Archive for the 'Modbus' Category

Useful tools and applications for Modbus

Published by cpascu March 1st, 2010 in Modbus, RS485 and Utilities and tools. Comments

Here’s a useful list of tools to use with Modbus devices:

  • CAS Modbus Scanner (download)
    • Allows us to retrieve coils, inputs, holding registers, and input registers from a Modbus enabled device.
  • Modbus RTU Parser (download)
    • Allows us to analyze an RTU message and see what type of message it is, if there are any errors, what device the message came from, etc…
  • Modbus TCP Parser (download)
    • Allows us to analyze an TCP message and see what type of message it is, if there are any errors, what device the message came from, etc…
  • Wireshark (homepage)
    • Used for capturing Modbus TCP messages coming through the ethernet port.
    • A full list of the captured data can be found here.
  • Modbus Specification (pdf)
    • Official specification of the Modbus Application Protocol
  • Nerds In Control (homepage)
    • Very useful community website for automation professionals.
    • An excellent place to ask for Modbus help or help others with their Modbus problems.
  • Modbus Simulator (download)
    • Used for simulating a Modbus server for testing and learning purposes.
  • Simply Modbus (download)
    • Good Modbus TCP and RTU software, an alternative to our CAS Modbus Explorer and Scanner.
    • Website provides good tutorials on Modbus.
  • Capturing with serial connections (tutorial)
    • How to capture Modbus messages with a serial connection using free tools like PuTTY.
  • Modhopper (info)
    • Allows connecting up to 128 Modbus devices through wifi to any Modbus network.

    • Feel free to suggest other tools that you find useful and I will add them to the list.

    Did you like this post?

    Subscribe To The RSS Feed!
    To catch many more articles like this in the future, make it easy on yourself and subscribe to me via RSS. You will not regret it!

    Do you have a question?
    We will do our best to try and solve any building automation, protocol, integration problem you may have

CAS Modbus Scanner v1.02aB

Published by cpascu February 3rd, 2010 in Modbus, RS232 and RS485. Comments

CAS Modbus Scanner is a utility to retrieve coils, inputs, holding registers, and input registers from a Modbus enabled device. Values retrieved from the device can be viewed in many different formats including Binary, HEX, Uint16, Int16, Uint32, Int32, and Float32.

Features:

  • Can read; coil status (0xxxx), input status(2xxxx), input registers (3xxxx), and holding registers (4xxxx)
  • Data is viewable in Binary, HEX, Uint16, Int16,Uint32, Int32, and Float32
  • Multiple connections
  • Works with RS232 and RS485, TCP
  • Easy to use interface
  • 100% Free to use, no registration required.

New

  • Works with Modbus TCP
  • Works on Windows Vista and Windows 7 (32bit and 64bit)

Did you like this post?

Subscribe To The RSS Feed!
To catch many more articles like this in the future, make it easy on yourself and subscribe to me via RSS. You will not regret it!

Do you have a question?
We will do our best to try and solve any building automation, protocol, integration problem you may have

Modbus/TCP to BACnet/IP Configuration Sample

Published by cpascu August 5th, 2009 in BACnet, BACnet MSTP and Modbus. Comments

This example FieldServer configuration illustrates a config which reads data from a Modbus/TCP device and makes the data available as BACnet data. A remote BACnet client can read and write points.

Relationship between a connection, node and Map Descriptor for a client

The name of the connection/adapter is used to form the relationship between the connection and the node. Here the name ‘N1’ is used in common. This means that when messages are sent to the node called PLC_01 (Node Address=1) they will be sent using connection N1.

As the FieldServer processes each task (Map Descriptor) it needs to know which device or node to send the message to. The name of the Node is used to form the relationship. For example, the task to read address 40001 is defined for Node=’PLC_01’. Now the FieldServer looks for a node with the same name. When it finds it, it then known which connection to send the message on. In this example, it also finds the IP address of the node. So now it knows to send a read holding register message to the device with device address = 1 at IP Adrdess 192.168.1.82 using Network connection N1.

img1

Relationship between a connection, node and Map Descriptor for a Server

For a server, it is not necessary to form a relationship between the connection and the node. What does it mean when a node is not related to a connection? Let’s say you define the same protocol on two connections (eg N1 and N2 – not all FieldServer’s have both) but you want to use the same server node to respond to messages that arrive on connection N1 or N2. By leaving the relationship between a connection and a node undefined (like this example), this becomes possible.

