MODBUS Definitions

<< Click to Display Table of Contents >>

Navigation:  Help > Practical Topics > Understanding MODBUS >

MODBUS Definitions

What is a bit: the basic unit of information in digital communication: 0 or 1.

What is binary: a base 2 number system that is made up of two numbers: 0 and 1.

What is a byte: 8 bits.

What is hexadecimal: long strings of ones and zeros are difficult to read, so the bits are combined and show in hexadecimal. Each block of 4 bits is represented by one of the sixteen characters from 0 to F. Each block of 8 bits (called a byte) is represented by one of the 256 character pairs from 00 to FF.

0000 = 0

0100 = 4

1000 = 8

1100 = C

0001 = 1

0101= 5

1001 = 9

1101 = D

0010 = 2

0110 = 6

1010 = A

1110 = E

0011 = 3

0111 = 7

1011 = B

1111 = F

 

What is serial communication: the process of sending data one bit at a time.

What is a network: the transmission of data between various nodes.

What is a node: a communication endpoint.

What is a protocol: the rules that allow two or more entities of a network to transmit information.

What is a master/slave protocol: one device (master) controls one or more other devices (slave(s)).

What is TCP: Transmission Control Protocol (TCP) is a protocol.

What is IP: Internet Protocol (IP) is a protocol.

What is TCP/IP: the rules that allow two or more entities of a network (internet, intranet or extranet) to transmit information. When MODBUS information is sent using these protocols, the data is passed to TCP where additional information is attached and given to IP. IP then places the data in a packet and transmits it.

What is a client/server protocol: one program (client) requests from another program (server). TCP must establish a connection before transferring data, since it is a connection based protocol. The client establishes a connection with the server. The server waits for an incoming connection from the client. Once the connection is established, the server then responds to the queries from the client until the client closes the connection.

What is Ethernet: the way of connecting devices together in a local area network (LAN).

What is an RJ45 Ethernet connector: the physical connector/plug for an Ethernet network.

What is MODBUS: a serial communication protocol published by Modicon in 1979.

What is a MODBUS protocol: the MODBUS rules that allow two or more entities of a network to transmit information.

What is a MODBUS object type: the object types provided by a slave device to a master device:

Object type

Type

Size

Coil/Register numbers

Data addresses

Coil

Read-write

1 bit

00001 – 09999

0000 TO 270E

Discrete input

Read-only

1 bit

10001 – 19999

0000 TO 270E

Input Register

Read-only

16 bits

30001 – 39999

0000 TO 270E

Holding Register

Read-write

16 bits

40001 - 49999

0000 TO 270E

 

Coil/Register numbers can be thought of as location names since they do not appear in the actual messages. The data addresses are used in the messages.

Example: the first holding register, number 40001, has the data address 0000.

oWhat is a coil: a value of 0 or 1.

oWhat is a discrete input: a value of 0 or 1.

oWhat is a register: a numerical value. 1 word = 16 bits = 2 bytes

What is MODBUS ASCII: serial communication protocol using the ASCII characters.

Decimal (base 10)

Binary (base 2)

Hexadecimal (base 16)

ASCII (base 256)

0

0000 0000

00

Null

1

0000 0001

01

34

0010 0010

22

#

57

0011 1001

39

9

 

What is MODBUS RTU:  serial communication protocol using a compact binary representation.

What does a MODBUS RTU message look like:

SlavID

FCode

Data

CRC

 

oWhat is a SlavID: Slave identifier.

oWhat is an FCode: Function code.

oWhat is Data: Data.

oWhat is CRC: Cyclic redundancy check.

What is the slave ID: the slave’s unique unit address from 1 to 247.

What is the function code: the slave’s command to what table:

Function Code

Action

Table Name

01 (01 hex)

Read

Coils

05 (05 hex)

Write single

Coil

15 (OF hex)

Write multiple

Coils

02 (02 hex)

Read

Discrete inputs

04 (04 hex)

Read

Input registers

03 (03 hex)

Read

Holding registers

06 (06 hex)

Write single

Holding register

16 (10 hex)

Write multiple

Holding registers

 

What is a cyclic redundancy check: a check method for error detection between the sending and the receiving device.

What is an example MODBUS RTU request: Request for the content of holding register #40508 to 40510 from the slave device address 52.

34 03 01FB 0003 7687

o34: the SlavID (52 = 34 hex).

o03: the FCode read holding register.

o01FB: the data address of the first register requested (40508-40001=507=1FB hex).

o0003: the total number of registers requested (read 3 registers: 40508 to 40510).

o7687:  the CRC for error checking.

What is the PDU: the Protocol Data Unit (PDU) is action required and the data transmitted.

What is MODBUS TCP/IP: a MODBUS variant used for communications over TCP/IP networks using the port 502.

What is a port: the port completes the destination or origination network address of a message. Ports are identified for each protocol and address combination by 16 bit unsigned numbers.

What does a MODBUS TCP/IP message look like:

Transaction ID

Protocol ID

Length

UnitID

FCode

Data

 

oWhat is a transaction ID: transaction identifier: 2 bytes set by the client to uniquely identify each request. These bytes are echoed by the server.

oWhat is a protocol ID: protocol identifier: 2 bytes set by the client, always 00 00.

oWhat is a length: 2 bytes identifying the number of bytes in the message to follow.

oWhat is a unit ID: unit identifier: 1 byte set by the client and echoed by the server for identification of a remote slave connected on a serial line or on other buses.

What is MBAP: the MODBUS Application Header (MBAP) is added to the start of a MODBUS message when sent via TCP/IP. This includes a transaction ID, protocol ID, length and unit ID.

What is an example MODBUS TCP/IP request: Request for the content of holding register #40508 to 40510 from the slave device address 52.

o0001 0000 0006 34 03 001FB 0003

o0001: Transaction Identifier.

o0000: Protocol Identifier.

o0006: Message length (6 bytes to follow)

o34: the SlavID (52 = 34 hex).

o03: the FCode read holding register.

o01FB: the data address of the first register requested (40508-40001=507=1FB hex).

o0003: the total number of registers requested (read 3 registers: 40508 to 40510).

Is the data send via MODBUS protocol always the same on every device: MODBUS as a protocol doesn’t define how the protocol should be stored and registered. Each manufacturer defines their own. The Master need to understand how the data is sent.

What is WordSwap: reverse the words.

What is ByteSwap: reverse the bytes.

What is Byte+WordSwap: reverse the bytes and words.

What is No Change: no change in the data received.

What is UInt16: unsigned 16 bit integer.

What is an integer: a number which is not a fraction, a whole number.

What is an unsigned integer: a number without + or – association.

What is UInt32: unsigned 32 bit integer.

What is a Float: a number with a decimal place.

What is a MODBUS map: a list that defines:

1)What the data is (serial number, temperature, relative humidity, dew point…).

2)Where the data is stored (tables and data addresses).

3)How the data is stored (data types, byte and word processing).

Some devices are built with a fixed map that is defined by the manufacturer. While other devices allow for the operator to configure or program a custom map to fit their needs.

How to integrate a MODBUS device into RMS: When integrating a device into RMS via the RMS converter, simply request for the MODBUS map! Then simply follow the procedure: Modbus Editor - Integration of Modbus TCP products into RMS