Modbus is an explicit serial communication protocol, developed by Modicon in the year 1979. Primarily it was designed for use with its programmable logic controllers (PLCs) but soon after it turned into a universally accepted mode of communication between various industrial electronic devices owing to its many advantages. The protocol is in the public domain. There are no royalties or restrictions on its use even for commercial purposes. Modbus protocol exists in different versions for Serial port, Ethernet and other added networks that sustain the IP suite. Serial EIA-485 physical layer is the commonly used communication layer for good number of Modbus devices.
In support of serial connections comparatively diverse representations of numerical data and protocol details exist for two special formats i.e. Modbus RTU & Modbus ASCII. Unlike Modbus RTU, the ASCII format is extra effusive and user friendly. The RTU is more of a compressed form of binary data. The configurations set for RTU will not work for ASCII and vice versa. Modbus RTU requires the use of 8 data bits for each character sent where as Modbus ASCII can be implemented using 7 data bits. A further updated version, Modbus/TCP which doesn’t necessitate checksum calculation is intended for communication over TCP/IP (e.g. Ethernet). Modbus Plus (Modbus+ or MB+), another sophisticated protocol which remains the sole proprietary to Modicon. This is an expensive version of the protocol to use since it requires a Modbus_+ adapter for each device. These adapters commonly cost up to $2,000. A distinctive address is assigned to each and every device projected for communication via Modbus and only the intended device will respond to the Modbus command sent over the network by the master node.
Modbus register formats
Modbus is a master/slave protocol whose data functions are based on a register model. A register is the smallest addressable entity with Modbus. Four Modbus register formats which are commonly used consists of:
1. Bit or Boolean
2. Signed or unsigned 16-bit integer
3. Signed or unsigned 32-bit integer
4. Floating point (single precision IEEE-754)
Modbus registers which are defined as 32-bit integer or floating point are known as double registers as they occupy two 16-bit register addresses. By default, the high order bytes are allocated in the first register and the low order bytes in the second register but sometimes double registers are swapped by setting nciGatewayOpts.bit6 to 1. Mismatched interpretation between the two Modbus devices being interfaced normally results in invalid numbers. In this case, data transfer may return half of a floating point value as an integer i.e. resulting in one invalid number, or may write a floating point to two consecutive integer registers (resulting in two invalid numbers). Hence devices must be properly configured to provide the correct register format to avoid these types of invalid combinations.
Most commonly used Modbus register types includes:
1. Coil (Discrete Output)
2. Discrete Input
3. Input Register
4. Holding Register
The address range for Modbus was originally defined from 0 to 9999 but now the currently specified range has been updated from 0 to 65,535. This address range is valid for each type of Modbus register. The function code specified in the Modbus query message packet determines what register type is being referenced. Reference range for all the four register types is mentioned below:
- 0x Coil 00001-09999
- 1x Discrete Input 10001-19999
- 3x Input Register 30001-39999
- 4x Holding Register 40001-49999
Sometimes it becomes necessary to access more than 10,000 of a register type. Additional register types and reference ranges include the following:
- 0x Coil 000001-065535
- 1x Discrete Input 100001-165535
- 3x Input Register 300001-365535
- 4x Holding Register 400001-465535
It is mandatory to use six digit register references while using the extended register referencing to easily differentiate between holding register 40001 and coil 40001. “If coil 40001 is the target, it must appear as 040001.” 1
In spite of its unfussiness and simplicity, Modbus protocol embraces few restrictions as well. The most considerable limitation is its incapability to sustain and uncover description of large binary objects. Moreover Modbus being a Master/slave protocol provides no means for a field device to “Report by exception”. Also Modbus addressing restrictions up to 247 devices per data link confines the range of field devices requiring connection to a master station.