For a server, Map Descriptors may be thought of as server data object definitions. They must be related to a node. When a request for data from node 11 (like this example) is received, the driver must find a matching server node in the config. Once a matching node is found, the FieldServer must find a data object definition that matches the request. Thus, a relationship between the node and the Map Descriptor must be established. This is done by using a common Node_Name as illustrated by the green line.

img2

What connects two protocols together?

The Data Arrays connect protocols. The client reads data and stores it in a data array. The server serves data, extracting it from the Data Array and serving the data using a different protocol. Some data scaling or rearrangement may be required. FieldServer provides tools to move, reorganize, do arithmetic and scale Data Array data. In this example the relationship is direct.

In this diagram the pink and purple lines show how client side data read using Modbus is served as BACnet Data.

img3

The Client read 20 data items from register 30001 and stores the data in DA_Ana_Inputs starting at offset zero.

This means DA_Ana_Inputs[0] contains the value of register 30001.  DA_Ana_Inputs[1] contains the value of register 30002.  DA_Ana_Inputs[2] contains the value of register 30003.

The server Map Descriptor named ‘AnaInput01’ serves data extracted from the Data Array named ‘DA_Ana_Inputs’ offset 0. Thus the data it serves correlates to register 30001.

The server Map Descriptor named ‘AnaInput02’ serves data extracted from the Data Array named ‘DA_Ana_Inputs’ offset 1. Thus the data it serves correlates to register 30002.

The server Map Descriptor named ‘AnaInput03’ serves data extracted from the Data Array named ‘DA_Ana_Inputs’ offset 2. Thus the data it serves correlates to register 30003

A similar discussion applies to the other data.

If the client goes offline or the data cannot be read because of some error then the age of the data increases. At some point the data becomes too old to serve in which case the FieldServer marks the data as unreliable.

Data Arrays

Data Arrays are used to store data. Select Data_Formats that are suitable for the data. FieldServers can store 1,8,16 and 32 bit data, signed and unsigned as will as floating point data. A few other formats such as packed_bits and packed_bytes allow binary data to be easily packed/unpacked. In addition using special functions data can be moved from one location to another. During the move, data formats can be changed and arithmetic can be performed.

Data arrays use FieldServer memory but the length does not affect the point count.

img4

Scaling

A value can be scaled before it is served. In this example, the value served will be 100 times smaller than the value found in the Data Array. Read the config as follows; When a value of 0-10,000 is extracted from the Data Array it will be served to the remote node as a value between 0-100.

img5

Modbus Client

No more than once per second (Scan_Interval) read (Function=RDBC which means read continuously) 20 (Length) input registers starting at address 30001 (Address) and store the returned data in DA_Ana_Inputs[0..19]. For this protocol the Map_Descriptor_Name serves only a descriptive purpose – it is not used by the protocol.

There are three other similar tasks. Each reads a different data type and stores it in a different location.

img6

BACnet Server

The BACnet device instance has been set to 11. (Node_ID).

12 Data objects have been defined. Each is defined by a single map descriptor. The unstated length of each map descriptor is 1 (default value for this protocol.). That means each map descriptor defines a single BACnet data object. The object type and instance numbers are defined by Data_Type and Object_ID. They do not have to be sequential.

The MapDescriptor name is used as the BACnet Object Name. When a remote client reads from this server it will find objects named ‘AnaInput01’, ‘AnaInput02’, etc…

The Virtual BACNet device will be allocated to the Local Network. (Network zero). There are methods to change this default allocation.

A parameter called ‘Relinqush_Default’ tells the driver what value to set the object to if it is not being commanded by a remote device and if it is not being read from a remote device. It is required for output types and the typical value is zero.

