What You need to know about the Modbus Communication Protocol
A fundamental protocol in the field of industrial automation that continues to be relevant in various industries.
Modbus is commonly used in industrial automation systems. It was developed in the late 1970s and has since become a widely adopted standard for connecting electronic devices in various industrial applications.
In this Tekon article, you will have what it takes to understand how this communication protocol works.
The Modbus is a serial communication protocol that uses a master-slave architecture, i.e., one device (master) initiates and controls the communication, while one or more devices (slaves) respond to the master's requests. So, Modbus uses a simple and efficient way of representing data, typically involving the reading, or writing of values in holding registers or discrete inputs/outputs.
This protocol is widely used in industrial automation, process control, and monitoring systems. For instance, it is used for the communication between PLCs (Programmable logic controllers), HMIs (Human- Machine Interface) and sensors.
Modbus is an open standard protocol that contributes to its widespread adoption in the industrial automation sector, enabling its implementation in different devices from several manufacturers.
Diferences and network arquitectures
There are different types of Modbus protocols, the most used ones being the RTU (Remote Terminal Unit) and the TCP/IP (Transmission Control Protocol/Internet Protocol):
- Modbus RTU: this is the original Modbus specification that uses binary encoding for communication over serial lines, such as RS-232 or RS-485. The RS-232 has a point-to-point configuration, allowing only one master and one slave over 50 meters distance. The RS-485 supports a multidrop setup, allowing 64 devices over a 1 km distance.
- Modbus TCP/IP: it is an extension of Modbus that uses the TCP/IP protocol for communication over Ethernet networks. This protocol allows you to have multiple clients (equivalent to master) and multiple servers (equivalent to slaves).
Modbus Structures
The frame structure for the Modbus RTU is a binary packet that contains the following information:
- Address field (1 byte): specifies the address of the slave to which the message is intended. The address value can range from 1 to 247, and 0 is suited for broadcast messages.
- Function code (1 byte): indicates the type of action the recipient slave should take. Function codes define various operations such as reading and writing holding registers, reading discrete inputs, writing single coils, etc.
- Data Field (Variable length, up to 252 bytes): contains the actual data being transmitted. The length of this field depends on the specific function code and the type of request or response.
- Error Check Field (2 bytes): provides error detection for the frame. The usal method used is the Cyclic Redundancy Check (CRC), which is calculated based on the contents of the address, function code, and data fields.
- Inter-Character Timeout (Variable): specifies the time gap between characters. It indicates the end of a character and the beginning of the following one. Typically, it's higher than 3.5 bytes.
The frame structure for the Modbus TCP/IP is encapsulated within standard TCP/IP packets, as it is designed to be used over Ethernet networks. The Modbus TCP/IP frame contains the following information:
- Transaction Identifier (2 bytes): a unique identifier assigned to each transaction, enables the server to associate the response with the corresponding request.
- Protocol Identifier (2 bytes): identifies the Modbus protocol, and for TCP/IP this field is typically set to 0x0000.
- Length Field (2 bytes): indicates the number of remaining bytes in the frame following the length field. It includes the unit identifier, function code, and data.
- Unit Identifier (1 byte): specifies the deviuce address on a Modbus TCP/IP network. Unlike Modbus RTU, where the address is a part of the frame, Modbus TCP/IP uses the unit identifier to distinguish between devices.
- Function code (1 byte): like Modbus RTU, it indicates the type of action the recipient device should take.
- Data Field (Variable length): contains the actual data being transmitted. The length of this field depends on the specific function code and the type of request or response.
These frame structures are a general overview, and the actual frame content may vary based on the specific Modbus operation being performed and the data being transmitted.
A protocol of great relevance
Overall, Modbus has been a fundamental protocol in the field of industrial automation and continues to be relevant in various industries. It has also been extended and adapted to meet the evolving needs of modern industrial communication systems.
This year, Tekon Electronics launched a disruptive Universal IoT Gateway with multiple connectivity options, where Modbus RTU and TCP/IP are available in Master/Slave and Client/Server modes, respectively, making this Gateway an advanced solution to communicate and share data seamlessly.
Discover the new Universal IoT Gateway HERE.
Tekon Electronics contributes to innovation, developing distinctive IoT solutions. Join us on this journey towards a smarter and more connected future!
Modbus Organization. Modbus Technical Resources. https://modbus.org/tech.php