Let’s Talk About the Bus in Modbus

LetsTalkAboutModbusA computer protocol like Modbus is nothing more than a series of bits with a well-understood and known pattern that communicate a message from one computer to another computer. There are lots of computer protocols in the world. I doubt that anyone has ever counted them. It would be like going to Laguna Beach in California with the intent of counting the grains of sand on the beach. They are everywhere and there seem to be more every day.

In Industrial Automation there are a number of famous ones. There is Modbus, DeviceNet and EtherNet/IP (two that are used extensively in the US), and PROFINET IO and PROFIBUS (two that are common in Europe.)

These are nothing more than standardized bit patterns that a receiver knows how to decode.

For example, Modbus has a command to read two bytes of a Holding Register.

To read two registers from Holding Register 40310 on Station 5, the command sequence in decimal would be “05 03 0310 02.” Each of those bytes is converted to a bit pattern, and each bit is serially transmitted to the other stations on the network. Station 5 realizes the message is for it. It reports a response in the standard Modbus format.

That’s all a computer protocol is: a stream of bits that is well-understood by a sending station and a receiving station.

Now, what we’ve overlooked in this little example is how those bits move from one station to another. There are a lots of ways to do that, including “Sneakernet.” Sneakernet is where you write down the command at the sending station, walk over to the receiving station (the walking part is what makes it Sneakernet) and ask for the response, which you then physically carry back to the original sending station. Not terribly difficult work, but probably pretty boring.

How we move a message from one station to another is called the Transport Layer. Now, the Transport Layer can be pretty complicated, or it could be downright simple like Sneakernet. The Transport Layer used by ZigBee communications would be an example of a pretty complicated one. Your message might travel through hundreds of wireless nodes to get from the sender to the destination. Or, if you have a single wire between the sender and destination, it might be as simple as putting a series of voltages on a line connecting two stations. For each bit that is a one, you would raise voltage on the line. For each zero, you would not raise voltage.

You can use any transport you want. The message contents is what makes a protocol that protocol. The Modbus message sequence is the sequence of bytes defined by the Modbus protocol whether you send it on Ethernet, RS232, RS485, or Sneakernet. The transport is simply the mechanism you use to move the message from the sender to the receiver.

There are several standard transports used to move Modbus protocol messages: RS232, RS485, and Ethernet. You can use others, but these are the common ones.

RS232 stands for Recommend Standard number 232. This is the old serial port that we used to find on computers several years ago (okay, more than several). The full RS-232C standard specifies a 25-pin “D” connector. Now, if we find a serial connector, it uses the 9-pin D type connectors often referenced as a DB9.

RS232 transports bits by driving a voltage potential across two wires, the transmit wire and a ground wire. A receiver senses the potential and records either a one or a zero. There are some synchronizing ones and zeros and some standard bit times that allow both the sending and receiving station to synchronize the transmission and reception.

RS485 is a successor to RS232. It works in a similar fashion regarding the synchronizing bits that synchronize the transfer of bits from a sending station to a receiving station. There are, however, two defining characteristics that make RS485 different from RS232. The first is the ability to drive multiple destinations. RS485 transmitters have the ability to electrically signal up to 32 destination devices. That makes RS485 the preferred way to serially transport Modbus messages.

The other defining characteristic of RS485 is enhanced noise immunity. RS485 does not use the electrical common as the reference for its electrical signal. Instead, RS485 uses a pair of wires and drives a signal by setting a voltage potential across the pair. By doing that, any environmental electrical noise affects both wires equally and the potential across the two wires isn’t changed. This is a vast improvement over RS232, and it has made possible Modbus communication from a single Master to many Modbus slave devices.

Ethernet – Modbus communications over Ethernet is known as Modbus TCP. Modbus took a huge step forward when it began using Ethernet as a transport protocol. Now with Ethernet, Modbus TCP devices can be located miles away instead of hundreds of feet, and with the increased speed of Ethernet, there is much more bandwidth for sending many more messages. You can connect thousands of devices in a Modbus TCP network, not just the 32 like in RS485, and you can also support multiple Masters, not just a single Master.

Modbus TCP is nothing more than the same Modbus protocol transported over Ethernet. That’s actually a misnomer, because Modbus is not traveling in an Ethernet packet. In actuality, the same Modbus message we’ve discussed is traveling within a TCP packet, which is itself traveling in an IP packet, which is using Ethernet electrical signaling to move a message from point A to point B.

Wireless is another transport layer that can be used to transport Modbus messages. There are many wireless protocols, but wireless Ethernet or 802.11 is the most common way of moving Ethernet packets through the air.

There is nothing special about moving Modbus messages wirelessly. Since Modbus TCP uses standard Ethernet, wireless is just another kind of “wire.” Nothing special is required for wireless Modbus. You can pick any of the standard wireless offerings, including the frequency band (2.5GHz or 5GHz) and how you want the channels to operate.

Sometimes, though, you can use a special wireless device called a Wireless Device Server. This is a device that serves as a serial Modbus RTU Master device to a remote network of serial Modbus Slaves. These devices move Modbus data from these RTU Slaves over the Ethernet network as TCP messages. A complementary device on the receiving end converts the Modbus message back into its original form and sends it out over an RS232 or RS485 electrical interface.

Transports are ways we move the data on the wire. There aren’t as many transports as protocols, but there are enough of them to cause a lot of confusion.

If you want to know a lot more about Modbus, you can check out my book that describes everything you need to know about Modbus. It’s written for the new engineer that hasn’t been exposed to Modbus or any of the industrial automation networking technologies.

Networking is complex. You have a resource at RTA to answer your questions about Modbus, Modbus TCP, or how to move any of your data around your factory and enterprise. You can call us on 1-800-249-1612, email RTA by clicking here, fax us, or use Sneakernet if you just want to walk in and say hello; just remember that the RTA bar doesn’t open until 3pm.