This paper addresses the opacity verification problem for Multi-Energy Timed Automata (METAs) under joint time-and-energy observations, aiming to prevent privacy leakage. To model varying attacker capabilities—such as knowledge of final energy levels, execution time bounds, or periodic energy measurements—we introduce an extended META model equipped with energy guards and generalize the timed automaton framework to support multi-dimensional energy variables and energy-based guard constraints. Theoretically, we prove that opacity verification is undecidable in the general case; however, we identify and characterize several key decidable subclasses corresponding to practically relevant observation patterns. Our approach enables precise modeling and formal verification of time-energy co-leakage, establishing the first systematic analytical framework for privacy preservation in resource-constrained real-time systems.

Cyber-physical systems can be subject to information leakage; in the presence of continuous variables such as time and energy, these leaks can be subtle to detect. We study here the verification of opacity problems over systems with observation over both timing and energy information. We introduce guarded multi-energy timed automata as an extension of timed automata with multiple energy variables and guards over such variables. Despite undecidability of this general formalism, we establish positive results over a number of subclasses, notably when the attacker observes the final energy and/or the execution time, but also when they have access to the value of the energy variables every time unit.