Hello everyone,

For my research work, I need to interface my lab PC, running HP Vee, to a mass flow meter (Danfoss MASS6000) which has a Modbus interface. Before now, I have never heard of Modbus, and I'm completely unfamiliar with the protocol. I have scoured the modbus.org Web site and the Danfoss documentation, but it has not helped! I am quite overwhelmed by the complexity of the protocol, and I can't find any simple examples. I can't even find the definition of what seem like basic terms (e.g., "registers", "coils"), even in the "protocol reference guide"!

Is the protocol really so complicated, or am I just missing something obvious? If the latter, I'd be very grateful for pointers to good, clear examples. Thank you!

 

The Modbus protocol was originally developed by Modicon in 1978 to exchange information between products on the factory floor. This protocol became a de facto standard for exchanging data and communication information between PLC systems.

Modbus devices communicate over a serial network in a master/slave (request/response) type relationship using one of two transmission modes: ASCII (American Standard Code for Information Interchange) mode or RTU (Remote Terminal Unit) mode.

In ASCII mode, two eight-bit bytes of information are sent as two ASCII characters. The primary advantage of ASCII mode is the flexibility of the timing sequence. Up to a one second interval can occur between character transmissions without causing communication errors.

In RTU mode, data is sent as two four-bit, hexadecimal characters, providing for higher throughput than in ASCII mode for the same baud rate.

Enhancements to Modbus include Modbus Plus and Modbus/TCP protocols, both of which allow Modbus information to be encapsulated in a network structure to support peer-to-peer communications. Modbus Plus communicates via a single twisted pair of wires and uses a token passing sequence for peer communication sequences. Modbus/TCP is an open standard designed to facilitate Modbus message transfer using TCP/IP protocol and standard Ethernet networks.

TopWorx's Modbus devices are designed to operate as slave devices on a Modbus network for discrete valve control.

Modbus Network Highlights

Type of Network
ASCII/RTU
Device Bus

ModbusPlus Control Bus


--------------------------------------------------------------------------------

Physical Media Shielded twisted pairs in one shielded cable


--------------------------------------------------------------------------------

Network Topology Bus, tree, star with drops


--------------------------------------------------------------------------------

Maximum Devices
ASCII/RTU
One to one communications

ModbusPlus 32 (up to 64 with repeater)

--------------------------------------------------------------------------------

Maximum Distance
ASCII/RTU
350m

ModbusPlus
(up to 3 repeaters may be used)
1500m (6000m with repeaters)
(min. 1m between devices)


--------------------------------------------------------------------------------

Communication Methods

ASCII/RTU
Master-Slave Query-Response Cycle
(LRC error checking for ASCII)
(CRC error checking for RTU)

ModbusPlus
Peer to Peer (Token passing logical ring)


--------------------------------------------------------------------------------

Primary usage
ASCII/RTU
Serial Communications for PLC,
Variable Speed Drives, Control Systems, etc.

ModbusPlus Linking MODBUS and/or RS232/RS485 devices in a peer-to-peer network

--------------------------------------------------------------------------------

Power Supply 12VDC, not used for devices

--------------------------------------------------------------------------------

Power and Communications Communications only on bus
12VDC, max. 300mA (100mA typical)

--------------------------------------------------------------------------------

Device Power Supply Devices must be powered separately from communications bus

--------------------------------------------------------------------------------

Wiring Types
(types used varies on application) Shielded Twisted Pair
#18AWG (0.8mm)

--------------------------------------------------------------------------------

Grounding aspects Floating communications bus

--------------------------------------------------------------------------------

Shielding Grounded at one end

--------------------------------------------------------------------------------

Area Classification General Purpose

--------------------------------------------------------------------------------

Device Addressing Switch or software selectable

--------------------------------------------------------------------------------

Governing Body MODBUS.ORG

--------------------------------------------------------------------------------

Web Site www.modbus.org

Conventional I/O System Modbus Network

Advantages
- Technology is already understood
- Slightly lower device cost
- Independent wiring from devices to the control system means wiring problems with one device don’t affect other field devices

Drawbacks
- Higher installed cost
- Point-to-point wiring is expensive
- Many wiring connections:
- - are labor intensive to install
- - create many points of failure
- - increase complexity when troubleshooting
- - require large amounts of cabinet or rack space for installation of terminal blocks
- - create time-consuming initial checkout and start-up
- Expansion requires duplicating the entire wiring scheme for each additional point Advantages
- Well understood and documented protocol
- Widely supported protocol by many host PLC, DCS and process systems
- Protocol is already used in many facilities

Drawbacks
- Limited use as a device bus
- Limited diagnostic capabilities for device applications
- Separate power required for device operations

Recommended
- When similar Modbus devices are being used
- When Modbus network is pre-existing
- When Modbus protocol is well understood and is being used extensively as a facility standard

 

Also look up Modbus Mapping on the internet (yahoo or google search engine) to learn how to map the modbus point...

