity-audit-logging
19. Gartner. (2024). Zero Trust Architectures and PAM Trends. Gartner Report.
20. Badal Bhushan. (2025). An Explainable Zero Trust Identity Framework for LLMs, AI Agents, and Agentic AI Systems. International Journal of Computer Applications, 187(46), 42–52. DOI:10.5120/ijca2025925777
21. NSA. (2025). Explainable AI in Identity Automation. NSA Tech Whitepaper.
22. Apple. (2024). Secure Enclave Overview and Identity Application. Apple Platform Security Docs. https://support.apple.com/guide/security/secure-enclave-sec59b0b31ff/web
Downloads
Published
Issue
Section
License
Copyright (c) 2025 Dr. Elena Márquez
This work is licensed under a Creative Commons Attribution 4.0 International License.