The function is set to server meaning that these map descriptors are capabilities as opposed to tasks. The FieldServer does no active work based on these Map Descriptors. The server side waits passively until it receives a message from a remote BACnet device. When a message is received, the Fieldserver matches it against a server side node and then against the server side map descriptors. If there is a match data can be extracted and served. If there is no match then an error response is sent.

img7

Engineering Units are a property of a BACnet data object. You can set them to any supported unit using the ‘Units’ parameter. The manual provides a full list of units. You can see the analog data is scaled before it is served.

How to Write/Command Data

When you send a BACnet comamd to change the value of an object (typically an output object) then a message is sent to the FieldSever with the new value. If a matching device and object are found the Data Array is updated. Normally the data is read by the client side and shared with the server side. These two operations seem to contradict each other. Here is how it works:

1. Normally client side (Modbus) reads the data and server side serves that data.

2. BACnet Scada System sends a command to write a data object.

3. This causes the FieldServer to store the data in the Data Array location being used by the corresponding Server Map Descriptor.

4. This in turn triggers a once off operation. Instead of reading the data from the Modbus Device, a single write to the Modbus device is performed with the new data. FieldServers call this a ‘write-though-read’. That is why we get away with having no ‘write’ map descriptors to the Modbus device but we are still able to send commands to the Modbus Device.

Lets say a remote controller sends a new setpoint to Analog Output #2. In this case the new setpoint is stored in DA_Ana_Outputs[1] (offset 1).

img13

You can deduce that DA_Ana_Outputs[1] corresponds to Modbus register 40002. ( Basis for deduction – follow the data array name from the server map descriptor – find which client Map Descrptor uses the same Data Array. In this case it is the one called ‘Read_Holding_Regs’. Now you can see that 40001 corresponds to DA_Ana_Outputs[0] and hence 40002 corresponds DA_Ana_Outputs[1].

img14

Now the FieldServer knows where to send the new setpoint and hence a message to set 40002 in device #1 using Modbus/TCP is sent.

Modbus and Floating Point Numbers

Modbus does not naturally have a way of transporting floating point numbers. Commonly, two 16bit integers are used to store a representation of a floating point number. Commonly the representation method is IEEE754. FieldServer have a method of doing the conversion.

The following table shows the FieldServer function moves that copy two adjacent 16-bit registers to a 32-bit floating point value:

img8

In these examples, 32 16-bit values are combined to form 16 floating point numbers.

In the 1st example DA_SYN_REG[502] and DA_SYN_REG[503] are combined and stored in DA_SYN_ FLOAT500[0]. This is repeated 15 more times. Eg DA_SYN_REG[504] and DA_SYN_REG[505] are combined and stored in DA_SYN_FLOAT500[1].

img9

Complete Configuration File

img10
img11
img12

Did you like this post?

Subscribe To The RSS Feed!
To catch many more articles like this in the future, make it easy on yourself and subscribe to me via RSS. You will not regret it!

Do you have a question?
We will do our best to try and solve any building automation, protocol, integration problem you may have

CAS Modbus Explorer

Published by cpascu April 27th, 2009 in Modbus, RS232, RS485 and Utilities and tools. Comments

Modbus communications not working ? How do you know what’s wrong – is it the baud rate, the parity or even the address? There are so many things that can affect communications.

The Modbus protocol does not support discovery. There is no broadcast message that you can send that will make a slave respond with its port and address settings. The protocol allows for broadcast messages to be sent but doesn’t demand that every vendor supports this feature.

modbusexplorer

Use the CAS Modbus Explorer to find the correct port settings and the correct slave address.
The tool automates the process of trying all the combinations and reports the results. We provide burst and standard mode. In burst mode we send messages to all the possible slave address before waiting for a reply from any of them. This dramatically improves the time required to do the discovery.

The tool works for RS232 and RS485 by allowing you to search for a single device or multiple slaves. To connect to a RS485 network from your laptop you simply need a USB-to-485 converter.

Here is the problem – there are thousands of combinations:

Baud 300, 600, 1200, 2400, 4800, 9600, 19200, 38400, 57600, 115200
Parity, None, Odd, Even
Stop Bits 1, 2
Data Bits 7, 8
Address 1-254

If you had to manually search/test all these combinations it will take you ages. Relax, go for lunch and let the CAS Modbus Explorer do all the work for you.

