In mission-critical supply chain systems, rapid detection and mitigation of cyber threats are essential to maintain operational continuity and resilience. As supply chains become more interconnected and driven by IoT, AI analytics, and cloud-based logistics, traditional security solutions in CPS are increasingly inadequate against emerging and adaptive threats. Most current solutions lack automated self-healing features, which can lengthen recovery times and reduce operational risks. To overcome these limitations, we propose a self-healing mechanism using Graph Neural Networks (GNNs) for anomaly detection and autonomous recovery. The supply chain is modeled as a dynamic graph, where nodes represent entities (e.g., suppliers, warehouses, and transport hubs) and edges capture logistical dependencies and communication channels. Using a GNN-based classifier trained on real-world supply chain data, our approach identifies compromised nodes with high precision. Upon anomaly detection, an automated healing module removes compromised nodes and restructures the network to ensure uninterrupted operations. We evaluate four GNN architectures: GCN, GAT, GraphSAGE, and GIN, on a real-world logistics dataset of approximately 9,200 orders (expanded to 13,800 via SMOTE). All models achieve over 99% detection accuracy and F1 score. GIN outperforms the others, reaching 99.7% accuracy, 99.6% F1, and a 99.8% recovery ratio with virtually no false removals. These results demonstrate that our self-healing GNN framework provides a robust, adaptive, and scalable defense for next-generation supply chain operations.