Jamie Barrett
Siemens

 

Contact me, Perhaps I can Help You Offline.

[email protected]

 

A quick Google provides:

http://www.essproducts.com/modbus.htm

Regards

cww

 

It is based on the MODICON (now Schneider) PLC data structure which has 4 data types: Input register (3xxxx address in PLC notation) 16 bit, read only Holding register (4xxxx address in PLC notation) 16 bit, read & write Input (1xxxx address in PLC notation) one bit, read only Coil (0xxxx address in PLC notation) one bit, read & write What else do you need ? Meir Saggie meirs at fil.co.il

 

The "complication" comes from not being familiar with common control terminology. Modbus is a simple command/response protocol for communicating between computers and PLCs (Programmable Logic Controllers), the ones made by Modicon specifically. A PLC is a logic solving device in which inputs from binary sensors are stored in bits in 16-bit input registers. Outputs are stored likewise in 16-bit register bits. Temporary data needed by the logic solving program are stored in 16-bit registers as well. The Modicon programming is done with relay ladder logic that combines the current sense power flow of "soft wired" multiple inputs in a single rung (as in rungs of a ladder) with a result being an output coil. If all of the inputs are closed then the power will flow through the coil. The coil may be assigned directly to an output register bit position, or it may be a temporary register value. The name coil relates to the consideration of it being the windings (coil) of a relay with both normally closed and normally open contacts that can be used in another rung of relay logic.

Maybe with this primer on relay ladder logic, you can better interpret the simple Modbus protocol that only seeks to send and receive registers of data.

Dick Caro
============================================
Richard H. Caro, CEO
CMC Associates
2 Beth Circle, Acton, MA 01720
Tel: +1.978.635.9449 Mobile: +1.978.764.4728
Fax: +1.978.246.1270
E-mail: [email protected]
Web: http://www.CMC.us
============================================

 

Hi Michael

Modbus protocol is very simple. I have some projects in vb. If You want it send me your e-mail.

Best Regards
Andrzej
[email protected]

 

Hello,
I am in the same boat. Its strange to me because I have been doing vb programming and PC repair since the early 90's but I just can't seem to get Modbus down. I understand the "History" behind it, where I am having an issue is the hex and binary conversions, the protocols etc. I have done some google, but with the same luck. I just want to be able to understand this.......

Can someone help explain this from a real easy stand point. For example if I wanted to connect to an MGE/Scheinder ups that was Modbus. How would I figure out their protocol (without instructions) /their points etc. Lets say I get the point list from the manufacture how do I read 480V from the unit. What type of key is best to connect my PC (RS232) to RS485? I downloaded this simply Modbus software and I would like to read the device that way. Thanks so much if anyone can help.

Thanks,
Tony

 

Get the interface working with a 232-485 converter. Most come with cabling info.

Your PC needs to be the master. When you get the address right you will get responses. There may be a panel function or something to tell you the address.

Send read XX register commands and look at the results. Unless someone has done one of these, no one can tell you what you need to discover. Once you get the register with your voltage, you'll have to try things until you get a number that makes sense. Probably nothing too clever.

I don't know if this answers the right questions, but it is how I would proceed.

Regards
cww

 

The Modbus protocol is fully documented and you can download the specs for free from the Modbus web site. http://www.modbus.org/tech.php The link is at the top of the page.

As for talking to a particular device, Modbus devices have memory areas called "registers" and "coils" (and "discrete inputs"). These are just arrays of memory (like a PLC data table). Each piece of data is stored in a register (or coil). A Modbus message is just a request for the contents of one or more registers or coils.

To a PLC programmer the concepts are very familiar because it's exactly how a PLC works as well. Modbus just puts a PLC data table on the end of a network (or serial cable) connection.

