词条 | Modbus | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
释义 |
Modbus is a serial communications protocol originally published by Modicon (now Schneider Electric) in 1979 for use with its programmable logic controllers (PLCs). Modbus has become a de facto standard communication protocol and is now a commonly available means of connecting industrial electronic devices.[1] The main reasons for the use of Modbus in the industrial environment are:
Modbus enables communication among many devices connected to the same network, for example, a system that measures temperature and humidity and communicates the results to a computer. Modbus is often used to connect a supervisory computer with a remote terminal unit (RTU) in supervisory control and data acquisition (SCADA) systems. Many of the data types are named from industry usage of Ladder logic and its use in driving relays: a single-bit physical output is called a coil, and a single-bit physical input is called a discrete input or a contact. The development and update of Modbus protocols has been managed by the Modbus Organization[2] since April 2004, when Schneider Electric transferred rights to that organization.[3] The Modbus Organization is an association of users and suppliers of Modbus-compliant devices that advocates for the continued use of the technology.[4] Modbus object typesThe following is a table of object types provided by a Modbus slave device to a Modbus master device:
Protocol versionsVersions of the Modbus protocol exist for serial port and for Ethernet and other protocols that support the Internet protocol suite. There are many variants of Modbus protocols:
Data model and function calls are identical for the first 4 variants of protocols; only the encapsulation is different. However the variants are not interoperable, nor are the frame formats. Communication and devicesEach device intended to communicate using Modbus is given a unique address. In serial and MB+ networks, only the node assigned as the Master may initiate a command. On Ethernet, any device can send out a Modbus command, although usually only one master device does so. A Modbus command contains the Modbus address of the device it is intended for (1 to 247). Only the intended device will act on the command, even though other devices might receive it (an exception is specific broadcastable commands sent to node 0, which are acted on but not acknowledged). All Modbus commands contain checksum information to allow the recipient to detect transmission errors. The basic Modbus commands can instruct an RTU to change the value in one of its registers, control or read an I/O port, and command the device to send back one or more values contained in its registers. There are many modems and gateways that support Modbus, as it is a very simple and often copied protocol. Some of them were specifically designed for this protocol. Different implementations use wireline, wireless communication, such as in the ISM band, and even Short Message Service (SMS) or General Packet Radio Service (GPRS). One of the more common designs of wireless networks makes use of mesh networking. Typical problems that designers have to overcome include high latency and timing issues. Frame formatA Modbus frame is composed of an Application Data Unit (ADU), which encloses a Protocol Data Unit (PDU):[9]
All Modbus variants choose one of the following frame formats.[1]
Note about the CRC:
Address, function, data, and LRC are all capital hexadecimal readable pairs of characters representing 8-bit values (0–255). For example, 122 (7 × 16 + 10) will be represented as LRC is calculated as the sum of 8-bit values, negated (two's complement) and encoded as an 8-bit value. Example: if address, function, and data encode as 247, 3, 19, 137, 0, and 10, their sum is 416. Two's complement (−416) trimmed to 8 bits is 96 (e.g. 256 × 2 − 416), which will be represented as