Did you like this post?

Subscribe To The RSS Feed!
To catch many more articles like this in the future, make it easy on yourself and subscribe to me via RSS. You will not regret it!

Do you have a question?
We will do our best to try and solve any building automation, protocol, integration problem you may have

Converting Modbus 16 bit numbers to 32 bit numbers

Published by pchipkin April 15th, 2009 in Modbus. Comments

Often the Vendor documentation does not report the byte order in which registers are served or the order in which words must be combined to form 32 bit numbers. For this reason FieldServer provides 4 functions to convert Modbus 16 bit numbers to 32 bit numbers.

2.i16-1.i32

2.i16-1.i32-s

2.i16-1.i32-sw

2.i16-1.i32-sb

Each of these functions takes 2x 16 bits numbers to form a 32 bit number. Each processes the bytes in a different order.

Practical Tip: The easiest way to determine which function to use is to experiment. Look at the values in the FieldServer Data Arrays. If the values are obviously wrong try the other move functions. (Don’t forget that some numbers may be scaled so the number you see in the Data Array may 10x or 100x too big / small).

Example:

In the move below if

DA_B01_REG[21] == 1 and

DA_B01_REG[22] == 2

Then

DA_B01_INT32[21] == 131073

Explanation

1 + 65536* 2 = 131073

Or In Hexadecimal

0×0001 + 0×0002 * 0×10000 = 0×20001

Moves

Source_Data_Array ,Source_Offset ,Target_Data_Array ,Target_Offset ,Length ,Function

DA_B01_REG ,21 ,DA_B01_INT32 ,21 ,2 ,2.i16-1.i32

By the way, the length is 2 because the move must process two values from the source.

Example:

DA_B01_REG[21] == 1 and

DA_B01_REG[22] == 2

Function In Use Value found in DA_B01_INT32[21]
2.i16-1.i32 131073
2.i16-1.i32s 16777728
2.i16-1.i32-sw 65538
2.i16-1.i32-sb 33554688

Did you like this post?

Subscribe To The RSS Feed!
To catch many more articles like this in the future, make it easy on yourself and subscribe to me via RSS. You will not regret it!

Do you have a question?
We will do our best to try and solve any building automation, protocol, integration problem you may have

How Real (Floating Point) and 32-bit Data is Encoded in Modbus RTU Messages

Published by cpascu December 3rd, 2008 in Modbus and Uncategorized. Comments

The article discusses some of the typical difficulties encountered when handling 32-bit data types via Modbus RTU and offers practical help for solving these problems.

The point-to-point Modbus protocol is a popular choice for RTU communications if for no other reason that it’s basic convenience. The protocol itself controls the interactions of each device on a Modbus network, how device establishes a known address, how each device recognizes its messages and how basic information is extracted from the data. In essence, the protocol is the foundation of the entire Modbus network.

Such convenience does not come without some complications however, and Modbus RTU Message protocol is no exception. The protocol itself was designed based on devices with a 16-bit register length. Consequently, special considerations were required when implementing 32-bit data elements. This implementation settled on using two consecutive 16-bit registers to represent 32 bits of data or essentially 4 bytes of data. It is within these 4 bytes of data that single-precision floating point data can be encoded into a Modbus RTU message.

The Importance of Byte Order

Modbus itself does not define a floating point data type but it is widely accepted that it implements 32-bit floating point data using the IEEE-754 standard. However, the IEEE standard has no clear cut definition of byte order of the data payload. Therefore the most important consideration when dealing with 32-bit data is that data is addressed in the proper order.

For example, the number 123456.00 as defined in the IEEE 754 standard for single-precision 32-bit floating point numbers appears as follows:

The affects of various byte orderings are significant. For example, ordering the 4 bytes of data that represent 123456.00 in a “B A D C” sequence in known as a “byte swap”. When interpreted as an IEEE 744 floating point data type, the result is quite different:

Ordering the same bytes in a “C D A B” sequence is known as a “word swap”. Again, the results differ drastically from the original value of 123456.00:

Furthermore, both a “byte swap” and a “word swap” would essentially reverse the sequence of the bytes altogether to produce yet another result:

Clearly, when using network protocols such as Modbus, strict attention must be paid to how bytes of memory are ordered when they are transmitted, also known as the ‘byte order’.

