The Clock Constraint Specification Language (CCSL) is a clock-based formalism for the specification and analysis of real-time embedded systems. The major goal of schedulability analysis of CCSL specifications is to solve the schedule problem, which is to answer ‘whether there exists a clock behaviour (also called a ‘schedule’) that conforms to a given CCSL specification'. Existing works on schedulability analysis of CCSL specifications are mainly based on model checking or SMT-solving. In this paper, however, we propose a theorem-proving approach to the problem. To this end, we define a clock-based dynamic logic (cDL) in which we can specify the clock behaviours and the clock relations in CCSL. With cDL, given a CCSL specification SP, we can express its schedule problem as a cDL formula ${\varphi }_{sp}$. Then solving the schedule problem is equivalent to checking the validity of ${\varphi }_{sp}$ in the proof system of cDL. By analyzing the proof tree of ${\varphi }_{sp}$, we can generate a concrete schedule satisfying SP. Compared to the previous approaches, our method is not limited to special types of CCSL specifications and schedules and does not depend on the bounds that are set for approximate checking. We implement our cDL in Coq. We use an example throughout the paper to illustrate our method.

时钟约束规范语言（CCSL）是基于时钟的形式，用于规范和分析实时嵌入式系统。CCSL规范的可调度性分析的主要目标是解决调度问题，即回答“是否存在符合给定CCSL规范的时钟行为（也称为“调度”）”。现有的CCSL规范可调度性分析工作主要基于模型检查或SMT求解。但是，在本文中，我们提出了针对该问题的定理证明方法。为此，我们定义了基于时钟的动态逻辑（cDL），在其中我们可以指定CCSL中的时钟行为和时钟关系。使用cDL，给定CCSL规范SP，我们可以将其调度问题表示为cDL公式${\varphi }_{sp}$。那么解决调度问题就等于检查了${\varphi }_{sp}$在cDL的证明系统中。通过分析证明树${\varphi }_{sp}$，我们可以生成一个满足SP的具体进度表。与以前的方法相比，我们的方法不限于特殊类型的CCSL规范和时间表，并且不依赖于为近似检查设置的范围。我们在Coq中实现cDL。我们在全文中使用一个示例来说明我们的方法。