Modbus 1

ModbusModbus is a serial communications protocol originally published by Modicon (now Schneider Electric) in 1979 foruse with its programmable logic controllers (PLCs). Simple and robust, it has since become a de facto standardcommunication protocol, and it is now a commonly available means of connecting industrial electronic devices. Themain reasons for the use of Modbus in the industrial environment are:•• developed with industrial applications in mind•• openly published and royalty-free•• easy to deploy and maintain•• moves raw bits or words without placing many restrictions on vendorsModbus enables communication between many (approximately 240) devices connected to the same network, forexample a system that measures temperature and humidity and communicates the results to a computer. Modbus isoften used to connect a supervisory computer with a remote terminal unit (RTU) in supervisory control and dataacquisition (SCADA) systems. Many of the data types are named from its use in driving relays: a single-bit physicaloutput is called a coil, and a single-bit physical input is called a discrete input or a contact.The development and update of Modbus protocols has been managed by the Modbus Organization since April 2004,when Schneider Electric transferred rights to that organization, signaling a clear commitment to openness.

The Modbus Organization is an association formed of independent users and suppliers of Modbuscompliant devices that seeks to drive the adoption of the Modbus communication protocol suite, and itsevolution to address architectures for distributed automation systems across multiple market segments.

Communication and devicesEach device intended to communicate using Modbus is given a unique address. In serial and MB+ networks only thenode assigned as the Master may initiate a command, but on Ethernet, any device can send out a Modbus command,although usually only one master device does so. A Modbus command contains the Modbus address of the device itis intended for. Only the intended device will act on the command, even though other devices might receive it (anexception is specific broadcastable commands sent to node 0 which are acted on but not acknowledged). All Modbuscommands contain checking information, ensuring that a command arrives undamaged. The basic Modbuscommands can instruct an RTU to change a value in one of its registers, control or read an I/O port, as well ascommand the device to send back one or more values contained in its registers.There are many modems and gateways that support Modbus, as it is a very simple protocol and often copied. Someof them were specifically designed for this protocol. Different implementations use wireline, wirelesscommunication, such as in the ISM band, and even short message service (SMS) or General Packet Radio Service(GPRS). One of the more common designs of wireless networks makes use of Mesh networking. Typical problemsthat designers have to overcome include high latency and timing problems.

Frame formatAll Modbus variants choose different frame formats.

Modbus 2

Modbus RTU Frame Format

Name Length(bits) Function

Start 28 at least 3 1⁄2 character times of silence (mark condition)

Address 8 Station Address

Function 8 Indicates the function code, eg read coils / inputs

Data n * 8 Data + length will be filled depending on the message type

CRC 16 bits Error checks

End 28 at least 3 1⁄2 character times of silence between frames

Modbus ASCII Frame Format

Name Length(char.) Function

Start 1 starts with colon ( : ) (ASCII hex value is 0x3A)

Address 2 Station Address

Function 2 Indicates the function codes like read coils / inputs

Data n Data + length will be filled depending on the message type

LRC 2 Error checks

End 2 carriage return – line feed(CR/LF) pair (ASCII values of 0x0D & 0x0A)

Modbus TCP Frame Format

Name Length(bytes) Function

Transaction Identifier 2 For synchronization between messages of server & client

Protocol Identifier 2 Zero for Modbus/TCP

Length Field 2 Number of remaining bytes in this frame

Unit Identifier 1 Slave Address (255 if not used)

Function code 1 Function codes as in other variants

Data bytes n Data as response or commands

Unit identifier is used with Modbus/TCP devices that are composites of several Modbus devices, e.g. onModbus/TCP to Modbus RTU gateways. In such case, the unit identifier tells the Slave Address of the device behindthe gateway. Natively Modbus/TCP-capable devices usually ignore the Unit Identifier.The byte order is Big-Endian (first byte contains MSB).

Modbus 3

Supported function codesThe various reading, writing and other operations are categorised as follows. The most primitive reads and writes areshown in bold. A number of sources use alternative terminology, for example Force Single Coil where the standarduses Write Single Coil.

Modbus function codes

Function type Function name Function code

Data Access Bit access Physical Discrete Inputs Read Discrete Inputs 2

Internal Bits or Physical Coils Read Coils 1

Write Single Coil 5

Write Multiple Coils 15

16-bit access Physical Input Registers Read Input Register 4

Internal Registers or Physical Output Registers Read Holding Registers 3

Write Single Register 6

Write Multiple Registers 16

Read/Write Multiple Registers 23

Mask Write Register 22

Read FIFO Queue 24

File Record Access Read File Record 20

Write File Record 21

Diagnostics Read Exception Status 7

Diagnostic 8

Get Com Event Counter 11

Get Com Event Log 12

Report Slave ID 17

Read Device Identification 43

Other Encapsulated Interface Transport 43

ImplementationsAlmost all implementations have variations from the official standard. Different varieties might not communicatecorrectly between equipment of different suppliers. Some of the most common variations are:•• Data types

• Floating point IEEE•• 32-bit integer•• 8-bit data•• Mixed data types•• Bit fields in integers•• Multipliers to change data to/from integer. 10, 100, 1000, 256 ...

