Research on DoS Attack Detection Method of Modbus TCP in OpenPLC

With the development of new information technologies such as cloud computing, Internet of Things, and mobile Internet of Things, Industry 4.0, Smart Manufacturing and Made in China 2025 have been proposed as the main content of the development of the next industrial revolution. In order to realize these projects with the common characteristics of intelligence, service, and green, a new manufacturing model, digital twin, is proposed, which combines the digital twin with industrial systems, that is, the industrial control virtualization system. However, due to the frequent occurrence of industrial control system security incidents in recent years, the industrial control virtualization system is vulnerable to attacks. The industrial control system is huge and cumbersome. Once attacked, it will cause consequences that affect the whole body. In response to this problem, this article carried out a research on DoS attack detection methods for Modbus TCP in OpenPLC, using OpenPLC as a tool for industrial control system virtualization, building a digital twin system with Raspberry Pi, and launching DoS attacks on the system, combined with Snort Intrusion detection is carried out, and the experimental results show that the built digital twin system can detect DoS attacks in OpenPLC.