Modbus Protocol

What is Modbus?
Modbus
Modbus is a communications protocol based on master/slave (RTU) or client/server (TCP/IP) architectures that can operate on the 1st, 2nd, 7th level of the OSI Model.
Originally designed in 1979 by Modicon for its range of PLCs, it is now a de facto standard communications protocol in the industry, becoming the most widely available protocol for the connection of industrial electronic devices.
-
Modbus allows to control a network of devices, for example a meter reading system, and communicate the measures to a computer.
-
One level higher in the architecture, Modbus is also sometimes used to connect SCADA (supervisory control and data acquisition) systems with RTUs (remote terminal units).
-
To suit this variety of applications, several Modbus protocol versions are available for serial and Ethernet media.
jump to RTU vs TCP | jump to How it works | jump to Ports |
Why is Modbus so widespread?
- Because it was designed for industrial applications,
- it is easy to implement and requires little development,
- It handles blocks of data without restrictions,
- and it is public and free of charge.
What are common limitations with Modbus ?
- Since Modbus is a master/slave based protocol, it is not possible for a field device to report changes by itself (with the exception of Modbus over Ethernet networks). Thus the master node must routinely poll each field device and look for the data changes itself. This delays the network and consumes bandwidth, which can be a problem in applications where bandwidth is expensive, such as a low bit rate radio link.
- Since Modbus was designed for the communication with PLCs in the late 1970s, the number of data types is limited to those understood by PLCs at that time.
- The Modbus protocol can only address a maximum of 254 devices on a data link, limiting the number of devices that can connect to a master station (again with the exception of Ethernet TCP/IP).
- There is no standard way for a node to find the description of a data object, for example, to determine if a register value represents a voltage in a certain range.
- Modbus transmissions must be contiguous, which requires remote communication devices to be able to store data to avoid gaps in transmission.
- Modbus does not provide protection against unauthorized commands or data interception.
Modbus Variants/Versions
Modbus RTU
This version is used for serial communication (e.g. over RS-232, RS-422 or RS-485 serial ports) and thus the most common one. The protocol uses a compact binary representation of the data and tails the messages with a cyclic redundancy checksum (CRC) to check for errors and ensure data reliability. A Modbus RTU message must be transmitted continuously and are seperated by inactive (silent) periods.
Modbus ASCII
The Modbus ASCII format is utilized for serial communication and makes use of ASCII characters for the communication protocol. The ASCII format relies on longitudinal redundancy check (LRC) checksum for error checking.
Modbus TCP/IP or Modbus TCP
This Modbus variant is used for communications over TCP/IP networks and does not require a checksum calculation, as lower layers already provide it.
Modbus over TCP/IP or Modbus over TCP or Modbus RTU/IP — This variant encapsulates Modbus RTU for its use in TCP/IP/Ethernet networks.
Modbus over UDP — In rarer cases Modbus RTU is used over UDP on IP networks to save the overhead required for TCP.
Modbus TCP/IP vs Modbus RTU over TCP vs Modbus RTU
Modbus RTU is meant for serial communications (RS232 or RS485 are the most common). Messages begin with a Slave ID (one byte) and end with a CRC (two bytes). Modbus RTU over TCP refers to taking the RTU message is encapsulated for Ethernet communication without actually changing the message itself. The Modbus RTU message is usually sent through a serial port connector and then converted by an Ethernet/ modbus gateway.
In the Modbus TCP standard a 6 byte MBAP header is added to the message and the two byte CRC is removed. Alternatively, there are also gateways that convert Modbus RTU into a Modbus TCP messages by changing the message bytes.
The biggest advantage of Modbus TCP/IP over Modbus RTU is that you can use more than one polling device, unlike Modbus RTU which only allows for a single master device. Any additional masters would destroy the network communications. With Ethernet, you also to deal with less termination and configuration issues.
Nowadays, the versatility, speed and scalability of Ethernet networks are usually preferred over serial, but some still prefer the simplicity, wiring and cost efficiency of Modbus RTU. Depending on the available ports, slaves/servers usually operate with one or the other protocol.
Modbus RTU vs Modbus ASCII
The two modes included in the standard define how the message bytes are transmitted, and how the data is wrapped into the message and unwrapped again. It is not possible to use both transmission modes on one network. The transmission mode can be selected together with other parameters of the serial communication port, although there are some devices that do not allow to choose, as they have a fixed transmission mode, such as some PLCs and frequency inverters using Modbus RTU by default.
Modbus vs DNP3
Modbus is an application layer protocol, whereas DNP3 consists of both an application and data link layer. Another difference is that DNP3 also supports unsolicited messaging. This means that RTUs can send updates when a change of status happens, without waiting to be polled by the master.
Both protocols can be used over various media, such as RS-232, RS-485, and TCP/IP.
While Modbus has a specific variant for TCP/IP communcation, DNP3 needs to be wrapped within TCP/IP.
