Modbus: In Simple Words About The Popular Protocol For M2M Communication


Modbus is an application layer network protocol widely used in industrial production to exchange data between devices (Machine-to-Machine, M2M).

Since its development in 1979, it has not lost its popularity. According to statistics from HMS Industrial Networks, in 2021, Modbus occupies 10% of the global industrial networks market (5% each belongs to Modbus RTU and Modbus TCP). In this article, we will talk about the main features of the Modbus protocol, its advantages, and disadvantages, as well as the most common use cases.

Basic Principles Of Modbus Operation

Modbus uses the Master-Slave architecture, which was recently renamed Client-Server by the developer. According to this approach, a client (master) device is allocated in the network, periodically sending requests to server (slave) devices to read or write their parameters.

All requests can be initiated only by the client device: transmission of messages from server devices without preliminary polling from the client-side is not provided in the protocol.

The Modbus data packet includes a permanent part of the PDU (Protocol Data Unit), common to all protocol implementations, consisting of function code and data. In addition, several specific fields are possible, which will differ depending on the network’s physical layer. Most often, these are the address of the server device and a checksum for detecting errors.

Additional field staking into account, the complete Modbus package is called ADU (Application Data Unit). Let’s take a closer look at each area of the ADU packet in a generalized way. I will describe the features inherent in the various protocol options in the next section.

  • Server device address (Additional address) Determines to which address should send the client request. It can take values ​​in the range from 1 to 247. Address 0 is used for broadcasting data from the client to all server devices (there is no server response in this case) and addresses 248–255 are considered reserved.
  • In some protocol implementations, the field is ignored – for example, in Modbus TCP, where standard IP addressing is most often used.
  • Function code. Determines what action the server device needs to take. Function code values ​​range from 1 to 255, with codes 128 to 255 reserved for error messages. Code 0 is not used.
  • For codes in the 65-72 and 100-110 ranges, users can implement their User-Defined Function Codes. Some principles, for example, 9, 10, 13, and others, are reserved by certain suppliers for their equipment and are closed for general use ( Reserved Function Codes ). Codes that are not included in these two subsets belong to the public ( Public Function Codes ) – these are documented functions in the public domain.
  • Data. Data is required to perform the selected function on the server device. Most often, these are the addresses of registers for reading or writing, their number, and so on. The length and format of the field depend on the function code. Some functions do not require data transfer.
  • Checksum (Error check). It contains a number calculated using a unique algorithm to check the integrity of the package. CRC-16 or LRC-8 is used as an algorithm for calculations. In some protocol implementations, the field is absent – for example, in Modbus TCP, where packet integrity control is provided using the TCP / IP protocol.

Let’s consider the transfer of packets to Modbus. The protocol provides client-server interaction in the Request / Response mode. The client initiates a request to the server device, bypassing the function code and data to the PDU. Depending on the physical layer of the network, the packet may contain additional fields discussed above.

If the request is processed without errors, the server returns a packet containing the function’s source code and the requested data.

When an error occurs, the server device returns the exception code as data, and instead of the original function code, its value increases by 128 (0x80 in hexadecimal).Timeouts are also provided on the client-side to avoid long waiting times for a response from failed devices.

Also Read: How To Run Tools On Kubernetes For Data Access

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *