An overview of Modbus

Modbus is a serial communication protocol used for transmitting information between electronic devices through serial lines or Ethernet. It was originally published by Modicon (now Schneider Electric) in 1979 for use with PLCs. Since 1979, it has been the de facto standard for industrial electronics serial data communication in process control and automation. Schneider Electric supported and maintained the Modbus project in the past. The Modbus Organization is an independent developer and user community organization established with the active assistance of Schneider Electric, and was formed due to the strategic role Modbus had to play in the industrial market. The Modbus protocol was transferred from Schneider Electric to Modbus Organization in 2004, thus making the protocol open and royalty free to use.

Modbus RTU (remote terminal unit) and Modbus ASCII are used for serial communication and Modbus TCP is used for Ethernet. Modbus defines and uses the Master/Slave model of communication and in a standard Modbus network there will be one Master and up to 247 slaves each having a unique slave address ranging from 1 to 247. The Master has unidirectional control over slaves and can write information to and read from the slaves’ registers. The Modbus master can address individual slave devices or can send a broadcast message to all slaves. Slaves return response to queries addressed to them and will not respond to message broadcasts.

Modbus ASCII and Modbus RTU use RS-485 or RS-232 serial communication methods to transmit data packets. Modbus TCP/IP or Modbus TCP is the Modbus RTU protocol with a TCP interface to run the Ethernet. Since Ethernet allows peer to peer communication, rather than master/slave communication, Modbus TCP relies upon client server communication for Ethernet. Modbus TCP follows the OSI network model and defines the presentation and application layers.

Modbus Messaging

Modbus master reads configuration of the slave devices (data gathering points) as well as the measures from field through messages. The master specifies data addresses in the query messages to read or modify data. There are 4 types of data in the slave devices that are referenced by the master and they include:

  1. Coil (Discrete Output) – these are 1-bit Boolean variables that can be both read and modified as ON/OFF. They are used to force the ON/OFF states of discrete outputs to the field of measures. These discrete outputs are also to modify the mode or status of the slave device (Read Write).
  2. Input Status (Discrete Input) – These 1-bit Boolean variables are used for the ON/OFF state of discrete (Boolean) inputs from the field or to read the status of slave devices (Read Only).
  3. Input Register – These are 16 bit integers and represent value of analog inputs from the field or values read from the slave (Read Only).
  4. Holding Register – These 16 bit integers are used for the value of analog outputs to the field or to set information of slave devices (Read Write).

Either of two transmission modes can be used for communication on standard Modbus networks – ASCII or RTU, with the restriction that all devices must use the same mode. In ASCII mode, each 8-bit byte in the message is sent as 2 ASCII characters and in RTU mode, each 8-bit byte in the message contains two 4-bit hexadecimal numbers.

Modbus messages constitute of read/write of 16 bit words and binary registers called “coils”. A query message from master contains the following fields:

  1. Device address
  2. Function code
  3. Query data
  4. Error check

A response message from slave has the following fields:

  1. Device address
  2. Function code
  3. Response data
  4. Error check

The Error Check algorithms used are:

  1. LRC (Longitudinal Redundancy Check) in ASCII mode
  2. CRC (Cyclic Redundancy Check in RTU mode)

Address Field

Valid slave addresses ranges from 1 to 247 decimal and 0 are reserved for the broadcast query.

The master places the address of the intended slave in the Device Address field. So when each slave receives the query message, they will check the address field first and if the address does not correspond to them, all but the addressed slave ignore the message. When the slave responds to the query, it will place its device address in the response message to indicate to the master that the response is from this particular slave. 

Function Field

Valid function field codes ranges from 1 – 255 decimal. This field has the function code that tells the slave about what function to perform – which table/register to reference and whether to read or write. The slave after performing the action as indicated in the function code will responds with either a normal response in the function field (the original function code indicating an error-free condition) or indicates an exception response (error occurred).

Function Code Action
01 Read Discrete output coils
05 Write Single Discrete output coil
15 Write multiple Discrete output coils
02 Read Discrete input coils
04 Read Analog input registers
03 Read Analog output holding registers
06 Write single Analog output holding register
16 Write multiple Analog output holding registers

Advantages of Modbus

  • Along with its role as an industrial protocol, Modbus has its applications in building, infrastructure, transportation and energy applications.
  • Modbus TCP/IP has become very popular due to its openness, simplicity, low-cost development and minimum hardware requirement.
  • It provides a versatile, scalable and vendor-neutral data representation for Ethernet applications with TCP/IP.
  • It provides interoperability among different vendor’s devices. 
  • The Modbus TCP/IP protocol and Modbus protocols are available free of charge for download and there are no subsequent licensing fee. 

Applications of Modbus

Modbus is an open and royalty free protocol that manufacturers can implement in their equipment without paying royalties. This has become the standard protocol in industrial electronics communications. A typical scenario is where it has been used to carry signals from instrumentation and control devices like smart devices and sensors to the data gathering or data acquisition systems that act as the main controller. Modbus is also often used in Supervisory Control and Data Acquisition systems (SCADA) to connect a remote terminal unit with a supervisory computer. Other applications include:

  • Used in gas and oil substation utilities since Modbus RTU supports wireless communications.
  • Due to the cross-device compatible message structure, Modbus industrial protocol is used in building, infrastructure, transportation and energy applications.
  • Temperature monitoring from a single interface is achieved by gathering data from multiple locations through the RS485 Modbus ADC.
  • Used extensively in home automation where data from different sensors of home automation devices are transmitted through the Modbus protocol.

Modbus in Industry

Schneider Electric, offers a variety of Modbus product offerings including:

Comtrol Corp. is offering DeviceMaster ® UP 1-Port VDC Modbus, that brings plant floor device visibility by enabling communication between factory floor serial and Modbus devices, and PLC controllers.

Other prominent Modbus products include:

  • VPGate MODBUS/TCP to Serial
  • ADAM-4572 1-port Modbus Gateway
  • EKI-12211 1-port Modbus gateway with Wide Temperature
  • DAM140 – 16  Analog Input Modbus Module
  • Digigate Profibus DP / Modbus RTU Gateway