The Art of Communication – Modbus

 

Our software engineer Eugene Babenko give us the lowdown on addressing issues and provides some guidance when communicating to Contrec’s 212, 505 and 515 Instruments via Modbus protocol.

 

Contrec customers rarely have issues when connecting their instruments to PLC’s and back office data systems; when configuring Contrec devices our documentation explains simple set up procedures for inputs and outputs. However, even though this is the case when connecting devices via Modbus RTU protocol it is important to pay special attention to the correct master software settings for register number and byte/word ordering for 32-bit data such as floating point values and long integers. The points of attention are:

  • The Modbus.org documentation refers to “one-based” register numbering. However, the addresses that are actually sent in a Modbus command message are “zero-based”.
  • The Modbus.org specification doesn’t define exactly how the data is stored in the registers. As a result, 32-bit data could be (arbitrarily) arranged in four different ways.

Incorrect settings can lead to either completely wrong readings for 32-bit data (which is easily detected) or, in some situations, it can produce subtle and inconsistent readings that look almost as a correct value, but may not update when expected and/or have slight deviation from the expected (displayed) value – this may happen when both register numbering and byte/word order are incorrectly set, so that the data reading becomes a mixture of two adjacent different data points.

The Contrec documentation should be carefully followed on when setting master software. If in doubt, the user should test various master software settings until matching with the displayed value is achieved – most programs for communicating with Modbus slaves have flexibility to be configured for different register byte/word order for 32-bit data and a choice of “one-based” or “zero-based” register numbering.

Further information can be found in https://en.wikipedia.org/wiki/Modbus  article, see below excerpts from the article:

Implementations

Almost all implementations have variations from the official standard. Different varieties might not communicate correctly between equipment of different suppliers. Some of the most common variations are:

What is byte and word ordering?

The Modbus specification doesn’t define exactly how the data is stored in the registers. Therefore, some manufacturers implemented Modbus in their equipment to store and transmit the higher byte first followed by the lower byte. (AE before 41). Alternatively, others store and transmit the lower byte first (41 before AE).

Similarly, when registers are combined to represent 32-bit data types, some devices store the higher 16 bits (high word) in the first register and the remaining low word in the second (AE41 before 5652) while others do the opposite (5652 before AE41)

It doesn’t matter which order the bytes or words are sent in, as long as the receiving device knows which way to expect it.

For example, if the number 2,923,517,522 was to be sent as a 32 bit unsigned integer, it could be arranged any of these four ways.

                                                                                          
     AE41 5652       high byte first        high word first
     5652 AE41       high byte first        low word first
     41AE 5256       low byte first          high word first
     5256 41AE       low byte first          low word first

Confusion about Register Addresses

In the Modbus.org standard documents, holding register addresses are given a prefix of “4” to distinguish them from other register types. For example, in their documentation a holding register at address 1001 is referred to by “41001”. However, the leading “4” is not really part of the address and most programs dispense with this extra prefix, especially when the program context makes it clear that it is referring to a holding register. Also, the Modbus.org standard documents refer to register addresses using “one-based” numbering. However, the addresses that are actually sent in a Modbus command message are “zero-based”. For example, to read register 1001, the address that is actually sent in the command message is 1000.

Confusion about Little-Endian vs. Big-Endian Word Order

Although Modbus.org standard documents provide some guidance for implementing the Modbus protocol, they do not address the question of word order beyond the 16-bit register level. For the 16-bit register values, the most significant byte always precedes the least significant byte (in other words, the register value is transferred in Big-Endian byte order). This is because when the Modbus standard was created in the late 1970’s, most processors used a Big-Endian memory architecture (where the most significant part of a multi-byte value is stored at a lower memory address). However when the need for transferring 32-bit (i.e. 4 byte) values with the Modbus protocol later came about in the 1980’s, Little-Endian Intel processors dominated the PC market so most vendors chose to map the least significant word onto the lower address of the register pair.

This lack of standardization for values larger than 16 bits has resulted in a situation where Modbus implementers have to make an arbitrary choice as to which address of the register pair contains the most significant word of 32-bit values such as IEEE-754 single-precision floats and signed or unsigned 32-bit integers. Most programs for communicating with Modbus slaves can be configured for either register word order.