This work addresses the challenge of providing worst-case safety guarantees for cyber-physical systems subject to stochastic uncertainties, a limitation of existing approaches. Focusing on rectangular automata equipped with stochastic clocks, the paper proposes a novel method under an oracle scheduler that explicitly decouples randomness from nondeterminism in execution paths. This approach enables, for the first time, the computation of a sound lower bound on reachability probabilities—overcoming the prior restriction to upper bounds alone—and thereby supports formal safety verification under pessimistic scenarios. Evaluation on an electric vehicle charging case study demonstrates that the method effectively yields meaningful worst-case safety assurances with practical relevance.

Control applications for cyber-physical systems must make reliably safe control decisions in the presence of continuous dynamics as well as stochastic uncertainty. Providing safety guarantees for such systems requires formal modeling and analysis techniques that capture these aspects. For modeling, in this paper we consider rectangular automata with random clocks under prophetic scheduling. For this model class, existing methods can compute only upper bounds on reachability probabilities, enabling optimistic, best-case safety reasoning. We complement this view by introducing a novel method to compute lower bounds, thereby enabling worst-case analysis that is essential for safety-critical applications. Although both upper and lower bounds rely on reachability analysis, they are not dual: computing lower bounds requires an explicit separation of stochastic and nondeterministic choices along executions. We implement our approach and demonstrate its practical feasibility on an electric vehicle charging scenario, showing that meaningful worst-case guarantees can be obtained.