Re: I need a Modbus RTU Overview

M

Thread Starter

Michael Griffin

The best short explanation I have seen is here: http://jamod.sourceforge.net/kbase/protocol.html

The actual spec is freely available here: http://www.modbus.org/specs.php If you want any real in depth detail the spec itself is the best source. It is actually quite simple and understandable

I can give you a brief overview of my own of what I think you are asking.

Modbus is a master/slave (or client/server) protocol. The master sends a request (command) and the slave replies to it. Most protocols that you encounter on a daily basis work like this. For example your web browser sends a request for a web page to the Control.com web server, and the server sends back a reply containing the web page data.

Modbus defines a PLC-like data table (memory array) that has both individual bits and 16 bit words. The entire protocol revolves around reading from and writing to this data table. Bit addresses are either discrete inputs (read-only) or coils (read-write). Word addresses are either input registers (read-only) or holding registers (read-write). Addresses are simply numbered 0 to 65,535 with each of the 4 data types having its own address range. Any particular Modbus device will usually only implement the address range that it actually needs for what it does.

Some software using Modbus will prefix the address with numerical digit (0, 1, 3, 4) to indicate the type of data (coil, input register, etc.) they are referring to. That is an application user interface feature though (just like calling address types "I", "Q", "V", etc.), and has nothing to do with Modbus itself. That is a source of confusion to some people though.

Modbus commands are called "functions". Each function is a request to read or write data in an address or set of addresses in a data table. The functions are simply numbered 1, 2, 3, 4, etc. A function is simply a command to read or write one or more data table addresses. Any particular Modbus device will usually only implement the function codes that it actually needs for what it does.

So basically, the master sends a command to a slave to either read or write an address in a data table. If it was a read command, the slave then sends back a reply containing the requested data. If it was a write command, the slave writes the data and sends back a reply saying it wrote the data. If an error (called an "exception") occurs, the reply contains an error code indicating what the error was.

Modbus RTU is the original Modbus. It is intended for use on serial links such as RS-232 or RS-485. It is a binary protocol. That is, the data is in the form of zeros and ones.

Modbus ASCII is like Modbus RTU, except it is encoded in ASCII characters. It is not as common as the RTU version, but it has some slight differences in how messages are terminated which make it better suited for radio links. On the other hand, being encoded in ASCII means the messages are twice as big.

Modbus TCP is simply Modbus RTU on Ethernet. The main difference between the two is that the RTU version has a message checksum to verify the message integrity, while the TCP version simply uses the Ethernet checksum.

There is also something called Modbus Plus, but that was a proprietary protocol on proprietary hardware from Schneider and isn't considered to be "real" Modbus by most people.

When operating Modbus on a serial link with multiple slaves, each slave reads an address number in the message header to tell if the message was meant for it. When operating on Ethernet, it relies on the Ethernet TCP/IP addressing system to simply get the message to where it is going.

Modbus is one of the very few open protocols in industry and it is a very easy protocol to implement. Both of these are the reasons why it is the most widely implemented.
 
Top