The Modbus protocol is a widely used communication standard in industrial automation systems. Originally developed by Modicon (now Schneider Electric) in 1979, Modbus provides a simple and open method to connect various devices, such as PLCs, HMIs, sensors, actuators, and SCADA systems. It is especially valued for its simplicity, open standard, and widespread support across industrial equipment.
Communication occurs over serial connections where a Client sends a request and Servers respond. Data is sent as binary bits over serial ports (e.g., DB9) using voltages to represent 0 and 1. Speeds like 9600 baud are common. Over Ethernet, Modbus TCP is used.
Modbus is a serial communication protocol designed for transmitting information over serial lines between electronic devices. It follows a master-slave architecture where one device (master) initiates communication and one or more devices (slaves) respond. The protocol defines a message structure that devices can understand, regardless of the hardware they use to communicate.
Modbus RTU is the most commonly used version of the Modbus protocol. It transmits data in a compact binary format, offering high efficiency and fast communication over serial lines such as RS-485 and RS-232. Devices use a cyclic redundancy check (CRC) to ensure data integrity. This format is ideal for real-time data acquisition in distributed systems. Most PLCs and remote I/O modules support RTU mode due to its reliability and performance.
Modbus ASCII represents data in readable ASCII characters, using a colon (`:`) to start and a carriage return + line feed (CRLF) to end a message. This format is easier for humans to debug but adds communication overhead, making it slower than RTU. Modbus ASCII is mainly used in applications where data readability is more important than speed or efficiency, or when devices are not fully compliant with binary communication.
Modbus TCP/IP (or Modbus-TCP) is a modern adaptation that allows Modbus messages to be transmitted over standard Ethernet networks using the TCP protocol. This version removes the address field because each device has a unique IP. Modbus-TCP supports high-speed communication, easier network scalability, and can work over long distances without requiring serial converters. It is widely used in SCADA systems, data logging, and remote monitoring applications.
Modbus operates on a master-slave architecture in serial communication and a client-server architecture in TCP/IP. In this design, the master (or client) initiates all requests, and the slaves (or servers) respond. Communication is unidirectional per transaction — slaves never initiate messages. Up to 247 slave devices can be connected to a single master on a Modbus RTU network using unique slave IDs.
Function codes in Modbus are used to define specific actions like reading data or writing values. Below is a list of commonly used Modbus function codes:
| Function Code | Description |
|---|---|
| 01 | Read Coils (Digital Outputs) |
| 02 | Read Discrete Inputs (Digital Inputs) |
| 03 | Read Holding Registers (Analog Outputs / Setpoints) |
| 04 | Read Input Registers (Analog Inputs) |
| 05 | Write Single Coil (Digital Output) |
| 06 | Write Single Register (Analog Output) |
| 15 | Write Multiple Coils |
| 16 | Write Multiple Registers |
Modbus is commonly used in applications where multiple field devices need to communicate with a central controller or SCADA system. These applications include:
In a standard Modbus server device, data is stored in four logical tables. Two of these tables are used for discrete (on/off) values and two are used for numerical (word-based) values. Each of these tables is further divided by access type — either read-only or read/write.
Every table in the Modbus memory structure is capable of holding up to 9999 values. Discrete values (such as coils and contacts) are stored as 1-bit (single-bit) values, while registers are 1 word each — which is equal to 16 bits or 2 bytes. All these values are mapped to addresses ranging from 0000 to 270E in hexadecimal (0 to 9998 in decimal).
| Coil/Register Numbers | Data Address Range | Access Type | Table Name |
|---|---|---|---|
| 1 - 9999 | 0000 to 270E | Read/Write | Discrete Output Coils |
| 10001 - 19999 | 0000 to 270E | Read-Only | Discrete Input Contacts |
| 30001 - 39999 | 0000 to 270E | Read-Only | Analog Input Registers |
| 40001 - 49999 | 0000 to 270E | Read/Write | Analog Output Holding Registers |
Each Server on a Modbus network is identified by a unique address (1–247). The first byte of a Client message specifies the Server address, ensuring only the targeted Server responds.
The second byte of a Client request is the Function Code. It tells the Server which table to access and whether the operation is read or write. Common function codes include:
CRC stands for Cyclic Redundancy Check. It is an error-detection technique used in Modbus RTU messages to ensure data integrity during transmission. A CRC value is calculated from the data packet and sent along with it. The receiving device recalculates the CRC and compares it with the received CRC. If they match, the data is considered valid.
Baud rate defines the speed of communication in bits per second (bps) over a serial line. In Modbus RTU or ASCII, baud rate determines how fast data is transmitted between devices.
In Modbus TCP, communication takes place over a TCP/IP network. An IP address identifies each device (such as PLC, HMI, or PC) on the network. The master uses the IP address to send requests to the correct slave device.
ASCII (American Standard Code for Information Interchange) is a character-based format used in one variant of the Modbus protocol. In Modbus ASCII, data is transmitted using readable ASCII characters instead of binary bytes.
| Feature | Modbus RTU | Modbus ASCII |
|---|---|---|
| Data Format | Binary | ASCII Characters |
| Speed | Faster | Slower |
| Error Check | CRC | LRC |
| Start/End of Frame | Silent time | Start ":" and End CRLF |
| Human Readable | No | Yes |
The Modbus protocol remains one of the most enduring and adaptable communication standards in the automation industry. Whether using Modbus RTU for serial networks or Modbus TCP/IP for Ethernet-based systems, it provides an effective way to connect industrial devices and enable real-time monitoring and control. Understanding the protocol’s structure, function codes, and communication types is essential for engineers and technicians involved in modern automation projects.