Abstract
Cyber-physical systems (CPS) integrate computation, networking, and physical processes, making them vulnerable to sophisticated attacks. Traditional anomaly detection methods are often too resource-intensive for embedded devices with limited computing power and memory. This paper proposes a lightweight anomaly detection framework tailored for CPS security, leveraging embedded intelligence through optimized machine learning models. The framework employs a hybrid feature selection technique and a compact one-class support vector machine (OCSVM) with kernel approximation to reduce computational overhead while maintaining detection accuracy. We evaluate the proposed method on two public CPS datasets (SWaT and WADI) and compare with state-of-the-art approaches. Results demonstrate that our approach achieves a detection rate of 96.2% with a false positive rate of 2.1%, while reducing model size by 60% and inference time by 45% compared to standard OCSVM. The framework is deployable on resource-constrained devices such as Raspberry Pi and ARM Cortex-M microcontrollers. This work highlights the potential of embedded intelligence for real-time CPS security monitoring.