What Is Modbus and How Does It Work?

The Modbus communication protocol is the oldest and the most popular in process automation and communication between intelligent devices, which can be PLCs, HMIs, PCs, or DCS.

Table of Contents

What is Modbus?

Modbus is a communication protocol that transmits information over serial lines between electronic devices.

This protocol was developed by Modicon ( now Schneider Electric ) in 1979 for use with its programmable logic controllers (PLC). Since then, it has become widely accepted in industrial and manufacturing sectors.

How does Modbus work?

Modbus is a Master-Slave communication protocol; the master, in this case, the controller or PLC, initiates the communication and requests the information, and the slave, which can be a sensor or any field device, responds to the master’s request.

What is Modbus used for?

Modbus is used widely by many manufacturers throughout many industries. Modbus is typically used to transmit signals from instrumentation and control devices back to a main controller or data-gathering system, such as a system that measures temperature and humidity and communicates the results to a computer.

Modbus often connects a supervisory computer with a remote terminal unit (RTU) in supervisory control and data acquisition (SCADA) systems.

Versions of the Modbus protocol exist for serial lines (Modbus RTU and Modbus ASCII) and Ethernet (Modbus TCP).

How is data stored in Standard Modbus?

Information is stored in the Server device in four different tables. Two tables store on/off discrete values (coils), and two store numerical values (registers).

The coils and registers each have a read-only table and a read-write table, each with 9999 values. Each coil or contact is 1 bit and assigned a data address between 0000 and 270E.

Each register is 1 word = 16 bits = 2 bytes and has a data address between 0000 and 270E.

What are the Types of Modbus?

Modbus has several variations, each designed to cater to different communication needs and environments. The main types of Modbus are.

Modbus RTU (Remote Terminal Unit)

Characteristics

  • Binary Transmission: Uses a compact, binary representation for communication.
  • Efficient: Minimal overhead and higher data throughput compared to ASCII.
  • Error Checking: Employs a Cyclic Redundancy Check (CRC) for error detection.
  • Serial Communication: Typically operates over RS-232, RS-485, or RS-422 serial lines.

Applications

  • Ideal for real-time industrial control applications.
  • They are commonly used in PLCs, remote I/O, and other industrial devices.

Modbus ASCII

Characteristics

  • Text-Based Transmission: Uses ASCII characters for communication.
  • Ease of Debugging: Human-readable messages make it easier to diagnose issues.
  • Error Checking: Utilizes Longitudinal Redundancy Check (LRC) for error detection.
  • Serial Communication: Also operates over RS-232, RS-485, or RS-422 serial lines.

Applications

  • Suitable for environments where ease of debugging is prioritized over communication efficiency.
  • They are often used in systems where Modbus RTU is impractical or unsupported.

Modbus TCP/IP (Modbus over TCP/IP)

Characteristics

  • Network Communication: Encapsulates Modbus messages within TCP/IP packets.
  • No Addressing Limitations: Unlike serial Modbus, which has a limited address range, Modbus TCP/IP can support many devices.
  • Built-in Error Checking: Relies on TCP/IP’s inherent error-checking mechanisms.
  • Ethernet-Based: Operates over standard Ethernet networks.

Applications

  • Suitable for large-scale industrial networks and modern automation systems.
  • They are used in SCADA systems, building management systems, and other applications requiring networked communication.

Modbus Plus

Characteristics

  • Proprietary Network: Developed by Modicon (now Schneider Electric) as a high-speed, peer-to-peer protocol.
  • Token Passing: A token-passing method is used for communication between devices.
  • Proprietary Hardware: Requires specific hardware for implementation.

Applications

  • High-speed industrial networks where Modicon PLCs are used.
  • Systems need deterministic communication and reduced latency.

Modbus over Serial Line

Characteristics

  • Serial Communication: Uses traditional RS-232, RS-485, or RS-422 serial lines.
  • Flexibility: It can be implemented using either Modbus RTU or Modbus ASCII.
  • Point-to-Point or Multi-Drop: Supports both point-to-point and multi-drop configurations.

Applications

  • Small to medium-sized industrial control systems.
  • Applications where network infrastructure is not available or practical.

Modbus UDP/IP

Characteristics

  • Network Communication: Uses UDP/IP to encapsulate Modbus messages.
  • Reduced Overhead: Lighter protocol compared to TCP/IP, offering faster transmission but without guaranteed delivery.
  • Ethernet-Based: Operates over standard Ethernet networks.