Determining Byte Order

The Modbus protocol itself is declared as a ‘big-Endian’ protocol, as per the Modbus Application Protocol Specification, V1.1.b:

“Modbus uses a “big-Endian” representation for addresses and data items. This means that when a numerical quantity larger than a single byte is transmitted, the most significant byte is sent first.”

Big-Endian is the most commonly used format for network protocols – so common, in fact, that it is also referred to as ‘network order’.

Given that the Modbus RTU message protocol is big-Endian, in order to successfully exchange a 32-bit datatype via a Modbus RTU message, the endianness of both the master and the slave must considered. Many RTU master and slave devices allow specific selection of byte order particularly in the case of software-simulated units. One must merely insure that both all units are set to the same byte order.

As a rule of thumb, the family of a device’s microprocessor determines its endianness. Typically, the big-Endian style (the high-order byte is stored first, followed by the low-order byte) is generally found in CPUs designed with a Motorola processor. The little-Endian style (the low-order byte is stored first, followed by the high-order byte) is generally found in CPUs using the Intel architecture. It is a matter of personal perspective as to which style is considered ‘backwards’.

If, however, byte order and endianness is not a configurable option, you will have to determine the how to interpret the byte. This can be done requesting a known floating-point value from the slave. If an impossible value is returned, i.e. a number with a double-digit exponent or such, the byte ordering will most likely need modification.

Practical Help

The FieldServer Modbus RTU drivers offer several function moves that handle 32-bit integers and 32-bit float values. More importantly, these function moves consider all different forms of byte sequencing. The following table shows the FieldServer function moves that copy two adjacent 16-bit registers to a 32-bit integer value.


Function Keyword Swap Mode Source Bytes Target Bytes
2.i16-1.i32 N/A [ a b ] [ c d ] [ a b c d ]
2.i16-1.i32-s byte and word swap [ a b ] [ c d ] [ d c b a ]
2.i16-1.i32-sb byte swap [ a b ] [ c d ] [ b a d c ]
2.i16-1.i32-sw word swap [ a b ] [ c d ] [ c d a b ]

The following table shows the FieldServer function moves that copy two adjacent 16-bit registers to a 32-bit floating point value:


Function Keyword Swap Mode Source Bytes Target Bytes
2.i16-1.ifloat N/A [ a b ] [ c d ] [ a b c d ]
2.i16-1.ifloat-s byte and word swap [ a b ] [ c d ] [ d c b a ]
2.i16-1.ifloat-sb byte swap [ a b ] [ c d ] [ b a d c ]
2.i16-1.ifloat-sw word swap [ a b ] [ c d ] [ c d a b ]

The following table shows the FieldServer function moves that copy a single 32-bit floating point value to two adjacent 16-bit registers:


Function Keyword Swap Mode Source Bytes Target Bytes
1.float-2.i16 N/A [ a b c d ] [ a b ][ c d ]
1.float-2.i16-s byte and word swap [ a b c d ] [ d c ][ b a ]
1.float-2.i16-sb byte swap [ a b c d ] [ b a ][ d c ]
1.float-2.i16-sw word swap [ a b c d ] [ c d ][ a b ]

Given the vairous FieldServer function moves, the correct handling of 32-bit data is dependent on choosing the proper one. Observe the following behavior of these FieldServer function moves on the known single-precision decimal float value of 123456.00:


16-bit Values Function Move Result Function Move Result
0×2000 0x47F1 2.i16-1.float 123456.00 1.float-2.i16 0×2000 0x47F1
0xF147 0×0020 2.i16-1.float-s 123456.00 1.float-2.i16-s 0xF147 0X0020
0×0020 0xF147 2.i16-1.float-sb 123456.00 1.float-2.i16-sb 0×0020 0xF147
0x47F1 0×2000 2.i16-1.float-sw 123456.00 1.float-2.i16-sw 0x47F1 0×2000

Notice that different byte and word orderings require the use of the appropriate FieldServer function move. Once the proper function move is selected, the data can be converted in both directions.