Unit identifier is used with Modbus/TCP devices that are composites of several Modbus devices, e.g. on Modbus/TCP to Modbus RTU gateways. In such case, the unit identifier tells the Slave Address of the device behind the gateway. Natively Modbus/TCP-capable devices usually ignore the Unit Identifier. The byte order for values in Modbus data frames is big-endian (MSB, most significant byte of a value received first). Supported function codesThe various reading, writing and other operations are categorised as follows.[10] The most primitive reads and writes are shown in bold. A number of sources use alternative terminology, for example Force Single Coil where the standard uses Write Single Coil.[11] Prominent entities within a Modbus slave are:
Format of data of requests and responses for main function codesRequests and responses follow frame formats described above. This section gives details of data formats of most used function codes. Function code 1 (read coils) and function code 2 (read discrete inputs)Request:
Normal response:
Value of each coil/discrete input is binary (0 for off, 1 for on). First requested coil/discrete input is stored as least significant bit of first byte in reply. If number of coils/discrete inputs is not a multiple of 8, most significant bit(s) of last byte will be stuffed with zeros. For example, if eleven coils are requested, two bytes of values are needed. Suppose states of those successive coils are on, off, on, off, off, on, on, on, off, on, on, then the response will be Because the byte count returned in the reply message is only 8 bits wide and the protocol overhead is 5 bytes, a maximum of 2008 (251 x 8) discrete inputs or coils can be read at once. Function code 5 (force/write single coil)Request:
Normal response: same as request. Function code 15 (force/write multiple coils)Request:
Value of each coil is binary (0 for off, 1 for on). First requested coil is stored as least significant bit of first byte in request. If number of coils is not a multiple of 8, most significant bit(s) of last byte should be stuffed with zeros. See example for function codes 1 and 2. Normal response:
Function code 4 (read input registers) and function code 3 (read holding registers)Request:
Normal response:
Because the number of bytes for register values is 8-bit wide and maximum modbus message size is 256 bytes, only 125 registers for Modbus RTU and 123 registers for Modbus TCP can be read at once.[12] Function code 6 (preset/write single holding register)Request:
Normal response: same as request. Function code 16 (preset/write multiple holding registers)Request:
Because register values are 2-bytes wide and only 127 bytes worth of values can be sent, only 63 holding registers can be preset/written at once. Normal response:
Exception responsesFor a normal response, slave repeats the function code. Should a slave want to report an error, it will reply with the requested function code plus 128 (hex Main Modbus exception codes
Coil, discrete input, input register, holding register numbers and addressesSome conventions govern how access to Modbus entities (coils, discrete inputs, input registers, holding registers) are referenced. It is important to make a distinction between entity number and entity address:
In the traditional standard, numbers for those entities start with a digit, followed by a number of 4 digits in the range 1–9,999:
This translates into addresses between 0 and 9,998 in data frames. For example, in order to read holding registers starting at number 40001, corresponding address in the data frame will be 0 with a function code of 3 (as seen above). For holding registers starting at number 40100, address will be 99. Etc. This limits the number of addresses to 9,999 for each entity. A de facto referencing extends this to the maximum of 65,536.[13] It simply consists of adding one digit to the previous list:
When using the extended referencing, all number references must have exactly 6 digits. This avoids confusion between coils and other entities. For example, to know the difference between holding register #40001 and coil #40001, if coil #40001 is the target, it must appear as #040001. JBUS mappingAnother de facto protocol closely related to Modbus appeared after it, and was defined by PLC brand April Automates, the result of a collaborative effort between French companies Renault Automation and Merlin Gerin et Cie in 1985: JBUS. Differences between Modbus and JBUS at that time (number of entities, slave stations) are now irrelevant as this protocol almost disappeared with the April PLC series which AEG Schneider Automation bought in 1994 and then made obsolete. However the name JBUS has survived to some extent. JBUS supports function codes 1, 2, 3, 4, 5, 6, 15, and 16 and thus all the entities described above. However numbering is different with JBUS:
ImplementationsAlmost all implementations have variations from the official standard. Different varieties might not communicate correctly between equipment of different suppliers. Some of the most common variations are:
Limitations
Trade groupModbus Organization, Inc. is a trade association for the promotion and development of Modbus protocol.[2] Modbus PlusDespite the name, Modbus Plus[15] is not a variant of Modbus. It is a different protocol, involving token passing. It is a proprietary specification of Schneider Electric, though it is unpublished rather than patented. It is normally implemented using a custom chipset available only to partners of Schneider. References1. ^1 {{cite book |first=Bill |last=Drury |title=Control Techniques Drives and Controls Handbook |edition=2nd |date=2009 |publisher=Institution of Engineering and Technology |url=http://knovel.com/web/portal/browse/display?_EXT_KNOVEL_DISPLAY_bookid=2995&VerticalID=0 |format=PDF |pages=508– |subscription=yes}} 2. ^1 {{cite web |url=http://www.modbus.org/ |title=Modbus home page |website=Modbus |publisher=Modbus Organization, Inc. |accessdate=2 August 2013}} 3. ^{{cite web |url=http://www.modbus.org/faq.php |title=Modbus FAQ |website=Modbus |publisher=Modbus Organization, Inc. |accessdate=1 November 2012}} 4. ^{{cite web |url=http://www.modbus.org/about_us.php |title=About Modbus Organization |website=Modbus |publisher=Modbus Organization, Inc. |accessdate=8 November 2012}} 5. ^{{citation| title=Modbus Messaging on TCP/IP Implementation Guide V1.0b| url=http://www.modbus.org/docs/Modbus_Messaging_Implementation_Guide_V1_0b.pdf| publisher=Modbus Organization, Inc.| date=October 24, 2006| access-date=2017-01-07}} 6. ^{{cite web| url=http://jamod.sourceforge.net| title=Java Modbus Library - About| year=2010| access-date=2017-02-07}} 7. ^{{cite web| url=http://www.schneider-electric.ca/en/faqs/FA198221/| title=What is the difference between Modbus and Modbus Plus?| publisher=Schneider Electric| access-date=2017-02-07}} 8. ^{{cite web| url=http://www.simplymodbus.ca/Enron.htm| title=Simply Modbus - About Enron Modbus| publisher=Simply Modbus |access-date=2017-02-07}} 9. ^{{cite web|title=Modbus Messaging On TCP/IP Implementation Guide|url=http://www.modbus.org/docs/Modbus_Messaging_Implementation_Guide_V1_0b.pdf|website=Modbus Organization|publisher=Modbus-IDA|ref=MobusTCPSpec}} 10. ^{{cite web |url=http://www.modbus.org/docs/Modbus_Application_Protocol_V1_1b3.pdf |format=PDF |title=Modbus Application Protocol V1.1b3 |website=Modbus |publisher=Modbus Organization, Inc. |accessdate=2 August 2013}} 11. ^{{cite book |first=Gordon |last=Clarke |first2=Deon |last2=Reynders |title=Practical Modern Scada Protocols: Dnp3, 60870.5 and Related Systems |url=https://books.google.com/books?id=ENqyW8fExswC&pg=PA45 |publisher=Newnes |date=2004 |isbn=0-7506-5799-5 |pages=47–51}} 12. ^http://modbus.org/docs/PI_MBUS_300.pdf 13. ^{{cite web|title=Modbus 101 – Introduction to Modbus|url=http://www.csimn.com/CSI_pages/Modbus101.html|publisher=Control Solutions, Inc.}} 14. ^{{cite conference |url= |title=Critical Infrastructure Protection III |first= |last= |date=23–25 March 2009 |conference=Third IFIP WG 11. 10 International Conference |editor-last=Palmer |editor2-first=Sujeet |editor2-last=Shenoi |publisher=Springer |location=Hanover, New Hampshire |isbn=3-642-04797-1 |page=87}} 15. ^{{cite web|url=http://www.schneider-electric.com/products/us/en/51900-networks-communication-and-radios/51940-fieldbus-and-core-networks/576-modbus-plus/ |title=Modbus Plus - Modbus Plus Network - Products overview - Schneider Electric United States |publisher=Schneider-electric.com |date= |accessdate=2014-01-03}} See also
External links
4 : Industrial Ethernet|Industrial computing|Building automation|Network protocols |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
随便看 |
|
开放百科全书收录14589846条英语、德语、日语等多语种百科知识,基本涵盖了大多数领域的百科知识,是一部内容自由、开放的电子版国际百科全书。