OperaMetrix
Back to Glossary
Communication Protocols

Modbus

Modbus is a serial communication protocol originally published by Modicon in 1979 for use with PLCs. It remains one of the most widely deployed protocols in industrial automation due to its simplicity and open specification.

ModbusProtocolRTUTCPSerial Communication

What Is Modbus?

Modbus is a serial communication protocol developed by Modicon (now Schneider Electric) in 1979 for connecting programmable logic controllers (PLCs). Over four decades later, Modbus remains one of the most widely used communication protocols in industrial automation, with millions of devices deployed worldwide across manufacturing, energy, water treatment, and building automation.

Its enduring popularity stems from its simplicity, open specification (royalty-free), and the massive installed base of compatible devices.


Modbus Variants

Modbus comes in several variants, each suited to different physical layers and network configurations:

Modbus RTU (Remote Terminal Unit)

  • Transport: Serial communication (RS-232 or RS-485)
  • Encoding: Binary (compact, efficient)
  • Error checking: CRC (Cyclic Redundancy Check)
  • Use case: Short-distance connections between PLCs, sensors, and instruments
  • Typical setup: RS-485 multidrop bus with up to 247 devices

Modbus ASCII

  • Transport: Serial communication (RS-232 or RS-485)
  • Encoding: ASCII characters (human-readable but less efficient)
  • Error checking: LRC (Longitudinal Redundancy Check)
  • Use case: Legacy systems and debugging scenarios where readability is important

Modbus TCP/IP

  • Transport: Ethernet (TCP/IP)
  • Encoding: Binary (same as RTU, wrapped in a TCP packet)
  • Error checking: TCP handles error detection
  • Use case: Modern networks where Ethernet infrastructure is available
  • Port: 502 (default)

Modbus TCP/IP is the most common variant in new installations, as it leverages existing Ethernet networks and supports higher data rates and longer distances.


Master-Slave Architecture

Modbus uses a master-slave (also called client-server in modern terminology) communication model:

  • Master (client) -- initiates all communication by sending requests to slaves
  • Slave (server) -- responds to requests from the master; cannot initiate communication
  • Only one master is allowed on a Modbus RTU/ASCII network
  • Modbus TCP allows multiple masters to communicate with multiple slaves

The master polls each slave device by its unique address (1-247), reads or writes data, and the slave responds accordingly.


Register Types

Modbus organizes data into four types of registers:

| Register Type | Access | Data Type | Address Range | Description |

|---|---|---|---|---|

| Coils | Read/Write | Boolean (1 bit) | 00001-09999 | Digital outputs (relay states, actuators) |

| Discrete Inputs | Read Only | Boolean (1 bit) | 10001-19999 | Digital inputs (switches, sensors) |

| Input Registers | Read Only | 16-bit word | 30001-39999 | Analog inputs (temperature, pressure) |

| Holding Registers | Read/Write | 16-bit word | 40001-49999 | Configuration values, setpoints, analog outputs |

Each register holds a 16-bit value. For 32-bit values (floats, long integers), two consecutive registers are used, though the byte order can vary between manufacturers -- a common source of integration issues.


Common Function Codes

Modbus uses function codes to specify the operation to perform:

  • 01 -- Read Coils
  • 02 -- Read Discrete Inputs
  • 03 -- Read Holding Registers
  • 04 -- Read Input Registers
  • 05 -- Write Single Coil
  • 06 -- Write Single Register
  • 15 -- Write Multiple Coils
  • 16 -- Write Multiple Registers


Advantages of Modbus

  • Simplicity -- easy to implement and debug
  • Open standard -- royalty-free, no licensing costs
  • Massive compatibility -- virtually every industrial device supports Modbus
  • Low overhead -- minimal processing requirements
  • Well-documented -- decades of documentation and community support
  • Reliable -- proven track record in industrial environments


Limitations of Modbus

  • No security -- no built-in authentication, encryption, or authorization
  • Limited data model -- only registers and coils; no semantic context
  • Polling-based -- master must continuously poll slaves; no event-driven reporting
  • Scalability constraints -- RS-485 limited to 247 devices; no native support for large networks
  • No timestamps -- data does not carry time information
  • Byte order ambiguity -- no standard for multi-register data types

Despite these limitations, Modbus continues to thrive because of its simplicity and the enormous installed base of compatible equipment.


Modbus in Ignition

Ignition includes a built-in Modbus driver that supports:

  • Modbus TCP -- connect to any Modbus TCP device over Ethernet
  • Modbus RTU over TCP -- for serial-to-Ethernet converters
  • Modbus RTU -- direct serial connections (with appropriate hardware)
  • Automatic tag creation -- configure address ranges and Ignition creates the tags
  • Data type mapping -- support for 16-bit, 32-bit integers, floats, and strings across registers

The Ignition Modbus driver makes it straightforward to integrate legacy Modbus devices into a modern SCADA architecture, bridging older equipment with contemporary protocols like OPC UA and MQTT.


Key Takeaways

  • Modbus is a simple, open, and widely supported industrial communication protocol
  • Three main variants exist: RTU (serial binary), ASCII (serial text), and TCP/IP (Ethernet)
  • It uses a master-slave architecture with four register types
  • While it lacks security and semantic modeling, its simplicity ensures continued widespread use
  • Ignition provides native Modbus connectivity to integrate legacy and modern devices

Explore More Terms

Industrial Systems

DCS (Distributed Control System)

A DCS is an automated control system distributed across a plant, where autonomous controllers manage individual process areas while a centralized supervisory layer coordinates the entire operation.

Concepts

Digital Twin

A digital twin is a virtual replica of a physical asset, process, or system that uses real-time data from sensors and IoT devices to mirror its real-world counterpart for simulation, analysis, and optimization.

Architecture

Edge Computing

Edge computing is the practice of processing data near its source rather than in a centralized data center, reducing latency and bandwidth usage in industrial environments.

Industrial Systems

Historian (Process Data Historian)

A historian is a specialized software system designed to efficiently record, store, and retrieve time-series process data from industrial control systems for analysis, reporting, and regulatory compliance.

Industrial Systems

HMI (Human-Machine Interface)

An HMI is a graphical interface that allows operators to interact with industrial equipment and processes, displaying real-time data, alarms, and controls in a visual format.

Concepts

IIoT (Industrial Internet of Things)

IIoT (Industrial Internet of Things) refers to the network of interconnected sensors, instruments, and devices deployed in industrial environments to collect, exchange, and analyze data for improved operational efficiency and decision-making.

View All Terms

Need Expert Guidance?

Our team of certified Ignition integrators can help you implement the right technologies for your industrial automation needs.

Contact UsOur Services