Of the many hex-to-floating point converters and calculators that are available in the Internet, very few actually allow manipulation of the byte and word orders. One such utility is located at www.61131.com/download.htm where both Linux and Windows versions of the utilities can be downloaded. Once installed, the utility is run as an executable with a single dialog interface. The utility presents the decimal float value of 123456.00 as follows:

One can then swap bytes and/or words to analyze what potential endianness issues may exist between Modbus RTU master and slave devices.

Did you like this post?

Subscribe To The RSS Feed!
To catch many more articles like this in the future, make it easy on yourself and subscribe to me via RSS. You will not regret it!

Do you have a question?
We will do our best to try and solve any building automation, protocol, integration problem you may have

Multiple Clients of a Modbus slave

Published by cpascu October 22nd, 2008 in FieldServer, Modbus and Uncategorized. Comments

We are frequenty asked how you deal with a situation where you have more than one client for a slave(s). The Modbus spec does not support this but we have a solution.

The essence of the solution if to use a multi-port FieldServer. Connect each client to its own port and the slave(s) to thier own ports. Each client will see a single virtual slave(s) on its network. This not only solves the problem but is extremely efficient. Of course the FieldServer needs to be correctly configured.

In a situation like this we exploit the FieldServer technology known as ‘Port Expansion’

Figure 1: Normally it is not possible to connect two clients to the same slave. There are two primary reasons:
1) If you are using RS232 then there can only be two devices on the cable segment.
2) If you are using RS485 then the 2nd client will not know to proceess the poll from the 1st client. It will cause errors.



Click to enlarge

Figure 2: Using a FieldServer with an appropriate configuration solves this problem whether you are using RS232 otr RS485.



Click to enlarge

Figure 3: Each client is on its own port. Thus each client does not see poll messages from the other client. In this example client#1 sends a poll to the FieldServer. The is directed a specific slave address. When the poll arrives at the FieldServer, the FieldServer checks the address against its configuration. If there is no match then an exception response is sent. If there is a match the FieldServer determines the port that the matching slave is configured on. The poll message is then relayed to the slave port.



Click to enlarge

Figure 4: The slave responds. The FieldServer relays the response to client#1. The FieldServer also extracts the data from the response and stores in a temporary location (FieldServer calls that a cache block). The duration/expiry of the storage is configurable.



Click to enlarge

Figure 5: If any client requests the same data (client#1 or #2) and the data hasnt expired then the FieldServer responds with data from the temporary storage.



Click to enlarge

Figure 6: If any client requests different data or if the temporary data has expired then the match and relay process is repeated requesting the new data.



Click to enlarge

Figure 7: The slave responds, the response is relayed to the client doing the polling (Client#2 in this case) and the data is stored temporarily so that it is available to the other client.



Click to enlarge

Did you like this post?

Subscribe To The RSS Feed!
To catch many more articles like this in the future, make it easy on yourself and subscribe to me via RSS. You will not regret it!

Do you have a question?
We will do our best to try and solve any building automation, protocol, integration problem you may have

Scaling / Bit Packing

Published by cpascu October 21st, 2008 in FieldServer, Modbus and Uncategorized. Comments

FieldServers can scale data and manipulate values using some binary logic and arithmetic functions. Scaling can be applied to each block of Modbus Data read/served.

  • Move to change type : Convert from any FIeldServer Data Type to any other.
  • Move to pack/unpack bits and bytes: Its possible to address each bit in a 8,16 or 32 bit data element by using the packed data types.
  • Move to change byte/word order: Handle the endianess of the remote system easily.
  • Convert to/from Float, MK10, IEE754, 32 bit, 16 bit, 8 bit numbers
  • Move conditionally:
  • Perform Arithmetic Operation: + – * div sqrt, sqr
  • Perform Binary Logic Operation: And, Or, Not, >, >= , <, <=

Most functions can be configured to occur on a configurable period or on update of the data source.


Click for larger view

Did you like this post?

