Modbus tutorial | Modbus protocol, ASCII & RTU Frame
This Modbus tutorial covers modbus protocol basics, ASCII & RTU frame structures and it working with examples.
What is Modbus?
Introduction:
"Modbus" term is a trademark of Modicon Inc. which maintains the standard.
It is a application layer protocol which is based on client/server architecture
between the devices connected on different types of buses or networks.
This Modbus protocol is used in SCADA style of network communication
between the devices.
Modbus protocol runs on top of RS232, RS422 and RS485. There is a specification for Modbus/TCP defined for IP based link layer for Modbus frames. There are many protocols for industrial automation and metering. The Modbus protocol is based on query/response model. The enlarged view of the "Query message" and "response message" with their fields (i.e. contents) are shown in the following figure.
• As shown, both query and response messages consist of start (0x3A) and end (0x0D0A) delimiters.
• Query message consists of fields which include device address, function code,
query data and error check.
• Response message consists of fields which include device address, function code,
response data and error check.
Modbus protocol working
• The Modbus protocol typically follows a master and slave based architecture. Master transmits a request message to a slave and waits for a response message. This architecture provides complete control to the master for flow of information. This has great merits over the previous multidrop networks using RS422/RS485 etc
• As shown in the figure, Modbus request message is a layered set of data. Controllers can be setup to communicate on standard Modbus networks using either of two transmission modes: ASCII or RTU. Users select the desired mode, along with the serial port communication parameters (baud rate, parity mode, etc), during configuration of each controller. The mode and serial parameters must be the same for all devices on a Modbus network.
• The selection of ASCII or RTU(remote terminal unit) mode pertains only to standard Modbus networks. It defines the bit contents of message fields transmitted serially on those networks. It determines how information will be packed into the message fields and decoded.
• When controllers are setup to communicate on a Modbus network using ASCII mode, each eight-bit byte in a message is sent as two ASCII characters. The main advantage of this mode is that it allows time intervals of up to one second to occur between characters without causing an error.
• When controllers are setup to communicate on a Modbus network using RTU mode, each eight-bit byte in a message contains two four-bit hexadecimal characters. The main advantage of this mode is that its greater character density allows better data throughput than ASCII for the same baud rate. Each message must be transmitted in a continuous stream.
• In either of the two serial transmission modes (ASCII or RTU), a Modbus message is placed by the transmitting device into a frame that has a known beginning and ending point. This allows receiving devices to begin at the start of the message, read the address portion and determine which device is addressed , and to know when the message is completed. Partial messages can be detected and errors can be set as a result.
• As shown Modbus protocol works on master-slave model. One device on the bus or network can initiate transactions (referred as queries) which can address individual slave devices or broadcasts to all the slave devices. The slave device take action as per the Modbus frame received and respond if required in the form of "response frame".
• The transmission mode defines framing and bit encoding of the messages to be transmitted on the Modbus network.
Modbus ASCII mode
The figure depicts ASCII mode of Modbus frame. As shown in ASCII mode, each byte is encoded on serial link as 2 ASCII characters. Each ASCII character is transmitted as 1 start bit, 7 data bits, zero or 1 parity bit, one or two stop bits
Modbus RTU mode
The figure depicts RTU mode of Modbus frame. As shown in RTU (Remote terminal unit) mode, the message is transmitted in a continuous stream format. Each 8 bit byte is framed by 1 start bit, 8 data bits, 0 or 1 parity bit, 1 or 2 stop bits. The message itself starts after a silent period of at least 3.5 character times.
Modbus message fields
➤Let us understand major fields used both in ASCII mode and RTU mode.
Modbus Address: Modbus message starts with 8 bit target address.
This can take any value from 0 to 247.
Here 0 is used as broadcast address and rest are used as unique device addresses.
Modbus Functions: The function code contains 2 characters (in ASCII mode)
and 8 bits (in RTU mode)/ It takes any value from 1 to 255 and are selected
as per application profile.
Modbus Data Field: This data field convey application level
information as desired by different Modbus function.
If function contains variable size of data,
it begins with "byte count" in this position.