Since you can send more data in smaller packets and unlike Modbus, it is an event-driven protocol, meaning that network devices are able to transmit unsolicited responses and continuity is not required, using DNP3 can save lots of bandwidth. Furthermore, DNP3 is highly standardized and provides high compatibility and interoperability between devices from many different vendors.
Still, some prefer Modbus for its simplicity and the high number of devices that support the protocol. So, both Modbus and DNP3 can be implemented in functional and efficient SCADA systems, making it strongly dependent on the project network.
How it Works
Each device on the Modbus network has a unique address. Any device can send Modbus commands, but usually only a master device is allowed to do so. Every Modbus command contains the address of the device to which the command is being sent. With the exception of the special “broadcast” mode, all devices in a Modbus network receive the frame but only the recipient executes it. Every message further includes redundant information to ensure data integrity on reception. Basic Modbus commands can be used to control RTUs, in order to modify the value of one of its registers or to request the values of these registers.
The Modbus protocol is supported by a large number of modems, some of which have been specifically designed for this protocol. There are implementations for wired, wireless, SMS or GPRS connection. Most of the problems encountered with Modbus are related to latency and synchronization.
Modbus over Ethernet vs RS-232 vs RS-485
It is important not to confuse communication protocols with standards for electrical characteristics of the physical communication media. Some protocols require a specific physical standard as in the case of IEC 61850 requiring Ethernet. Usually in these cases, the physical standard goes hand in hand with the protocol and cannot be changed. Different communication media are used depending on project needs. The standards’ main differences are the communication speeds, the maximum number of connected devices and the physical distance between connected nodes.
MODBUS, on the other hand, does not specify the physical layer, and can thus be used with several physical layer standards:
RS-232
The RS-232 (Recommended Standard 232) or also known EIA-232 (Electronic Industries Alliance-232) standard is used only in point-to-point communications, i.e. it only supports communications between two devices, which in the case of the Modbus protocol would be a master and a slave device. The maximum speed of RS-232 is around 115Kbp/s with a maximum distance between network devices of about 30m.
RS-422, or also TIA/EIA-422, was intended to replace the older RS-232C standard with a standard that used differential signalling to provide higher speeds, longer cable lengths and less noise. At short distances, data transmission rates can reach up to 10 Mbit/s. At lower rates, data can be send through cables with a length of up to 1,500 meters.
RS-485
The RS-485 (Recommendad Standard-485) or EIA-485 (Electronic Industries Alliance-485) standard is one of the most widely used standards for serial communication with Modbus. The main difference with RS-232 is that it allows more than two devices on the network, enabling to have several Modbus slaves. It achieves rates of up to 12Mbps and in rarer cases up to 50Mbps, while the maximum distance within the network is 1200m, and the maximum number of devices on the network is 32.
Ethernet
Depending on the variation used, transimission speeds with Ethernet range from 100Mbps and up to 10Gbps, while maximum distance can vary from 100m to 200m depending on project conditions and the type of cable used. In some cases, it is possible to use fiber optic networks, which enable longer distances and higher communication rates, as well as wireless communication.
Ask us!
Communication Protocols
IEC 60870–5 is a protocol standard for telecontrol, teleprotection, and other telecommunication functions for electric power systems.
IEC 60870–5‑104 (short IEC104) is a companion standard defining how to extend the IEC 60870–5‑101 protocol to gain network access using standard transport profiles.
DLMS/COSEM (or IEC 62056) is the main global standard for smart energy metering, control and management. It includes specifications for media-specific communication profiles, an object-oriented data model and an application layer protocol.
Modbus is a communications protocol based on master/slave (RTU) or client/server (TCP/IP) architectures that can operate on the 1st, 2nd, 7th level of the OSI Model.
Originally designed in 1979 by Modicon for its range of PLCs, it is now a de facto standard communications protocol in the industry, becomming the most widely available protocol for the connection of industrial electronic devices.
Distributed Network Protocol 3 (DNP3) is a set of communications protocols used between components for automation systems in electric, industrial and water sectors.
It is a key protocol in SCADA systems, where it is primarily used for communications between a master station and RTUs or IEDs.
ICCP (Inter-Control Center Communications Protocol) is a standard protocol for communications between control centers, which is part of the IEC 60870–6 standard under the name of TASE.2 Telecontrol Application Service Element 2.
It is being used around the world to exchange data over wide area networks (WANs) between grid operators, utilities, virtual power plants, regional control centers and other generators.
PROFIBUS (Process Field Bus) is an open standard for fieldbus communications in industrial automation systems that was first promoted in Germany in 1989.
The now most commonly found “Profibus DP” provides simple communications between Profibus masters and their remote I/O slaves.

