: Development of industrial network from isolated architectures to architectures connected to internet like SCADA, leads to an increase in security threats in these networks. Development of protocols in the field of automation is affected by the IT field. The TCP/IP structure has affected protocols in automation field so that updated versions of automation protocols are based on TCP/IP structure. By employing this structure, known security challenges in the IT field have entered to industrial networks. The importance of the issues has become more clear by revealing threats aimed to industrial networks based on PROFIBUS such as stuxnet. Many efforts have been done in IT field or independently based on Industrial networks for maintenance of ecure operation of these networks. These efforts include two approaches: extending common intrusion detection systems of the IT field to industrial networks, and offering dedicated networks for these systems. The importance of performing a study on PROFIBUS protocol will become clear considering the fact that it is the most applicable protocol in industrial automation systems of our country. As it is widely employed, designing suitable intrusion detection system for this category of protocols is necessary for secure operation of industrial networks. In this research, Snort intrusion detection system has been extended for industrial network based on PROFINET, so it can identify start up of traffic of PROFINET networks. Applying preprocessor module, the intrusion detection system detect Profinet/Dcp packets and specifies packets generated by the attacking source by generating alerts. Beside, Snort intrusion detection engine is developed by checking Profinet/Dcp packets, so exiting rules for profinet/Dcp packets can be extended in PROFINET industrial network. Keywords: Snort, Profinet, Industrial Network