What is Modbus?

• Mod­bus allows to con­trol a net­work of devices, for exam­ple a meter read­ing sys­tem, and com­mu­ni­cate the mea­sures to a computer.

• One lev­el high­er in the archi­tec­ture, Mod­bus is also some­times used to con­nect SCADA (super­vi­so­ry con­trol and data acqui­si­tion) sys­tems with RTUs (remote ter­mi­nal units).

• To suit this vari­ety of appli­ca­tions, sev­er­al Mod­bus pro­to­col ver­sions are avail­able for ser­i­al and Eth­er­net media.

Why is Modbus so widespread?

• Because it was designed for indus­tri­al applications,
• it is easy to imple­ment and requires lit­tle development,
• It han­dles blocks of data with­out restric­tions,
• and it is pub­lic and free of charge.

What are common limitations with Modbus ?

• Since Mod­bus is a master/slave based pro­to­col, it is not pos­si­ble for a field device to report changes by itself (with the excep­tion of Mod­bus over Eth­er­net net­works). Thus the mas­ter node must rou­tine­ly poll each field device and look for the data changes itself. This delays the net­work and con­sumes band­width, which can be a prob­lem in appli­ca­tions where band­width is expen­sive, such as a low bit rate radio link.
• Since Mod­bus was designed for the com­mu­ni­ca­tion with PLCs in the late 1970s, the num­ber of data types is lim­it­ed to those under­stood by PLCs at that time.
• The Mod­bus pro­to­col can only address a max­i­mum of 254 devices on a data link, lim­it­ing the num­ber of devices that can con­nect to a mas­ter sta­tion (again with the excep­tion of Eth­er­net TCP/IP).
• There is no stan­dard way for a node to find the descrip­tion of a data object, for exam­ple, to deter­mine if a reg­is­ter val­ue rep­re­sents a volt­age in a cer­tain range.
• Mod­bus trans­mis­sions must be con­tigu­ous, which requires remote com­mu­ni­ca­tion devices to be able to store data to avoid gaps in trans­mis­sion.
• Mod­bus does not pro­vide pro­tec­tion against unau­tho­rized com­mands or data interception.

Modbus Variants/Versions

Mod­bus RTU
This ver­sion is used for ser­i­al com­mu­ni­ca­tion (e.g. over RS-232, RS-422 or RS-485 ser­i­al ports) and thus the most com­mon one. The pro­to­col uses a com­pact bina­ry rep­re­sen­ta­tion of the data and tails the mes­sages with a cyclic redun­dan­cy check­sum (CRC) to check for errors and ensure data reli­a­bil­i­ty. A Mod­bus RTU mes­sage must be trans­mit­ted con­tin­u­ous­ly and are seper­at­ed by inac­tive (silent) periods.

Mod­bus ASCII 
The Mod­bus ASCII for­mat is uti­lized for ser­i­al com­mu­ni­ca­tion and makes use of ASCII char­ac­ters for the com­mu­ni­ca­tion pro­to­col. The ASCII for­mat relies on lon­gi­tu­di­nal redun­dan­cy check (LRC) check­sum for error checking.

Mod­bus TCP/IP or Mod­bus TCP
This Mod­bus vari­ant is used for com­mu­ni­ca­tions over TCP/IP net­works and does not require a check­sum cal­cu­la­tion, as low­er lay­ers already pro­vide it.

Mod­bus over TCP/IP or Mod­bus over TCP or Mod­bus RTU/IP — This vari­ant encap­su­lates Mod­bus RTU for its use in TCP/IP/Ethernet networks.

Mod­bus over UDP — In rar­er cas­es Mod­bus RTU is used over UDP on IP net­works to save the over­head required for TCP. 

Modbus TCP/IP vs Modbus RTU over TCP vs Modbus RTU

Mod­bus RTU is meant for ser­i­al com­mu­ni­ca­tions (RS232 or RS485 are the most com­mon). Mes­sages begin with a Slave ID (one byte) and end with a CRC (two bytes). Mod­bus RTU over TCP refers to tak­ing the RTU mes­sage is encap­su­lat­ed for Ether­net com­mu­ni­ca­tion with­out actu­al­ly chang­ing the mes­sage itself. The Mod­bus RTU mes­sage is usu­al­ly sent through a ser­i­al port con­nec­tor and then con­vert­ed by an Ethernet/ mod­bus gateway.

In the Mod­bus TCP stan­dard a 6 byte MBAP head­er is added to the mes­sage and the two byte CRC is removed. Alter­na­tive­ly, there are also gate­ways that con­vert Mod­bus RTU into a Mod­bus TCP mes­sages by chang­ing the mes­sage bytes.

The biggest advan­tage of Mod­bus TCP/IP over Mod­bus RTU is that you can use more than one polling device, unlike Mod­bus RTU which only allows for a sin­gle mas­ter device. Any addi­tion­al mas­ters would destroy the net­work com­mu­ni­ca­tions. With Eth­er­net, you also to deal with less ter­mi­na­tion and con­fig­u­ra­tion issues.

Nowa­days, the ver­sa­til­i­ty, speed and scal­a­bil­i­ty of Eth­er­net net­works are usu­al­ly pre­ferred over ser­i­al, but some still pre­fer the sim­plic­i­ty, wiring and cost effi­cien­cy of Mod­bus RTU. Depend­ing on the avail­able ports, slaves/servers usu­al­ly oper­ate with one or the oth­er protocol.

