MODBUS communication protocol and programming

ModBus communication protocol is divided into RTU protocol and ASCII protocol. The following is a brief introduction of ModBus RTU protocol as follows:

1. Communication protocol

(1) Communication transmission method:
Communication transmission is divided into independent information header and sent encoded data. The following communication transmission method definitions are also compatible with the MODBUS RTU communication protocol:

Coding 8-bit binary
Start bit 1 bit
Data bit 8 bits
Parity bit 1 bit (even parity bit)
Stop bit 1 bit
Error check CRC (redundant cyclic code)

Initial structure = ≥ 4 bytes of time
Address code = 1 byte function code = 1 byte data area = N byte error check = 16-bit CRC code
End structure = ≥ 4 bytes of time


Address code: The address code is the first byte transmitted by the communication. This byte indicates that the slave whose address code is set by the user will receive the information sent by the master. And each slave has a unique address code, and the response loopback starts with its own address code. The address code sent by the master indicates the address of the slave to be sent, and the address code sent by the slave indicates the address of the slave sent back.

Function code: the second byte transmitted by communication. The ModBus communication protocol defines function numbers from 1 to 127. This instrument only uses part of the function codes. Send as a master request, tell the slave what action to perform through the function code. In response to the slave, the function code sent by the slave is the same as the function code sent from the master, and indicates that the slave has responded to the master for operation. If the highest bit of the function code sent by the slave is 1 (for example, the function code is large at the same time as 127), it means that the slave has not responded to the operation or sent an error.

Data area: The data area is different according to different function codes. The data area can be the actual value, set point, address sent from the master to the slave or from the slave to the master.

CRC code: two-byte error detection code.

(2) Communication protocol:

When the communication command is sent to the instrument, the device that matches the corresponding address code receives the communication command, removes the address code, reads the information, and if there is no error, executes the corresponding task; then returns the execution result to the sender. The returned information includes the address code, the function code to perform the action, the data after the execution of the action, and the error check code. If there is an error, no information is sent.

1. Information frame structure

Address code Function code Data area Error check code
8-bit 8-bit N × 8-bit 16-bit

Address code: The address code is the first byte (8 bits) of the information frame, from 0 to 255. This byte indicates that the slave set by the user will receive the information sent by the master. Each slave must have a unique address code, and only slaves that match the address code can respond to the loopback. When the slave sends back the information, the equivalent address code indicates where the information came from.

Function code: The function code sent by the master tells the slave what task to perform. The function codes listed in Table 1-1 have specific meanings and operations.

Code Meaning Operation
03 Read data Read one or more binary values ​​in the current register
06 Reset a single register Write the set binary value to a single register

Data area: The data area contains what actions need to be performed by the slave or return information collected by the slave. This information can be numeric values, reference addresses, and so on. For example, the function code tells the slave to read the value of the register, then the data area must contain the starting address and read length of the register to be read. For different slaves, the address and data information are different.

Error check code: The master or slave can use the check code to determine whether the received information is in error. Sometimes, due to electronic noise or other interference, the information will change slightly during transmission. The error check code ensures that the master or slave does not work on the information that was wrong during the transmission. This increases the safety and efficiency of the system. Error check uses CRC-16 check method.

Note: The format of the information frame is basically the same: address code, function code, data area and error check code.

2. Error checking

The redundant cyclic code (CRC) contains 2 bytes, that is, 16-bit binary. The CRC code is calculated by the sending device and placed at the end of the sent information. The device receiving the information recalculates the CRC code of the received information and compares the calculated CRC code with the received one. If the two do not match, it indicates an error.

The calculation method of the CRC code is to first preset all 16-bit registers to 1. And then gradually process every 8-bit data information. When calculating CRC code, only 8 data bits, start bit and stop bit are used. If there is parity bit, parity bit is also included, and none of them participate in CRC code calculation.

When calculating the CRC code, the 8-bit data is XORed with the data of the register, and the result is shifted one byte lower, and the highest bit is filled with 0. Check the lowest bit again. If the lowest bit is 1, XOR the contents of the register with the preset number. If the lowest bit is 0, no XOR operation is performed.

