This work proposes a lightweight and interpretable intrusion detection system based on the Tsetlin Machine to address the complex security threats arising from the high interconnectivity of the Internet of Medical Things (IoMT). By modeling attack behaviors through propositional logic rules, the approach introduces the Tsetlin Machine to the IoMT domain for the first time, enabling low-latency, real-time inference on resource-constrained edge devices such as Raspberry Pi. The system offers multi-level transparent decision explanations through feature contributions, class-specific voting patterns, and clause activation heatmaps. Evaluated on the MedSec-25 dataset, it achieves an accuracy of 97.83%, significantly outperforming current state-of-the-art methods while effectively balancing high detection accuracy, interpretability, and on-device deployment capability.

The rapid evolution of digital health technologies is redefining healthcare services worldwide. The integration of wireless communication and Internet-enabled medical devices within Internet of Medical Things (IoMT) networks enables continuous, real-time patient monitoring. However, this increased connectivity raises cybersecurity and patient safety risks due to increasingly sophisticated cyberattacks. This paper proposes a novel on-device, interpretable Tsetlin Machine (TM)-based Intrusion Detection System (IDS) to identify various phases of cyberattacks in IoMT environments. The TM is a rule-driven and transparent machine learning (ML) approach that represents attack patterns using propositional logic. Extensive evaluations on the MedSec-25 dataset, encompassing various phases of realistic cyberattacks, show that the proposed model outperforms ML models and state-of-the-art methods, attaining a classification performance of 97.83\%. Moreover, the proposed model offers explicit explanations of its decisions to enhance transparency using feature-level contributions, class-wise vote scores, and clause activation heatmaps. Edge deployment (Raspberry Pi) further supports real-time on-device inference and intrusion detection. The combination of interpretability and high performance makes the proposed model well-suited for IoMT healthcare, where trust, reliability, safety, and timely decision-making are critical.