Real-time cybersecurity and privacy systems in critical infrastructure (e.g., airports, hospitals, oil pipelines) face challenges in modeling and verifying adversarial attacks under stringent timing constraints. Method: We propose Temporal Obligation Logic (TOL), the first formal framework extending obligation logic to real-time dynamic games, enabling precise and compact modeling of attacker–defender strategy interactions with real-time constraints—without increasing computational complexity. Contribution/Results: Based on TOL, we develop a PSPACE-complete verification algorithm that efficiently checks critical real-time security properties—including temporal confidentiality and response timeliness—achieving computational complexity comparable to classical temporal logics, thus attaining theoretical optimality. This work establishes a new paradigm for security verification of real-time embedded systems, balancing expressive power with decidability.

Real-time cybersecurity and privacy applications require reliable verification methods and system design tools to ensure their correctness. Many of these reactive real-time applications embedded in various infrastructures, such as airports, hospitals, and oil pipelines, are potentially vulnerable to malicious cyber-attacks. Recently, a growing literature has recognized Timed Game Theory as a sound theoretical foundation for modeling strategic interactions between attackers and defenders. This paper proposes Timed Obstruction Logic (TOL), an extension of Obstruction Logic (OL), a formalism for verifying specific timed games with real-time objectives unfolding in dynamic models. These timed games involve players whose discrete and continuous actions can impact the underlying timed game model. We show that TOL can be used to describe important timed properties of real-time cybersecurity games. Finally, in addition to introducing our new logic and adapting it to specify properties in the context of cybersecurity, we provide a verification procedure for TOL and show that its complexity is PSPACE-complete, meaning that it is not higher than that of classical timed temporal logics like TCTL. Thus, we increase the expressiveness of properties without incurring any cost in terms of complexity.