If you want to read a number from a MGE/Schneider UPS you would get a copy of the manual (or manual supplements) for it and look up the register address.

I have a brief explanation of Modbus here:
http://mblogic.sourceforge.net/mbapps/ModbusBasics-en.html

That covers Modbus/TCP (Modbus on Ethernet), but Modbus/RTU has only slight differences.

A Modbus message consists of a string of byte codes. The codes tell the recipient what the request is (e.g. 1 is read coils, 15 is write coils, etc.), What address to start reading or writing (this can be 0 to 65535), and how many items to read or write. If the request is to write data, the actual data will also be appended. The response will include a code for success or failure, and any data that was requested.

Modbus/RTU also has a message checksum. This is the part which most people find hardest to get right. There are plenty of checksum source code examples available on the Internet however.

Making a message is actually quite easy. The message layout is consistent, and you just mash the bytes together in the right order.

There are lots of free source code libraries for Modbus on Sourceforge if you don't want to write your own. I have one (for Modbus/TCP) written in Python on the web site linked above. That one might not translate too well into VB however, since Python has advanced features that VB lacks which make this sort of thing easy. However, you can find Java and C libraries that can provide reference source code.

As for connecting RS-232 to RS-485, there are lots of RS-232 to RS-485 converters. I can't recommend any particular retailer, but Google should be able to turn up a retailer that sells them in your area.

 

> I want to connect to an MGE/Scheinder ups that was Modbus.<

Hopefully, the UPS is still Modbus, not (past tense) was Modbus. Dead devices don't talk.

The UPS is a Modbus slave. It needs a slave node address. You need the manufacturer's documentation to find out how to assign a slave node address, typically through the device's keyboard or with a software configuration package. While you're assigning the slave
address, you need to check or change the comm settings, baud rate, data bits, stop bit, parity.

>How would I figure out their protocol (without instructions) /their points etc.<

No one who works for a living "figures out" the data points. They use the manufacturer's documentation which has a Modbus register table/map describing what data value is at what register address. The Modbus instructions are used by the master, not the slave.

>Lets say I get the point list from the manufacture how do I read 480V from the unit.<

The register map/table is what you call the 'point list'. You look up on the map/table and find out what register "480V" resides at.

>What type of key is best to connect my PC (RS232) to RS485? <

You need to communicate from the PC to the slave with whatever physical layer the slave supports/handles, like RS-232, RS-485, (or ethernet).

PC's with only USB ports need a USB-to-RS-232 or USB-to-RS-485 converter with appropriate installation. Be warned that USB converters install as serial COM ports, but never on COM 1 or COM 2; you need to poke around in Windows's device Manager (ports COM & LPT))in order to discover which COM port the converter installed at.

The Keyspan USA19HS USB-A to Serial (RS-232) adapter is widely respected as a well functioning converter.

For RS-232, you need to connect the Tx line from the PC to the Rx line on the UPS, Rx line on the PC to the Tx line on the UPS, signal ground to signal ground. For RS-485, there is no standard for which is A or B or which + or (-), regardless of how they're marked. If 485 doesn't work at first, swap the lines on one end and keep trying.

>I downloaded this simply Modbus software and I would like to read the device that way. <

Simply Modbus is the Modbus master.

When running Simply Modbus you need to establish communication by configuring which COM port it will communicate on, and define what the comm setup is on the slave; baud rate, data bits (8 for Modbus RTU, 7 for Modbus ASCII), stop bits (1), parity (odd, even, or none).

Then you need to tell Simply Modbus
- whether Modbus is RTU or ASCII. RTU is most common nowadays
- what the slave's address is (Slave ID). A number. You know this from setting it on the UPS device.

- first register One less than the number printed in the manufacturer's documentation. If the manufacturer says (400)15, try the first address at 40014.
- number of registers. Try 4. That's more than you need but covers you for the one offset
phenonmenon and if your value is a floating point format.
- function code: leave at 3; odds are the slave's table is "holding registers".

Then you dink around playing with 'data types' in the left hand column until you find what value matches the slave's data types.

Hopefully you pick a register that will give you known data, so you know what you're looking for. That makes it easier to figure out whether the manufacturer's map is one offset and what format it is (some manufacturer's tell you, others don't).

This is simplified, I'm sure others will comment on what I missed.