A Industry 4.0 production line system and its Digital Twin under cyber attack

Citation Author(s):
Submitted by:
Lei Shi
Last updated:
Sun, 07/16/2023 - 01:45
Data Format:
0 ratings - Please login to submit your rating.


The real system in our experiment comprises four production stations: Pick and place, assembly, muscle compressing and sorting. These modular stations are controlled by Siemens PLC. This is the data gathered from a real manufacturing system and its Digital Twin data when under the denial of service attacks.

To simulate a scenario of the cyber-attack, a Denial of service (DoS) attack is launched on Siemens PLC. This attack was aimed at creating delays in the system's response and increasing the cycle time of the PLC. Data was recorded when the system was running normally as well as under attack, and the dataset was stored in a CSV file. In the dataset, each row is marked as "Normal" when the system is running normally and as "Abnormal" when it is under attack.

Each sample in Dataset A contains 62 data points, while Dataset B contains 58 data points. These data points represent sensor readings, actuator statuses, timing information, throughput time, and PLC parameters of the four stations, including the process of pick and place, loading, air pressing, controlling panels, sorting and so forth.

These datasets were created with varying levels of information and fidelity. Compared with dataset A, dataset B contains additional information, specifically the throughput time of each station.


There are two csv files. One is the data collected when the real system is under attack. Another one is the data collected when its digital twin is under attack. Each row has been marked as normal or under attack. They can be directly fed into the machine learning algorithms.