This process has been repeated 8 times. After the 8th shift, the next 8 bits are XORed with the contents of the current register again. This process is repeated 8 times as above. When all the data information is processed, the content of the last register is the CRC code value. When sending and receiving data in the CRC code, the low byte is first.

The steps to calculate the CRC code are:

The preset 16-bit register is hexadecimal FFFF (that is, all 1s). Call this register a CRC register;
XOR the first 8-bit data with the lower bits of the 16-bit CRC register, and put the result in the CRC register;
Move the contents of the register one bit to the right (toward the lower bit), fill the highest bit with 0, and check the lowest bit;
If the lowest bit is 0: repeat step 3 (shift again); if the lowest bit is 1: CRC register XOR with polynomial A001 (1010 0000 0000 0001);
Repeat steps 3 and 4 until the right shift 8 times, so that the entire 8-bit data has been processed;
Repeat steps 2 to 5 for the next 8-bit data processing;
The final CRC register is the CRC code.
3. Function code 03, read point and return value:

The instrument adopts the Modbus RTU communication protocol. Using the communication commands, the operation of reading point ("hold register") or return value ("input register") can be performed. Both the holding and input registers are 16-bit (2-byte) values, with the high-order bits first. In this way, the reading point and return value for the instrument are 2 bytes. The maximum number of registers that can be read at one time is 60. Since some programmable controllers do not use function code 03, function code 03 is used as a reading point and a return value. The command format of slave response is slave address, function code, data area and CRC code. The register data in the data area are every two bytes high byte first.

4. Function code 06, single point save

The host uses this command to save the single-point data to the memory of the instrument. The slave also uses this function code to return information to the master.

Second, programming examples

The following is an example of ModBus RTU communication written in VC

(1), communication port settings

DCB dcb;
hCom = CreateFile ("COM1",
GENERIC_READ | GENERIC_WRITE,
0,
NULL,
OPEN_EXISTING,
0,
NULL);
if (hCom == INVALID_HANDLE_VALUE)
{
MessageBox ("createfile error, error");
}
BOOL error = SetupComm (hCom, 1024,1024);
if (! error)
MessageBox ("setupcomm error");
error = GetCommState (hCom, & dcb);
if (! error)
MessageBox ("getcommstate, error");
dcb.BaudRate = 2400;
dcb.ByteSize = 8;

dcb.Parity = EVENPARITY; // NOPARITY;
dcb.StopBits = ONESTOPBIT;

error = SetCommState (hCom, & dcb);

(2) CRC check code calculation

UINT crc
void calccrc (BYTE crcbuf)
{
BYTE i;

crc = crc ^ crcbuf;
for (i = 0; i <8; i ++)
{
BYTE TT;
TT = crc & 1;
crc = crc >> 1;
crc = crc & 0x7fff;
if (TT == 1)
crc = crc ^ 0xa001;
crc = crc & 0xffff;
}
}

(3) Data transmission

zxaddr = 11; // Read the patrol table data at address 11
zxnum = 10; // Read the data of ten channels

writebuf2 [0] = zxaddr;
writebuf2 [1] = 3;
writebuf2 [2] = 0;
writebuf2 [3] = 0;
writebuf2 [4] = 0;
writebuf2 [5] = zxnum;
crc = 0xffff;
calccrc (writebuf2 [0]);
calccrc (writebuf2 [1]);
calccrc (writebuf2 [2]);
calccrc (writebuf2 [3]);
calccrc (writebuf2 [4]);
calccrc (writebuf2 [5]);

writebuf2 [6] = crc & 0xff;
writebuf2 [7] = crc / 0x100;
WriteFile (hCom, writebuf2,8, & comnum, NULL);

(4) Data reading

ReadFile (hCom, writebuf, 5 + zxnum * 2, & comnum, NULL); // Reading zxnum channel data can add error handling procedures, such as address code error, CRC code error judgment, communication fault handling, etc.

4.5mm Ribbon Connector

4.5Mm Ribbon Connector,El Connector,El Wire Connector,Compact El Connectors

YUEQING WEIMAI ELECTRONICS CO.,LTD , https://www.weimaiconn.com

This entry was posted in on