Applications

  • Real-time applications where speed is critical and occasional packet loss is acceptable.
  • Situations requiring minimal protocol overhead.

Advantages of Modbus

Modbus has some advantages over other communication protocols.

Simplicity

It is easy to understand and implement. I usually tell people that if they want to wire a Modbus RTU, they should just wire A to A and B to B.

You can wire devices from different manufacturers.

Since Modbus is widely used in the industry, it is easy to wire two or more devices from different manufacturers and establish communication between them without an issue.

Wide Adoption

The Modbus protocol is widely used in the manufacturing and industrial sectors, as well as in industrial automation and control systems.

Limitations of Modbus protocol

Though Modbus is widely used, nothing is perfect; it has limitations and flaws.

Limited data

If you compare it with modern protocols, Modbus has lower data transmission.

No Built-in security

Modbus does not include security features such as encryption or authentication.

Address limitations

Modbus has a limited number of addresses ( 256 for Modbus RTU and ASCII and up to 65536 for Modbus TCP).

How Does Modbus compare with Other Protocols

Here is how Modbus compares to other industrial communication protocols.

Modbus vs. Profibus

Complexity

Modbus is simpler and easier to implement than Profibus, which is more complex and requires specialized knowledge.

Cost

Modbus generally has lower implementation costs than Profibus, which often requires specialized hardware and software.

Modbus vs. Ethernet/IP

Interoperability

While Ethernet/IP is also widely used, Modbus has a longer history of interoperability across a broad range of devices and manufacturers.

Network Requirements

Modbus can operate over simple serial connections, whereas Ethernet/IP requires an Ethernet network.

Modbus vs. BACnet

Simplicity

Modbus is simpler to implement and understand than BACnet and is designed for more complex building automation systems.

Use Cases

Modbus is often preferred in straightforward industrial control applications, while BACnet is more commonly used in building automation.

How to troubleshoot Modbus communication issues

Troubleshooting Modbus communication issues can be systematic and methodical, ensuring all potential problems are identified and resolved. Here’s a step-by-step guide to troubleshooting Modbus:

Check Physical Connections

  • Cabling: Verify that all cables are properly connected and not damaged. For serial connections, check for correct wiring (RS-232, RS-485, or RS-422).
  • Terminations: Ensure proper termination resistors are used, especially for RS-485 networks.
  • Grounding: Check for proper grounding to avoid noise and interference.

Verify Communication Settings

  • Baud Rate: Ensure all devices are set to the same baud rate.
  • Parity: Check that parity settings (even, odd, none) match all devices.
  • Stop Bits: Verify that the number of stop bits is consistent.
  • Device Address: Ensure that each device has a unique address.

Check Power Supply

  • Voltage Levels: Ensure that all devices are receiving the correct voltage.
  • Power Stability: Verify that the power supply is stable and not causing intermittent issues.

Use Diagnostic Tools

  • Modbus Scanner: Use a Modbus scanner or diagnostic tool to check for active communication and identify issues.
  • Oscilloscope/Logic Analyzer: An oscilloscope or logic analyzer inspects the signals on the communication lines.
  • Protocol Analyzers: Employ protocol analyzers to capture and analyze Modbus messages.

Examine Software Configuration

  • Master Configuration: Ensure the master device is correctly configured to communicate with the slaves.
  • Slave Configuration: Verify that the slave devices are properly configured to respond to the master’s requests.
  • Function Codes: Check that the correct function codes are used for the intended operations (e.g., reading coils and writing registers).

Check for Error Messages

  • Exception Codes: Review any exception codes returned by slave devices to understand the type of error (e.g., illegal function, illegal data address).
  • CRC Errors: Monitor for CRC errors that indicate data integrity issues during transmission.

Test with Known Good Device

  • Swap Devices: Temporarily replace a suspect device with a known good device to see if the issue persists.
  • Loopback Test: Perform a loopback test on serial ports to ensure they function correctly.

Isolate Network Segments

  • Divide and Conquer: Break the network into smaller segments to isolate the faulty section.
  • Single Device Test: Test communication with individual devices one at a time to identify problematic devices.

Firmware and Software Updates

  • Update Firmware: Ensure all devices have the latest updates to fix known bugs and improve compatibility.
  • Software Patches: Apply relevant software patches or updates to the master device or control system.

Documentation and Manuals

  • Consult Manuals: Refer to the device manuals and Modbus protocol documentation for specific troubleshooting tips and guidelines.
  • Vendor Support: Contact device manufacturers or vendors if the issue persists.

