Recently, I used the Modbus protocol for communication with third-party devices. Here are some points to summarize and share, to help everyone avoid pitfalls in the future. This article does not provide a systematic explanation of the Modbus protocol but describes the issues and precautions encountered during usage, taking RS485-based Modbus-RTU as an example:
1. Byte Order Issues
Modbus uses big-endian byte order for message transmission, which is very important. Incorrect byte order will prevent the parsing and assembly of multi-byte data.
The big-endian byte order means that the high byte of a data value is sent first. For example, if a word-sized data value is 0x1234, when packed into a Modbus frame for transmission, the data field first sends 0x12, followed by 0x34. The transmission order is similar for other multi-byte data types and CRC16 checks.
Both the sender and receiver on the bus must follow the big-endian byte order transmission format.
2. Unicast and Broadcast
Communication on the Modbus bus can be done using unicast and broadcast methods. Generally, there is only one master and multiple slaves on the same bus. At any given time, a master can communicate with a desired slave by distinguishing addresses, which is the unicast method. Meanwhile, the Modbus bus also allows a master to communicate with multiple slaves using a broadcast method.
We often refer to this communication method as master/slave communication. The master sends a request message, and when the slave receives the correct message, it responds to the request back to the master. The master can also directly send messages to modify the slave’s data, achieving bidirectional read/write of master/slave data.
3. Communication Protocol with PLC
The specific device for communication only differs in the function codes supported by different devices or the related terminology and conventions. It is necessary to distinguish based on the respective devices, but all comply with the Modbus protocol standard.
When communicating with a PLC, the provided protocol will specify the corresponding PLC address, which does not match the register address and other addresses in the actual Modbus message data frame.
As shown in the figure above, PLC engineers usually provide protocols based on the PLC address, while many software engineers assume that the PLC address (also called the PLC storage address) is the same as the register address in the Modbus message data frame. In fact, the two are not equal.
For example, the Modbus message address corresponding to each function code of Siemens PLC starts from 0, i.e., from 0x0000 to 0xFFFF. Therefore, you can consider the PLC address as an absolute address, while the Modbus message address is merely a relative address under that function code.
For instance, using function code 03H to read the register at PLC storage address 40002, the register address in the Modbus message would be 01.
4. Understanding Coils and Registers
Due to early PLCs using some Boolean values to control relays or contactors, these devices primarily operated through coils to engage and disengage. This terminology has been retained over time. Coils are divided into input coils and output coils, which is somewhat similar to reading and writing the level of MCU IO pins.
For non-Boolean type data, the concept of registers is used for continued transmission, which should help further understand these names in the PLC.
5. RS485 Termination Resistors
For long-distance RS485 communication, a linear connection with a 120Ω termination resistor is used to reduce interference and increase the stability of bus communication, as shown in the figure below:
Finally
Alright, here I have simply introduced some pitfalls encountered recently while using Modbus. Remember to follow and learn!
Due to recent changes in WeChat public platform push rules, many readers have reported not seeing updated articles in a timely manner. According to the latest rules, it is recommended to frequently click on “Recommended Reading, Share, and Collect” to become a regular reader.
Recommended Reading:
-
Different Paths, Same Destination: Foxconn’s Journey in Car Manufacturing Is Like TSMC?
-
Is It the End or a Beginning? Let’s Wait and See~
-
Only 12 Minutes: It’s Time to Shuffle~
Please click on 【View】 to give the editor some encouragement
