MIDTERM

PRESENTATION

MODBUS
Instructor: Dr.Trần Đức Anh Minh
Team member:
Đoàn Vĩnh Phát - 421H0404
Nguyễn Hữu Phước - 421H0410
Trần Anh Phương - 421H0412
 01 INTRODUCTION

02 WHAT IS MODBUS

LIST OF
PROTOCOL

03 HOW DOES MODBUS WORKS

CONTENT 04 MODBUS PROTOCOL

MESSAGE STRUCTURE

S 05 MOST USE MODBUS PROTOCOLS

IN INDUSTRIAL

06 THE DIFFERENCE OF MODBUS

RTU & MODBUS TCP

07 APPLICATION
MODBU
S is an application layer messaging protocol, positioned at level 7 of the OSI
• MODBUS
model, which provides client/server communication between devices connected on
different types of buses or networks.

• MODBUS developed by Modicon has become a de facto serial standard since 1979. Today,
it is one of the most popular industrial networks and supported by most industrial
electronic equipment.

• The Modbus communication protocol is the oldest and by far the most popular
automation protocol in the field of process automation and SCADA. Knowing how to create
Modbus based networks is essential for any electrical technician and engineer working in
these occupation fields.
Phân
Loại
 HOW DOES MODBUS
WORKS
Based on the “MASTER-SLAVE” principle:

A MASTER can connect to one or more SLAVE devices.

In the system:
• The MASTER is typically devices such as PLC, DCS, RTU, or SCADA.
• The SLAVE is usually field-level devices.
A standard MODBUS network will have one MASTER and a maximum of 247 SLAVES (each
SLAVE has a unique address from 1 to 247).
The MASTER also has the ability to write information to the SLAVES in the system.
MODBUS PROTOCOL MESSAGE
STRUCTURE
 Fram
e

This is a unique This field This field The CRC is a

identifier indicates the contains calculated
assigned to each specific action the actual value based
device on the or operation data on the
network. Think of you want the associated entire data
it as the device's slave device with the frame.
"name" or to perform. function
address. code.
 SLAVE
ADDRESS
When you want to send a command to a particular device, you specify its slave
address. This ensures that only the intended device receives and processes the
command.
 FUNCTION
Different function codes correspond toCODE
various commands, such as reading data
from a register, writing data to a register, or controlling an output.

Each Function Code is represented by an 8-bit integer and corresponds to a specific

operation.
 DATA

Data typically consists of one or more bytes, determined by the command

type and the amount of data to be transmitted.

The content of Data can include:

• Register address
• Number of registers
• Data value
• Additional information
 CRC ERROR
CHECK
CRC (Cyclic Redundancy Check) is an error detection algorithm widely used in data
communication, including the Modbus protocol. It works by calculating a
checksum based on the content of a data frame. This checksum is appended to
the end of the data frame before transmission.

When the receiving device receives the data frame, it recalculates the CRC value
and compares it with the received CRC value. If the two values do not match, it
means that an error has occurred during transmission and the data frame is
corrupted.
MOST USE MODBUS PROTOCOLS
IN INDUSTRIAL

TCP RTU

UD ASCI
P I
 MODBUS
ASCII

Each message is encoded using a hexadecimal system, utilizing the 4-bit ASCII
property. To transmit one byte of information, two transmission bytes are
required, double that of Modbus RTU or Modbus TCP.

Although slower, Modbus ASCII is suitable for use with telephone modems or
radio wave connections due to ASCII's stability in message delimitation,
supporting the avoidance of information confusion in unstable transmission
environments.
 HOW IT
WORKS

Master sends a request: The master device sends a request to a

specific slave device, specifying the function to be performed and
the data to be read or written.

Slave processes the request: The slave device receives the

request, processes it, and prepares a response.

Slave sends a response: The slave device sends a response to the

master, containing the requested data or an error code if the
request cannot be fulfilled.
 MODBUS
UDP
Modbus UDP is a variant of the Modbus protocol, using the
User Datagram Protocol (UDP) at the network layer instead of a
serial communication protocol like Modbus RTU or a control
transmission protocol (TCP) like Modbus TCP.

UDP is a connection-agnostic protocol that allows packets to be

transmitted quickly but does not guarantee arrival order or data
reliability.
THE DIFFERENCES
OF
MODBUS RTU &
TCP
MODBUS RTU
• Modbus RTU is a serial communication protocol using either RS485 or RS232. The
first Modbus communication protocol was introduced and initially implemented
to communicate between PLCs. Only later was it used for field-based
instrumentation (sensor, actuator, etc).

