This paper discusses a generic missile defense system model used for examining impacts of cyber-attacks against the system. As cyber-warfare has become nearly ubiquitous in military theaters throughout the world, there exists a growing need to improve the cyber resiliency of defense systems. However, analysis of the potential vulnerabilities of these systems presents a multitude of barriers when such analysis necessitates the use of the physical system itself. For missile defense systems, barriers range from accessibility of the systems to the risk of physical harm. Virtual models, such as the one outlined in this paper, provide invaluable, low cost, repeatable analysis. 

The model is designed to be modular and scalable, allowing a wide variety of missile defense systems and scenarios to be emulated. Modeling each component’s physical, state, and networking characteristics to a high level of fidelity allows for the identification and exploitation of vulnerabilities and observation of the consequences within the system. The model was developed using open source information and insight from missile defense experts and incorporates three types of components. Two of these, the Radar and Launcher, allow a variable number of each to be included in a given simulation. Additionally, a single Command and Control unit interacts with and instructs each Radar and Launcher. These components form isolated nodes on a network that employs communication protocols representative of those in real systems. A Simulink model provides physical data of incoming ballistic threats and launched interceptors, which stimulates and interacts with the system in real time. The model has been used to analyze the propagation of malware and its effects throughout missile defense systems. The data generated by logging component states and capturing network traffic during this analysis has informed the development of machine learning algorithms for the detection of cyber-attacks.