Modbus Error Check Field: This field is used as error detection.
It is also known as "Checksum".
Modbus TCP mode
Unlike RS232 and RS485, Modbus TCP uses TCP/IP protocol to carry Modbus message. Figure depicts mapping of Modbus protocol in TCP/IP and OSI protocol stacks.
• Modbus TCP provides TCP/IP access to the Modbus functionality.
• Each Modbus request/response is sent over a TCP connection established between
the master and the slave, using well known port 502.
• The TCP connection may be reused for several query/response exchanges.
• The byte content of the modbus request/response frames
(i.e. without framing start-stop-parity bits specific to the serial physical
layer) is simply transported over the TCP connection, in big indian order.
The only addition of Modbus TCP is to add a seven-byte message prefix.
➤Ref ref 00 00 00 len unit
• The "ref" bytes are simply copied by the slave from the request,
and may be used as a handle by the master. The length information in the message
prefix allows proper reassembly of the Modbus message when
it has been segmented in several IP packets.
• The slave address has been renamed "unit identifier" and is contained in unit.
The rest of the message conforms to the regular Modbus structure, but the error check fields
may be omitted for obvious reasons.
Profibus vs Modbus
Following table mentions comparion between Profibus and Modbus with respect to various parameters.
| Features | Profibus | Modbus |
|---|---|---|
| Mode of operation | Operates in multi master mode using RS485. | Operates on only single master mode using ASCII/RTI. |
| Use of ethernet | Can not operate on ethernet, but profinet operates on ethernet which is not same as profibus. | Can run on ethernet using TCP/IP protocols. |
| Physical medium | twisted pair, fiber | Modbus does not define physical medium. It defines message structure which can be used over any physical medium. However Modbus RS485 is popular among all. |
| Speed of transmission | Operates at different speeds of transmission from 1.2 Kbps to 12 Mbps. | Modbus RS485 supports seed of transmissions upto 115 Kbps or upto 19.2 Kbps. |
| distance coverage | 32 stations use profibus for distances upto 1200 meters, while 2 stations communicate at speed of 500 kbps for distances upto 400 meters. Low speed transmission supports higher distances while high speed transmission supports lower distances. | Modbus RS485 cable should be less than 700 meters. |
| Number of master and slave devices | Upto 126 devices (masters and slaves) are connected on single profibus network. | Modbus master actually supports 247 slave devices. The number of slave devices including master connected on main cable are 32 due to RS485 protocol limitation. To support more than 32 repeater is used. |
| Future use | Individually use of profibus was fine, but its specialized charateristics combined with RS485 is going to be obsolete. However specialized sensor/actor fieldbus devices have increased their market penetration in automation industry now and in future. | Due to simple protocol, it has become popular as one of the main ethernet protocols in automation industry. The other older versions are RS232, RS422, RS485 etc. Devices are used on the bus with and without addresses. |
| Application | It is very robust protocol which can be used to automate entire plants. It is used where there are more points and multiple vendor equipments are to be automated. | It is very simple protocol which can be used to interface single controller in point-to-point mode of configuration. It is used for small plant automation. |
Modbus Application Examples
The modbus protocol can be implemented in various systems like RS485/RS422.
• Zigbee to Modbus RTU/TCP Gateway
• Real time inventory control such as pick to light, put to light etc.
• Industrial automation
• Smart metering
This Modbus tutorial is very useful for beginners to learn basics of Modbus protocol. For more information refer respective specifications for modbus ASCII, RTU or TCP modes.
Useful interface types and microcontroller stuff
RS485 interface RS422 interface CAN interface SPI interface interface types and converters DigRF interface what is microcontroller microcontroller vs microprocessor microcontroller programming
RF and Wireless tutorials
WLAN 802.11ac 802.11ad wimax Zigbee z-wave GSM LTE UMTS Bluetooth UWB IoT satellite Antenna RADAR
IoT Wireless Technologies
➤THREAD
➤EnOcean
➤LoRa
➤SIGFOX
➤WHDI
➤6LoWPAN
➤Zigbee RF4CE
➤NFC
➤INSTEON