Modbus RTU vs Modbus ASCII

The two modes includ­ed in the stan­dard define how the mes­sage bytes are trans­mit­ted, and how the data is wrapped into the mes­sage and unwrapped again. It is not pos­si­ble to use both trans­mis­sion modes on one net­work. The trans­mis­sion mode can be select­ed togeth­er with oth­er para­me­ters of the ser­i­al com­mu­ni­ca­tion port, although there are some devices that do not allow to choose, as they have a fixed trans­mis­sion mode, such as some PLCs and fre­quen­cy invert­ers using Mod­bus RTU by default.

Modbus vs DNP3

Mod­bus is an appli­ca­tion lay­er pro­to­col, where­as DNP3 con­sists of both an appli­ca­tion and data link lay­er. Anoth­er dif­fer­ence is that DNP3 also sup­ports unso­licit­ed mes­sag­ing. This means that RTUs can send updates when a change of sta­tus hap­pens, with­out wait­ing to be polled by the master.

Both pro­to­cols can be used over var­i­ous media, such as RS-232, RS-485, and TCP/IP.
While Mod­bus has a spe­cif­ic vari­ant for TCP/IP com­munca­tion, DNP3 needs to be wrapped with­in TCP/IP.

Since you can send more data in small­er pack­ets and unlike Mod­bus, it is an event-dri­ven pro­to­col, mean­ing that net­work devices are able to trans­mit unso­licit­ed respons­es and con­ti­nu­ity is not required, using DNP3 can save lots of band­width. Fur­ther­more, DNP3 is high­ly stan­dard­ized and pro­vides high com­pat­i­bil­i­ty and inter­op­er­abil­i­ty between devices from many dif­fer­ent vendors.

Still, some pre­fer Mod­bus for its sim­plic­i­ty and the high num­ber of devices that sup­port the pro­to­col. So, both Mod­bus and DNP3 can be imple­ment­ed in func­tion­al and effi­cient SCADA sys­tems, mak­ing it strong­ly depen­dent on the project network.

How it Works

Each device on the Mod­bus net­work has a unique address. Any device can send Mod­bus com­mands, but usu­al­ly only a mas­ter device is allowed to do so. Every Mod­bus com­mand con­tains the address of the device to which the com­mand is being sent. With the excep­tion of the spe­cial “broad­cast” mode, all devices in a Mod­bus net­work receive the frame but only the recip­i­ent exe­cutes it. Every mes­sage fur­ther includes redun­dant infor­ma­tion to ensure data integri­ty on recep­tion. Basic Mod­bus com­mands can be used to con­trol RTUs, in order to mod­i­fy the val­ue of one of its reg­is­ters or to request the val­ues of these reg­is­ters.

The Mod­bus pro­to­col is sup­port­ed by a large num­ber of modems, some of which have been specif­i­cal­ly designed for this pro­to­col. There are imple­men­ta­tions for wired, wire­less, SMS or GPRS con­nec­tion. Most of the prob­lems encoun­tered with Mod­bus are relat­ed to laten­cy and synchronization.

Modbus over Ethernet vs RS-232 vs RS-485

It is impor­tant not to con­fuse com­mu­ni­ca­tion pro­to­cols with stan­dards for elec­tri­cal char­ac­ter­is­tics of the phys­i­cal com­mu­ni­ca­tion media. Some pro­to­cols require a spe­cif­ic phys­i­cal stan­dard as in the case of IEC 61850 requir­ing Eth­er­net. Usu­al­ly in these cas­es, the phys­i­cal stan­dard goes hand in hand with the pro­to­col and can­not be changed. Dif­fer­ent com­mu­ni­ca­tion media are used depend­ing on project needs. The stan­dards’ main dif­fer­ences are the com­mu­ni­ca­tion speeds, the max­i­mum num­ber of con­nect­ed devices and the phys­i­cal dis­tance between con­nect­ed nodes.

MODBUS, on the oth­er hand, does not spec­i­fy the phys­i­cal lay­er, and can thus be used with sev­er­al phys­i­cal lay­er standards:

RS-232
The RS-232 (Rec­om­mend­ed Stan­dard 232) or also known EIA-232 (Elec­tron­ic Indus­tries Alliance-232) stan­dard is used only in point-to-point com­mu­ni­ca­tions, i.e. it only sup­ports com­mu­ni­ca­tions between two devices, which in the case of the Mod­bus pro­to­col would be a mas­ter and a slave device. The max­i­mum speed of RS-232 is around 115Kbp/s with a max­i­mum dis­tance between net­work devices of about 30m.

RS-422, or also TIA/EIA-422, was intend­ed to replace the old­er RS-232C stan­dard with a stan­dard that used dif­fer­en­tial sig­nalling to pro­vide high­er speeds, longer cable lengths and less noise. At short dis­tances, data trans­mis­sion rates can reach up to 10 Mbit/s. At low­er rates, data can be send through cables with a length of up to 1,500 meters.

RS-485
The RS-485 (Rec­om­men­dad Stan­dard-485) or EIA-485 (Elec­tron­ic Indus­tries Alliance-485) stan­dard is one of the most wide­ly used stan­dards for ser­i­al com­mu­ni­ca­tion with Mod­bus. The main dif­fer­ence with RS-232 is that it allows more than two devices on the net­work, enabling to have sev­er­al Mod­bus slaves. It achieves rates of up to 12Mbps and in rar­er cas­es up to 50Mbps, while the max­i­mum dis­tance with­in the net­work is 1200m, and the max­i­mum num­ber of devices on the net­work is 32.

Eth­er­net
Depend­ing on the vari­a­tion used, tran­simis­sion speeds with Eth­er­net range from 100Mbps and up to 10Gbps, while max­i­mum dis­tance can vary from 100m to 200m depend­ing on project con­di­tions and the type of cable used. In some cas­es, it is pos­si­ble to use fiber optic net­works, which enable longer dis­tances and high­er com­mu­ni­ca­tion rates, as well as wire­less communication.