Scribd
Upload
9 views

Modbus Protocol (1)

Modbus is a communication protocol developed for industrial automation, utilizing a master-slave architecture for data exchange over various networks. It operates through a request-reply mechanism and supports multiple communication modes, including unicast and broadcast. The protocol encompasses different types, such as Modbus RTU, ASCII, and TCP, and employs registers for data handling, with specific function codes for accessing these registers.

Uploaded by

akarshr233
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
9 views

Modbus Protocol (1)

Modbus is a communication protocol developed for industrial automation, utilizing a master-slave architecture for data exchange over various networks. It operates through a request-reply mechanism and supports multiple communication modes, including unicast and broadcast. The protocol encompasses different types, such as Modbus RTU, ASCII, and TCP, and employs registers for data handling, with specific function codes for accessing these registers.

Uploaded by

akarshr233
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 8

Modbus Protocol

Modbus is a communication protocol developed in 1979 by Modicon (now Schneider Electric) for use
with its programmable logic controllers (PLCs). It is a master-slave or client-server protocol designed
for industrial automation systems to communicate over various types of networks, including serial (RS-
232, RS-485) and TCP/IP-based networks.

The Modbus protocol exchanges information using a request-reply mechanism between a master
(client) and a slave (server). The master-slave principle is a model for a communication protocol in
which one device (the master) controls one or more other devices (the slaves). In a standard Modbus
network, there is 1 master and up to 31 slaves.

The Query–Response Cycle

The Query: The function code in the query tells the addressed slave device what kind of action to
perform. The data bytes contain any additional information that the slave will need to perform the
function. For example, function code 03 will query the slave to read holding registers and respond with
their contents. The data field must contain the information telling the slave which register to start at
and how many registers to read. The error check field provides a method for the slave to validate the
integrity of the message contents.

The Response: If the slave makes a normal response, the function code in the response is an echo of
the function code in the query. The data bytes contain the data collected by the slave, such as
register values or status. If an error occurs, the function code is modified to indicate that the
response is an error response, and the data bytes contain a code that describes the error. The error
check field allows the master to confirm that the message contents are valid.
Characteristics of the Master-Slave Principle

The master-slave principle is characterized as follows:

• Only 1 master is connected to the network at a time.


• Only the master can initiate communication and send requests to the slaves.
• The master can address each slave individually using its specific address or all slaves
simultaneously using address 0.
• The slaves can only send replies to the master.
• The slaves cannot initiate communication, either to the master or to other slaves.

Master-Slave Communication Modes

The Modbus protocol can exchange information using 2 communication modes:

• unicast mode
• broadcast mode

Unicast Mode
In unicast mode, the master addresses a slave using the specific address of the slave. The slave
processes the request then replies to the master.

1 Request
2 Process
3 Reply
Broadcast Mode
The master can also address all slaves using address 0. This type of exchange is called broadcasting.
The slaves do not reply to broadcasting messages.

Modbus communication types

Modbus can be grouped into three broad types:

1. Modbus RTU

2. Modbus ASCII

3. Modbus TCP

Modbus registers

Modbus makes use of registers in sending the different types of data. Some of the registers used in
Modbus include the following;

1. Discrete inputs (contacts): Discrete inputs are bit contact registers, and they can only be read.
They can best be described as the contacts in PLC programming.

2. Discrete Outputs (Coils): Coils are one-bit registers used as outputs. They are both read and
write registers.

3. Input registers: Inputs registers are 16-bit registers used for inputs. They are read only.

4. Holding registers: Holding registers are 16-bit registers that are both read and write. They are
the most universal register as they can be used for inputs, outputs, and for holding any kind of
data.
Modbus function codes

The Modbus protocol specifies the number of function codes that can be used to access Modbus
registers. Modbus defines four separate data blocks, each with addresses or register numbers that
overlap. As a result, both the address (or register number) and the function code are required to
comprehensively explain where to find a piece of data (or register type).

The function codes recognized by Modbus are listed in the table below. Although this is not an
exhaustive list of function codes, they are the most used and important ones to familiarize with.

Modbus error (exception) code explanation

When a Modbus slave detects a packet but concludes that the request contains an error, it responds
with an exception code rather than a data response. The slave address or unit number, a copy of the
function code with the high bit set, and an exception code make up the exception reply.
Modbus RTU Data Frame:

Modbus RTU (Remote Terminal Unit), which is the most common implementation available for
Modbus, makes use of a compact, binary representation of the data for protocol communication. The
RTU format follows a cyclic redundancy check (CRC) checksum as an error check mechanism to ensure
the reliability of data. Each byte (8 bits) of data is sent as 11 bits:

• 1 start bit
• 8bit data/message, least significant bit sent first
• 1 bit parity
• 1 stop bit
Serial Communication: Modbus RTU typically operates over:
• RS-232: Point-to-point communication (between one master and one slave). Up to 15 meters
(50 feet).
• RS-485: Multi-drop communication (one master and up to 247 slaves) on the same network.
Up to 1,200 meters (4,000 feet), depending on baud rate.
Modbus TCP/IP Data Frame:

MODBUS TCP/IP ADU = MBAP Header + Function code + Data

Where MBAP - which stands for MODBUS Application Protocol header - is the dedicated header used
on TCP/IP to identify the MODBUS Application Data Unit.

With PDU = Function code + data

• Address is slave address

• PDU is defined identically to the PDU of Modbus Application protocol

• The Error check field with CRC/LRC: The error check methods depend on the protocol versions
of the MODBUS over Serial Line, whether it is Modbus RTU or Modbus ASCII.
The MBAP Header contains the following fields:

A MODBUS TCP/IP ADU/Modbus TCP frame format then will be:


Modbus TCP/IP does not include a separate error check like the CRC (Cyclic Redundancy Check) or LRC
(Longitudinal Redundancy Check) that are used in Modbus RTU and Modbus ASCII. This is because
Modbus TCP/IP relies on the TCP/IP layer for error detection and correction.

Integrate Modbus with Aveva Platform:

You might also like