• Modbus RTU operates based on the Master-Slave principle, meaning one side
(Master) receives, and the other side (Slave) transmits signals via register addresses.
Modbus RTU transmits data through physical channels like RS232 or RS485, while
Modbus TCP/IP communicates over IP addresses via the Internet.
HEXADECIMAL

• We are very familiar with using the decimal

system from 0 to 9. However, in programming,
there are other numbering systems such as
binary(2), octal(8), and also hexadecimal(16), often
referred to as Hex.
• Modbus RTU uses the Hexadecimal system, so we
only need to focus on base-16 in this context.
• The hexadecimal system is defined from 0 to F,
corresponding to 0 to 15 in the decimal system
we commonly use. Each 4 bits is represented by
16 characters from 0 to F, equivalent to 0000 to
1111 in the binary system.
RTU FUNCTION CODE

FUNCTION CODE WHAT THE FUNCTION DOES VALUE TYPE ACCESS TYPE

01 (0x01) Read DO Read Coil Status Discrete Read

02 (0x02) Read DI Read Input Status Discrete Read

03 (0x03) Read AO Read Holding Registers 16 bit Read

04 (0x04) Read AI Read Input Registers 16 bit Read

05 (0x05) Write one DO Force Single Coil Discrete Write

06 (0x06) Write one AO Preset Single Register 16 bit Write

15 (0x0F) Multiple DO recording Force Multiple Coils Discrete Write

16 (0x10) Multiple AO recording Preset Multiple Registers 16 bit Write

HOW IT WORKS

• Data in a Slave is stored in four different tables, with two tables storing the
On/Off values for Coils and two registers for data storage. These registers are
capable of both reading and writing. Each register holds 1 Word = 16 bits = 2
bytes, with addresses ranging from 0000 to 260E.

• The Coil is considered the address of the register. For example, 40001 has a data
address of 0000; these values can vary by 1, like 10001, 30001, and 40001.
MODBUS RTU
 RTU PROTOCOL
• RS-232
- RS232, commonly known as the COM port. A communication standard to
interface with other devices, such as printers, fax machines, etc.
- RS-232 uses three wires: Tx (transmit), Rx (receive), and GND (ground). RS-232
operates based on the voltage difference between Tx, Rx, and GND.
- Some characteristics of the RS232 communication standard include: a maximum
transmission distance of 15 meters, a transmission speed of 20 Kbps, and support
for point-to-point connections within a network.
- Disadvantages of the RS232 communication standard: cannot be transmitted over
long distances due to signal loss that cannot be recovered. Only designed for
communication between two devices (point-to-point), which limits the number of
devices in a network.
 RTU PROTOCOL
• RS-485
- The RS485 transmits over two wires, A and B,
and uses the voltage difference between A and
B to represent logic 0 or 1
- Assuming A = 1 and B = 0, the data is
recognized as 1, and when A = 0 and B = 1, the
data is recognized as 0

- Advantages of the RS485 standard: transmit long

distances of up to 1200 meters, connect multiple
devices on the same network and support up to 32
devices simultaneously.
MODBUS TCP
• TCP/IP that is called as Transmission Control Protocol and Internet Protocol,
which provides the transmission medium for Modbus TCP/IP messaging.

• The Modbus TCP/IP protocol has been widely used recently, enabling
communication between two or more devices over an Ethernet network.
Modbus TCP/IP is essentially the Modbus RTU protocol running on an
Ethernet network, which is why it is given a different name: Modbus TCP/IP.

• Modbus TCP/IP is widely used in control systems and industrial automation. It

allows communication between devices such as PLCs, SCADA systems, and
sensors with control computers.
MODBUS TCP

- Modbus TCP/IP offers numerous advantages for industrial automation

systems:
• Seamless Integration: easy integration into existing Ethernet-based
infrastructures. Communicate across LANs, WANs, and the internet.
• Simplicity: easy to implement and use, making it suitable low-power devices.
• Reliability: ensures reliable and error-free data transmission, crucial in
industrial automation environments where safety and operational efficiency
depend on accurate data transfer.
• Scalability: supports addressing up to 247 devices, making it ideal for large-
scale applications. Its broadcast capabilities also enable efficient
communication in distributed networks.
HOW IT WORKS - Modbus TCP/IP operates on the Modbus
RTU with a TCP interface on an Ethernet
platform. Modbus TCP/IP works on a Client-
Server principle. The main difference is that
the Master initiates queries, and the Slave
responds. This opens up a new era where any
device can function as either a Client or
Server. Thus, devices can simultaneously be
as both Client and Server.
- A network can have multiple Clients. At any
given time, several Clients can send requests
simultaneously, multiple Servers can respond,
and a Client can communicate with various
Servers.
 Feature Modbus RTU Modbus TCP/IP

Protocol Type Serial (RS-232, RS-485) Ethernet (IP-based)

Speed Up to 115,200 bps Up to 1 Gbps (Ethernet)

Addressing Slave IDs (1-247) IP addressing

Error Checking CRC TCP Error Checking

Topology Daisy-chain Star, mesh

100m (direct) or unlimited

Distance Up to 1,200m on RS-485
(with switches)

Reliability Moderate High

Application Small-scale, legacy systems Large, distributed systems

APPLICATION
SCADA
SYSTEMS
• Monitor and control industrial equipment.
allows SCADA software to communicate with
sensors, actuators, and controllers, such as
PLCs, in real-time.
• Allows SCADA software to communicate with
sensors, actuators, and controllers, such as
PLCs, in real-time.
ENERGY
EFFECTIVE
• Connect smart meters, energy analyzers and
other monitoring devices to a central energy
management system (EMS).
• Monitor equipment like inverters, battery
storage systems, and wind turbines. It enables
real-time data collection for optimizing energy
generation and storage.
 THANKS
FOR
WATCHING