Modbus

Modbus is a serial communications protocol published by Modicon in 1979 for use with its programmable logic controllers (PLCs). It has become a de facto standard communications protocol in industry, and is now the most commonly available means of connecting industrial electronic devices. The main reasons for the extensive use of Modbus over other communications protocols are:

1. it is openly published and royalty-free
2. it can be implemented in days, not months
3. it moves raw bits or words without placing many restrictions on vendors

Modbus allows for communication between many devices connected to the same network, for example a system that measures temperature and humidity and communicates the results to a computer. Modbus is often used to connect a supervisory computer with a remote terminal unit (RTU) in supervisory control and data acquisition (SCADA) systems. Versions of the Modbus protocol exist for serial port and Ethernet.

For serial connections, two variants exist, with different representations of numerical data and slightly different protocol details. Modbus RTU is a compact, binary representation of the data. Modbus ASCII is human readable, and more verbose. Both of these variants use serial communication. The RTU format follows the commands/data with a cyclic redundancy check checksum, while the ASCII format uses a longitudinal redundancy check checksum. Nodes configured for the RTU variant will not communicate with nodes set for ASCII, and the reverse.

For connections over TCP/IP (e.g. ethernet), the more recent variant Modbus/TCP exists. It is easier to implement than Modbus/ASCII or Modbus/RTU because it does not require a checksum calculation.

Data model and function calls are identical for all three communication protocols; only the encapsulation is different.

An extended version, Modbus Plus (Modbus+ or MB+), also exists, but remains proprietary to Modicon. It requires a dedicated co-processor to handle fast HDLC-like token rotation. It uses twisted pair at 1 Mbit/s and includes transformer isolation at each node, which makes it transition/edge triggered instead of voltage/level triggered. Special interfaces are required to connect Modbus Plus to a computer, typically a card made for the ISA, PCI or PCMCIA bus.

Each device intended to communicate using Modbus is given a unique address. Any device can send out a Modbus command, although usually only one master device does so. A Modbus command contains the Modbus address of the device it is intended for. Only the intended device will act on the command, even though other devices might receive it. All Modbus commands contain checking information, ensuring that a command arrives undamaged. The basic Modbus commands can instruct an RTU to change a value in one of its registers, as well as commanding the device to send back one or more values contained in its registers.

There are many modems that support Modbus. Some of them were specifically designed for this protocol. Different implementations use wires, wireless communication and even SMS or GPRS. Typical problems the designers have to overcome include high latency and timing problems.

Variations:

Almost all implementations have variations from the official standard. Different varieties may not communicate correctly between different suppliers equipment. Some of the most common variations are:

• Data Types
  • Floating Point IEEE
  • 32 bit integer
  • 8 bit data
  • mixed data types
  • bit fields in integers
  • multipliers to change data to/from integer. 10, 100, 1000, 256 ...

• Protocol extensions
  • 16 bit slave addresses
  • 32 bit data size (1 address = 32 bits of data returned.)
  • word swapped data

Limitations

Modbus was designed in the late 1970's to communicate to programmable logic controllers. The number of data types are limited to those understood by PLCs at the time. Large binary objects are not supported. No standard way exists for a node to find the description of a data object, for example, to determine if a register value represents a temperature between 30 and 175 degrees. Since Modbus is a master/slave protocol, there is no way for a field device to "report by exception" - the master node must routinely poll each field device, and look for changes in the data. This consumes bandwidth and network time in applications where bandwidth may be expensive, such as over a low-bit-rate radio link. Modbus is restricted to addressing 254 devices on one data link, which limits the number of field devices that may be connected to a master station. Modbus transmissions must be contiguous which limits the types of remote communications devices to those that can buffer data to avoid gaps in the transmission.

External links

• Protocol Overview
• Detailed Protocol Description
• Modbus-IDA site
• What You should know about Modbus
• a basic explanation on how modbus works
• Comparison between Modbus and DNP3 for SCADA Systems

Free software exists for Modbus:

• Source code for Microchip PIC
• Free Modbus Message Parser
• Modbus client utility - Useful for testing devices.
• Java with protocol explanation
• Free Modbus ASCII/RTU and TCP for microcontrollers. New site location is http://www.freemodbus.org
• NModbus is a C# implementation with examples.
• An Open Source Modbus library in C for GNU/Linux
• An open source, public domain Modbus master in Ruby.
• modpoll is a command line based Modbus master simulator and test utility (Windows, Linux, QNX).

Donate to Wikimedia