Common Modbus Issues and Solutions

Here are some common Modbus issues and solutions.

No Communication

  • Check physical connections and power supply.
  • Verify that communication settings (baud rate, parity, stop bits) match.
  • Ensure proper addressing of devices.

Intermittent Communication

  • Inspect for loose or damaged cables.
  • Check for electrical noise or interference.
  • Verify proper termination and grounding.

Incorrect Data

  • Ensure correct function codes and data addresses are used.
  • Check for data type mismatches (e.g., 16-bit registers vs. 32-bit values).
  • Validate the integrity of data packets using CRC checks.

CRC Errors

  • Inspect and replace faulty cables.
  • Verify proper termination for RS-485 networks.
  • Check for noise or interference on communication lines.

How to use a multimeter for troubleshooting Modbus

You can use a digital multimeter to troubleshoot Modbus; you need a multimeter to do this. You can get a digital multimeter from Amazon if you do not have one.

how to troubleshoot a 4-20 mA loopYou can use a multimeter to troubleshoot Modbus communication and identify electrical issues in the communication network’s physical layer.

Verify Power Supply

Ensure that all devices are receiving the correct voltage.

Set the Multimeter

Turn the multimeter to the appropriate voltage setting (AC or DC) based on the power supply specifications.

Measure Voltage

Place the multimeter probes on the power supply terminals.

Expected Voltage

Compare the reading to the expected voltage (e.g., 24V DC or 230V AC).

Action

Inspect the power source and connections if the voltage is outside the acceptable range.

Check Grounding

Proper grounding is essential to prevent noise and interference.

Set the Multimeter

Turn the multimeter to the continuity or resistance setting.

Test Ground Connection

Place one probe on the device’s ground terminal and the other on a known good ground point.

Continuity

The multimeter should show low resistance or beep if continuity mode is used.

Action

If there’s no continuity, inspect and repair the ground connections.

Measure Resistance in Cables

Check for broken or shorted cables.

Set the Multimeter

Turn the multimeter to the resistance (ohms) setting.

Measure Cable Resistance

Disconnect the cable and measure the resistance between the ends.

Expected Value

Resistance should be low (close to 0 ohms) for good cables and very high or infinite for open circuits.

Action

Replace cables if resistance readings indicate a problem.

Check Signal Levels on RS-485 Lines

Verify that the signal levels are within the expected range for RS-485 communication.

Set the Multimeter

Turn the multimeter to the DC voltage setting.

Measure Voltage Levels:

A to Ground: Place the positive probe on the A and the negative probe on the ground.

B to Ground: Place the positive probe on the B line and the negative probe on the ground.

A to B: Measure the voltage difference between A and B lines.

Expected Values

Idle State: A to B should typically read between -0.2V and -1V.

Active State: When data is being transmitted, you should see fluctuations.

A to Ground: Typically 1.5V to 3.5V.

B to Ground: Typically 1.5V to 3.5V but should be opposite polarity to A.

Action

If the voltage levels are outside these ranges, check for end-of-the-line (EOL) resistors (typically 120 ohms across A and B at both bus ends).

Ensure the cables are properly connected and not reversed.

Check End of the Line  Resistors (EOL)

Verify that End Of the Line (EOL) resistors are properly installed on RS-485 networks.

An end-of-the-line resistor is a resistor at the end of the Modbus communication, telling the controller (master) that the communication has reached an end, hence the name.

Set the Multimeter

Turn the multimeter to the resistance (ohms) setting.

Measure Termination Resistance

Disconnect one end of the network.

Measure the resistance across the A and B lines at the disconnected end.

Expected Value

It should be around 60 ohms (two 120 ohm resistors in parallel).

Action

If the resistance is not as expected, check if the end-of-line resistors are them, and if not, please add them.

Continuity Test for RS-232

Sometimes, your Modbus communication fails because an open circuit is in the line. Check the continuity of RS-232 cables.

Set the Multimeter

Turn the multimeter to the continuity setting.

Test Each Line:

Test each pin for continuity from one cable end to the corresponding pin at the other.

Ensure there are no shorts between different lines.

Action:

Replace or repair cables if any continuity issues or shorts are found.

FAQ: What Is Modbus and How Does It Work

What is the Server ID or Modbus ID?

Each server in a network is assigned a unique unit address from 1 to 247. When the client requests data, the first byte it sends is the Server address. This way, each server knows after the first byte whether or not to ignore the message. 

What is a Modbus Map?

