Abstract: Covert channel analysis is one of the mandatory requirements of high-level trust evaluations. That IP covert timing channels utilize “time” as media to carry messages makes the eradication of IP covert timing channels on packets-switched networks, which is almost impossible. Hitherto, lack of a general mathematical model makes IP covert timing channels to be a tough job by which implement anonymous communication or information hiding among packets flows. As a result, in the past a few years, most of related works depended on the experiments and observations only. Based on the physical definition of time, IP covert timing channels are categorized as three types according to their different working methods. Furthermore, the mathematical models of IP covert timing channels of fixed-length time slots and inter-packets delays are built through the probability theory, respectively. In addition, the bandwidth function and error rate function of the network parameters for IP covert timing channels are derived. Experimental results show the correctness of the mathematical models as well as the theoretical analysis conclusions in the paper. The models of IP covert timing channels have formed a base on which some of researches in this area can be done through the formal analysis instead of the experimental observations only.