Subscribe To The RSS Feed!
To catch many more articles like this in the future, make it easy on yourself and subscribe to me via RSS. You will not regret it!

Do you have a question?
We will do our best to try and solve any building automation, protocol, integration problem you may have

Why 7 data bits is no good for Modbus RTU

Published by pchipkin October 10th, 2008 in Modbus. Comments

Modbus RTU is a binary protocol. It requires the use of all 8 bits in each character / byte that forms the message because there are many situations where the 8th bit is used. For example, an exception response has the 8th (most significant bit set. If you wanted to read holding register 40130 then the message contains the offset. In this case the offset is 129 (The distance from 40001). The number 129 requires 8 bits of storage. In fact all numbers greater than 127 require the 8th bit.  These are just two example of why 8 data bits are required to send RTU messages. It is concievable that a device could which supports less than 128 registers which will never have a value larger than 128 stored in any register could use 7 data bits but the message contains a checksum which might require the use of the 8th bit and this is why 7 data bits is never used for Modbus RTU. In fact you cant use 7 data bits for any binary protocol.

Example: Read 40130 length 31 from device 11.

[01]               [03]              [00]             [81]               [00]             [1f]               [54]               [2a] (Hex Values)

[0000 0001] [0000 0011] [0000 0000] [1000 0001] [0000 0000] [0001 1111] [0101 1000] [0010 1010]

Modbus Ascii (JBUS) is an ASCII protocol. Every character in the message is encoded in ASCII characters and ANSI ASCII character set only require 7 data bits to be encoded since the max value of an ASCII characters is 127. These days the set has been extended and contains non-human readable characters numbered from 128-255.

The same message sent in Jbus sends this string of human readable characters.

“01030081001f542a”

Keywords for this article: 8 Data_Bits

Did you like this post?

Subscribe To The RSS Feed!
To catch many more articles like this in the future, make it easy on yourself and subscribe to me via RSS. You will not regret it!

Do you have a question?
We will do our best to try and solve any building automation, protocol, integration problem you may have

Modbus Developer Resources

Published by Steven August 28th, 2007 in Modbus and Scott Cosby. Comment

This article will present Modbus resources to further aid the automation developer. The internet offers a wide variety of sites related to Modbus development from personal to commercial sites. This article will focus on two of the more detailed Modbus related websites.

The first website to be examined will be the official Modbus organization site, which offers a webpage specifically geared for the developer. The developer page on this site is divided into two categories:

  • Modbus Technical Resources
  • Offsite Links

The Modbus Technical Resources section of the developer page includes the following links:

The offsite links section of the developer page offers:

  • The link allows the developer to compile with Visual C++ 6.0 with Windows 95/98/2000 support.
  • FreeMODBUS offers the developer a no-cost implementation of the Modbus protocol, and is specially targeted for embedded systems. This implementation is based upon the most recent standards and should be fully standard compliant.
  • Modbus implementation through a Java library. The site is geared towards Java developers that need to access or share data using the Modbus protocol. The library is fully object oriented, based on abstractions which should support easy understanding, reusability and extensibility. This library is a free and open source to the public.
  • This link offers communication with Modbus/RTU slave devices connected to a PC serial port.
  • Modbus Poll allows the developer to test Modbus slave devices. Modbus Poll is a shareware program that supports Windows 95/98/ME/2000/XP.

There are other links in this section of the webpage. Developers should closely examine this page for other information and products for their specific needs.

A page of the Chipkin Automation Systems (CAS) website is the second important resource for the Modbus developer. CAS is a premier building automation authority. The company’s primary focus is on system integration and protocol conversion.

The CAS Modbus Scanner provides the developer with a utility program for the retrieval and review of Modbus enabled device(s) in a wide variety of formats, and at no-cost to the developer.

Written by: Scott Cosby

© Chipkin Automation Systems 2007

Did you like this post?

Subscribe To The RSS Feed!
To catch many more articles like this in the future, make it easy on yourself and subscribe to me via RSS. You will not regret it!

Do you have a question?
We will do our best to try and solve any building automation, protocol, integration problem you may have

« Previous Entries