The deployment of a Network Intrusion Detection System (NIDS) is one of the imperatives for the control of an information system. Today, almost all intrusion detection systems are based on a static vision of network exchanges, whether for detection engines based on signatures or on behavioral models. However, this approach is limited: it does not allow to directly take into account past exchanges and thus to fully model normal or abnormal behavior, such as verifying that an authentication has taken place before authorizing a privileged request or detecting a replay attack. We propose to add an additional dimension to NIDS by performing stateful monitoring of communication protocols. Unified Modeling Language (UML) statecharts have been chosen to model the protocols and to perform the stateful monitoring. An implementation of this solution is integrated within an existing NIDS and validated on two industrial protocols IEC 60870-5-104 and Modbus TCP. This implementation has been realiz ed by dissociating the stateful monitoring and the NIDS with the help of an abstraction interface allowing an easy integration of new communication protocols