About MODBUS 1
What is MODBUS?
MODBUS is an application layer messaging protocol, positioned at level 7 of the OSI model, which provides client/server communication between devices connected on different types of buses or networks.
(Note: compared MODBUS, there is a newer protocol called DPWS – Devices Profile for Web Service, which is based on Web Services for Devices, WSD, this one is better for new devices which will used for web communication, such as home automation, but for all existing MODBUS devices, whether need considering to use WSD really depends on market requirement. )
Abbreviations
ADU - Application Data Unit
HDLC - High level Data Link Control
HMI - Human Machine Interface
IETF - Internet Engineering Task Force
I/O - Input/Output
IP - Internet Protocol
MAC - Media Access Control
MB - MODBUS
MBAP - MODBUS Application Protocol
PDU - Protocol Data Unit
PLC - Programmable Logic Controller
TCP - Transmission Control Protocol
MODBUS PDU size:
MODBUS PDU for serial line communication = 256 - Server address (1 byte) - CRC (2 bytes) = 253 bytes.
RS232 / RS485 ADU = 253 bytes + Server address (1 byte) + CRC (2 bytes) = 256 bytes.
TCP MODBUS ADU = 253 bytes + MBAP (7 bytes) = 260 bytes.
Data Encoding:
MODBUS uses a 'big-Endian' representation for addresses and data items. This means that when a numerical quantity larger than a single byte is transmitted, the most significant byte is sent first.
for example Register size 16 bits , value is 0x1234, then the first byte sent is 0x12 then 0x34.
MODBUS Data model:
There are 4 primary tables: Discretes Input, Colis, Input Registers, Holding Registers. For each of the primary tables, the protocol allows individual selection of 65536 data items.
In a MODBUS PDU each data is addressed from 0 to 65535.
In the MODBUS data Model each element within a data block is numbered from 1 to n.
Function codes:
01 (0x01) Read Coils
02 (0x02) Read Discrete Inputs
03 (0x03) Read Holding Registers
04 (0x04) Read Input Registers
05 (0x05) Write Single Coil
06 (0x06) Write Single Register
07 (0x07) Read Exception Status (Serial Line only)
08 (0x08) Diagnostics (Serial Line only)
11 (0x0B) Get Comm Event Counter (Serial Line only)
12 (0x0C) Get Comm Event Log (Serial Line only)
16 (0x0F) Write Multiple Coils
16 (0x10) Write Multiple registers
17 (0x11) Report Server ID (Serial Line only)
20 (0x14) Read File Record
21 (0x15) Write File Record
22 (0x16) Mask Write Register
23 (0x17) Read/Write Multiple registers
24 (0x18) Read FIFO Queue
43 ( 0x2B) Encapsulated Interface Transport
43 / 13 (0x2B / 0x0D) CANopen General Reference Request and Response
43 / 14 (0x2B / 0x0E) Read Device Identification
See Also
1: About Modbus 2
2: About Modbus 3