Professional Documents
Culture Documents
Prem Sanil
Introduction
• Modbus is a serial communications protocol originally published
by Modicon (now Schneider Electric)
Its Application ?
• Used to establish master-slave/client-server communication between
intelligent devices
• There are two types of Modbus frames: Protocol Data Unit (PDU) and
Application Data Unit (ADU).
• The FC -> action to perform and the data -> information to be used for
this action.
Modbus Data Types
• Modbus transactions always perform a set of actions by reading or
writing to a set of four data ,used by the Modbus application layer.
Limitations
• Since Modbus is a master/slave protocol, there is no way for a field
device to "report by exception"
• The master must routinely poll each field device, and look for changes
in the data.
• Source :http://stackoverflow.com/questions/22523716/modbus-slave-count-
limitation
• Source : http://www.control.com/thread/1369186948
(Modbus Over Serial Line V1.02", page 8, Section 2.2 Modbus Addressing
rules, "from 248 to 255: Reserved“)
Accessing The Data
• 16-bit Unsigned Registers And Single-bit Coils
• Input Registers And Holding Registers
• Input Coils And Status Coils
Bits – 1 Bit
32 bit Integer
MSB16 bit LSB16 bit
64 bit Integer
MSB16 bit 16 bit 16 bit LSB16 bit
Modbus ASCII vs Modbus RTU
•Any delay between bytes will cause Modbus RTU to interpret it as the start of a
new message.
•Modbus ASCII marks the start of each message with a colon character " : "
(hex 3A).
•The end of each message is terminated with the carriage return and line feed
characters (hex 0D and 0A)
ModBus RTU Frame Format
Modbus ASCII vs Modbus RTU
MODBUS PROTOCOL ON OSI MODEL
Presentation
Session
Transport
Modbus Messaging on
TCP/IP
Network TCP
IP
3.3 V
0V
Electrical Signals
Digital
Electrical Signals
Digital
Modbus RS232 PHY
Rx Tx
Tx Rx
GND GND
Electrical Signals
•Half Duplex
Master Slave A
Rx
Tx
Rx
Slave B
Rx
Tx
Master / Slaves State Diagrams
After sending
a request, the Master leaves the "Idle" state, and cannot
send a second request at the same time
Processing
reply
When a unicast request is sent to a slave, the master goes into "Waiting
for reply" state, and a “Response Time-out” is started.
Presentation
Session
Transport
Modbus Messaging on
TCP/IP
Network TCP
IP
In general, Modbus TCP/IP uses TCP/IP and Ethernet to carry the data
of the Modbus message structure between compatible devices.
Modbus TCP/IP Client/Server Model
· MODBUS Request,
· MODBUS Confirmation,
· MODBUS Indication,
· MODBUS Response
Modbus TCP/IP Client/Server Model
Request Indication
MODBUS
MODBUS Client Server
Confirmation Response
Modbus Serial
Function
Address
Code
Data Checksum Frame
The Modbus commands and user data are encapsulated into the data container
of a TCP/IP telegram without being modified in any way.
Modbus TCP/IP Data Frame
Modbus
Function
Data
TCP/IP
Protocol Length Unit ID
Transaction
Identifier
Identifier Field
Code
Frame
The Modbus error checking field (checksum) is not used, as the standard Ethernet
TCP/IP link layer checksum methods are used.
The Modbus Address field is replaced by the unit identifier in Modbus TCP/IP,
Modbus TCP/IP Data Frame
MBAP
Modbus
Function
Data TCP/IP
Protocol Length Unit ID Code
Transaction
Identifier
Identifier Field Frame
This is important because, in MODBUS TCP, the server can handle many requests
at the same time. This is not possible in MODBUS Serial.
Request
MODBUS Client
(Initialized by the MODBUS Server
Client)
Transaction
Transaction Identifier
Identifier
Modbus TCP/IP Data Frame
MBAP
Modbus
Function
Data TCP/IP
Protocol Length Unit ID Code
Transaction
Identifier
Identifier Field Frame
Protocol Identifier – This field is always 0 for Modbus services and other values
are reserved for future extensions
Modbus TCP/IP Data Frame
MBAP
Modbus
Function
Data TCP/IP
Protocol Length Unit ID Code
Transaction
Identifier
Identifier Field Frame
Length - The length field is the size of the following fields, including the Unit
Identifier ,Function Code , data fields.
Modbus TCP/IP Data Frame
MBAP
Modbus
Function
Data TCP/IP
Protocol Length Unit ID Code
Transaction
Identifier
Identifier Field Frame
The primary function of TCP is to ensure that all packets of data are received
correctly,
IP makes sure that messages are correctly
addressed and routed
Each layer on the sending stack communicates with the corresponding layer
of the receiving stack through information stored in headers
As you move the data down the stack of the sender, each stack layer adds its
own header to message
The higher layers are encapsulated by the lower layers
Application User
Data (ADU) IP
Network
Application User
Data (ADU) Ethernet
Data Link
Physical