Abstract The progressive convergence of operational technology (OT) and information technology (IT) networks within the Industrial Internet of Things (IIoT) paradigm exposes cyber-physical systems (CPS) to unprecedented attack surfaces. Although modern machine learning (ML) models demonstrate outstanding statistical efficacy in network anomaly classification, their inherent black box architectures restrict real world deployment. Such opacity breeds operator alert fatigue and fails to comply with emerging transparent AI regulations, including the European Union AI Act. To address these challenges, this study develops and validates an edge native, real time intrusion detection and attribution architecture: the Temporal Causal Explainable AI Intrusion Detection System (TC-XAI-IDS). The proposed framework combines a lightweight quantized machine learning classifier with a temporal causal validation engine based on bivariate Vector Autoregression (VAR) and Granger causality. The classifier detects anomalous network behavior, while the causal analysis layer correlates cyber threat vectors with physical sensor telemetry, enabling differentiation between genuine cyberattacks and benign equipment or sensor anomalies. Unlike computationally expensive explainability techniques such as Kernel SHAP, the framework employs an optimized local decision-path feature attribution mechanism with linear time complexity O(K · Dmax), making it suitable for resource constrained edge devices. Experimental evaluation on a hardware in the loop (HIL) testbed using a Raspberry Pi 4 edge gateway achieved an F1 score of 96.4%, end to end latency of 11.8 ms, CPU utilization of 18.5%, and memory consumption of 175 MB. The results demonstrate that TC-XAI-IDS provides a mathematically rigorous, resource efficient, and regulatory compliant approach for real time cyber physical intrusion detection and explainable security monitoring at the industrial edge.