all entries sorted aplhabetically
Modbus & iGrid
We have collected, converted and transferred data using several versions of the Modbus protocol in projects all over the world in many kinds of projects. All of our systems are able to communicate with and convert the protocol according to specific project needs.
The Slimmest Gateway
The iGWlite comes with 1 Ethernet, 1 RS485/RS422 and an optional RS-232 port (copper or fiber) or a 2G/3G/4G mode – taking little space on a DIN-Rail, but still employing the full iGrid protocol stack.

iControl SCADA
High-performance SCADA for the visualization and control of substation data. It is able to run either in client/server or standalone modes, providing advanced functionalities such as hot-standby redundancy, automatic line coloring, events notification (via e‑mail and sms), SQL logging, and reports generation.

iRTU – With I/Os for Direct Data Acquisition
Compact and scalable bay controller which can act as IEC 61850 client or server, featuring configurable I/O boards for direct data acquisition, high-precision timestamping and an optional Ethernet switch for additional Ethernet ports.

iGW‑S Substation Gateway
Powerful and reliable substation gateway, able to run either in standalone or redundant modes, with an embedded Ethernet switch (4 ports) and IEC 61850 client and server capabilities.

iRTUe – Remote I/O Extensions
iGWs, iRTUs and third party master units can be freely extended by connecting one or several iRTUe.
They are IEC 61850 (GOOSE) compliant and come in many configurations such as 48 DI, 16 relays, 16 AI, 24 DI + 8 relays, 24 DI + 8 AI or 8 relays + 8 AI.
iGW-VM – unlimited control
The freely scalable iGW-VM supports all architectures using Windows or Linux, acting as a substation gateway, bay controller, RTU or communication front-end for SCADA systems. The iGW-VM is thus the perfect software choice for projects with a predetermined/preferred hardware or a large grid to cover (high number of datapoints).
iGrid Solutions and Applications

Automation with IEC 61850
The IEC 61850 standard is enabling new oportunities for vendor interoperability and advanced substation automation. Find out how you can take advantage of IEC 61850 with easy-to-use and adaptable solutions for a simple migration or retrofit.

HV Substation Automation
Powerful substation automation systems often handle numerous communication protocols and media within one network, which can result in expensive and complex projects. Avoid these problems with interoperable technology and smart configuration tools.

MV Distribution Grid Automation
It is often difficult to find the exact solution you need in a MV application, leading to higher costs than necessary. With our scalable and adaptable solutions you will be able to only pay for what you really need, without comprimising on quality or security.

Photovoltaic Power Station
Using an open and scalable SCADA system to monitor and control a PV plant comes with many benefits on several levels. Find out how advanced communication technology affects PV operation, maintenance, system design, investment security, profits…