•• Protocol extensions•• 16-bit slave addresses•• 32-bit data size (1 address = 32 bits of data returned.)

Modbus 4

•• Word swapped data

Limitations• Since Modbus was designed in the late 1970s to communicate to programmable logic controllers, the number of

data types is limited to those understood by PLCs at the time. Large binary objects are not supported.•• No standard way exists for a node to find the description of a data object, for example, to determine if a register

value represents a temperature between 30 and 175 degrees.•• Since Modbus is a master/slave protocol, there is no way for a field device to "report by exception" (except over

Ethernet TCP/IP, called open-mbus)- the master node must routinely poll each field device, and look for changesin the data. This consumes bandwidth and network time in applications where bandwidth may be expensive, suchas over a low-bit-rate radio link.

•• Modbus is restricted to addressing 247 devices on one data link, which limits the number of field devices that maybe connected to a master station (once again Ethernet TCP/IP proving the exception).

•• Modbus transmissions must be contiguous which limits the types of remote communications devices to those thatcan buffer data to avoid gaps in the transmission.

•• Modbus protocol itself provides no security against unauthorized commands or interception of data.

Trade groupModbus Organization, Inc. is a trade association for the promotion and development of Modbus protocol.

References

External links• ShortBus Modbus Scanner, free RTU testing software (http:/ / sites. google. com/ site/ shortbusdll)• Modbus Communication Monitor (http:/ / www. awavo. com/ com-port-monitor/ )• Cost free Modbus RTU Device Testing Software (http:/ / www. globalmultimedia. in/ modnet. htm)• Modbus Source Code (http:/ / www. protocessor. com/ solutions/ signup. php)• Free Modbus Guide for Field Technician (http:/ / www. modbusbacnet. com/ includes/ pdf/

MODBUS_2010Nov12. pdf)• uTasker MODBUS extension module for Kinetis, Coldfire, SAM7x, LPC2xxx, LPC17xx, Stellaris, STM32

(http:/ / www. utasker. com/ modbus. html)• Simple modbus/TCP client for Linux (https:/ / github. com/ sourceperl/ mbtget)• Interface to Modbus TCP or RTU (http:/ / www. fieldserver. com/ products/ drivers/ Modbus. php)• Perl module for Modbus/TCP (https:/ / github. com/ sourceperl/ MBclient)• Android based Modbus TCP Master (http:/ / www. modbusmonitor. com/ )• MBtest, Modbus RTU, ASCII, Modbus/TCP Master program (http:/ / cedarlab. ru/ eng/ software. html)• Tcl based modbus rtu driver (http:/ / wiki. tcl. tk/ 21150)

Article Sources and Contributors 5

Article Sources and ContributorsModbus  Source: http://en.wikipedia.org/w/index.php?oldid=583517021  Contributors: 7, Aarontpeterson, AdAstraRG, Alshain01, Anoopmgeorge, Arnoudmulder, Batman2000, Begoon,Bert490, Bertus, Billymac00, Bobblewik, Btilm, CALR, Calltech, Calton, Cameronbell76, CanOfWorms, Ceallachan, CharlesWemyss, Chungyan5, Comatmebro, Cp2020, Crowsnest, Cruccone,Cyberparam in, DStoykov, Danmuz, Dareces, Darvin30dec, Dicklyon, Dogaroon, Eadric, Electron9, Fahidka, Failanas, Faught, Femto, Frau Holle, Frau K, Funvill, Gadget1700, Gasbuilding,Glenn, Globalkrishna, Goodeq, Gorhas, Guy Harris, Hongooi, Hooperbloob, Hu12, InntegrationExpert, Iridescent, Jasen betts, Jhose, Jimwelch, Jmundo, Jt, Komantian, Komap, Kuttipapu, Kvng,LynnLinse, MariusG, Matusz, Mjbcswitzerland, Modbus.ug, Moriori, Morpheios Melas, MrOllie, Mtpaley, Nasa-verve, Natalie Erin, Nelson50, NichoEd, Ninokurtalj, Oddbodz, Okstfan03, Onehalf 3544, Onuralpkaratum, PKlammer, Peswriter, Rajendu.choubisa, Remuel, Ruscito, RussNelson, Schastain, Sega381, Sfax.tn, Skamecrazy123, SoManySpammers, Spalding, T. Canens,Tc.guho, Teichsta, Thaas00, Theodore Kloba, Thomas Larsen, Tmwusa1, Trappist the monk, Trusilver, UnitedStatesian, Viper742, Voidxor, Waffleguy4, Wtshymanski, XandroZ, Xareu bs,Xsolarwindx, Zaphodikus, Zorbey, Важнов Алексей Геннадьевич, 237 anonymous edits

LicenseCreative Commons Attribution-Share Alike 3.0//creativecommons.org/licenses/by-sa/3.0/