A Modbus map is simply a list for an individual server device that defines – what the data is (e.g. pressure or temperature readings)

– where the data is stored (which tables and data addresses)

– how the data is stored (data types, byte and word ordering)

Some devices are built with a fixed map defined by the manufacturer, while others allow the operator to configure or program a custom map to fit their needs. 

What is a CRC in Modbus?

CRC stands for Cyclic Redundancy Check. Two bytes are added to the end of every Modbus message for error detection, and every byte in the message is used to calculate the CRC.

The receiving device also calculates the CRC and compares it to the CRC from the sending device. If even one bit of the message is received incorrectly, the CRCs will differ, resulting in an error. 

What is the difference between Modbus ASCII and Modbus RTU?

Modbus RTU and Modbus ASCII use the same protocol. The only difference is that the bytes transmitted over the wire are presented as binary with Modbus RTU and readable ASCII with Modbus ASCII. 

What is Enron Modbus?

Enron Modbus is a modification to the standard Modicon Modbus communication protocol developed by Enron Corporation.

Why is Modbus so popular?

Modbus is so popular because it is easy for non-programmers to understand.

Engineers who built glue machines, meters, measuring devices, and other similar devices could easily understand the concept of coils/registers and the simple commands to read and write them.

 What is Modbus RTU speed?

Most Modbus RTU devices only support speeds up to 38400 bits per second.

How many slaves can be connected in Modbus RTU?

Modbus will support up to 247 slaves from addresses 1 to 247 —address 0 is reserved for broadcast messages.

In practice, the number of slave addresses that can be used is determined by the communications link chosen. For example, RS485 is limited to 31 slaves.

Who is a master in Modbus?

The Modbus protocol exchanges data using a request/response mechanism between a master and a slave.

The master/slave principle is a communication protocol in which a device (the master) controls one or more devices (the slaves).

What is Modbus communication protocol?

Modbus is a serial communication protocol developed by Modicon and published by Modicon® in 1979 for use with its programmable logic controllers (PLCs).

When should you not use Modbus?

Don’t use Modbus if you have a lot of data to transfer. The packets are limited to a maximum of 120 bytes.

Transferring 1K requires almost ten messages. It’s just not efficient for any large data transfer.

Is Modbus dead?

No, Modbus is not dead. It will continue to live on as there are millions of Modbus devices, but we can’t expect to see anything in the way of new Modbus RTU devices.

Is Modbus a TCP or UDP?

Modbus TCP runs on top of a TCP/IP connection and has a 6-byte header at the beginning of each simple Modbus frame, where frame means either a request or response packet.

Modbus UDP protocol is nearly identical to Modbus TCP except that it runs connectionless on UDP/IP

What is the difference between Ethernet and Modbus?

Modbus TCP/IP combines a physical network (Ethernet) with a networking standard (TCP/IP) and a standard method of representing data (Modbus as the application protocol).

The Modbus TCP/IP message is simply a Modbus communication encapsulated in an Ethernet TCP/IP wrapper.

Why is Modbus still used?

The ease with which Modbus RTU transmits, decodes, and manages data makes it easier to use with devices that support the RS232, RS485, and RS422 serial physical standards, which are still widely used and supported in industrial plants and by major manufacturers.

Is Modbus RTU serial?

Modbus RTU is an open, serial (RS-232/422/485) protocol derived from the Master/Slave architecture.

It is the most used serial protocol today due to its ease of use and reliability. Modbus RTU messages are a simple 16-bit CRC (Cyclic-Redundant Checksum).

What is a Modbus RTU?

Modbus RTU is an open serial protocol derived from the master/slave architecture (now client/server) originally developed by Modicon (now Schneider Electric). It is a widely accepted serial-level protocol for its ease of use and reliability.

What is Modbus RTU vs TCP?

The most basic difference between MODBUS RTU and MODBUS TCP/IP is that MODBUS TCP/IP runs on an Ethernet physical layer, and Modbus RTU is a serial-level protocol.

Modbus TCP/IP also uses a 6-byte header to allow routing. Getting the RS485 network to work correctly can be very challenging.

 Is Modbus RTU the same as RS-485?

Is Modbus the same as RS485? The answer is no because these are relative concepts that need each other to fulfill their purposes.

Modbus defines the protocol type, and RS485 defines the signal level of the protocol.

Key takeaways: What Is Modbus and How Does It Work

Modbus remains a popular protocol in industrial automation and control systems due to its simplicity, reliability, and ease of use.

Despite some limitations, its wide adoption and versatility make it a standard choice for many applications in various industries.

Leave a Reply