Modbus protocol Finishing--function code description

1.Modbus Introduction-From Wikipedia

Modbus is a serial communication protocol, which was modicon in 1979 for the use of Programmable logic controllers (PLCs). Modbus is the industry standard for communication protocols in the industrial sector and is now a fairly common connection between industrial electronic devices. The main reasons for the wider use of modbus than other communication protocols are:
"1" publication and no royalty requirements
"2" relatively easy deployment of industrial networks
"3" For vendors, there is no limit to modifying the bits or bytes of a mobile native

Figure 1 Modbus structure--from

2. Protocol Collation link

"Function code Brief" "Read coil register 01H, read discrete input register 02H" "Read hold register 03H, read input register 04H" "Write single coil register 05H, write single hold Register 06H" "Write Multiple coil register 0FH, write multiple hold register 10H" 3. Related Blog "Freemodbus Modbus TCP Learning Notes"--freemodbus+uip "Raspberry Pi Learning notes--realization of Modbus RTU from the machine"--raspberry+python modbus-tk "Easyarm I. MX28 study notes-via Modbus TCP control Gpio "--i.mx287+freemodbus modbus TCP" Modbus learning notes--modbus TK modbus TCP host Implementation "1.MODBUS function code description

The following table lists some of the function codes supported by Modbus: in decimal notation.

Table 1.1 Modbus part function code

Code	Chinese name	Register PLC Address	Bit manipulation/word manipulation	Number of operations
01	Read Coil Status	00001-09999	-bit operation	Single or multiple
02	Read discrete input state	10001-19999	-bit operation	Single or multiple
03	Read Hold Register	40001-49999	Word manipulation	Single or multiple
04	Read Input Register	30001-39999	Word manipulation	Single or multiple
05	Write a single coil	00001-09999	-bit operation	Single
06	Write a single hold register	40001-49999	Word manipulation	Single
15	Write multiple coils	00001-09999	-bit operation	Multiple
16	Write multiple hold Registers	40001-49999	Word manipulation	Multiple

1.1 Function Code Description

Function code can be divided into two categories: bit manipulation and word manipulation. The minimum unit of bit operation is bit, and the minimum unit of a word operation is two bytes.

"Bit operation instruction" read coil status 01H, read (discrete) input status 02H, write single coil 06H and write multiple coils 0FH.

The "Word operation instruction" reads the hold register 03H, writes a single register of 06H, writes multiple hold registers 10H.

1.2 Register address Assignment

Table 1.2 Modbus Register address assignment

Register PLC Address	Register Protocol Address	Applicable functions	Register type	Read/write Status
00001-09999	0000h-ffffh	01H 05H 0FH	Coil status	Readable and writable
10001-19999	0000h-ffffh	02H	Discrete input State	Readable
30001-39999	0000h-ffffh	04H	Input Registers	Readable
40001-49999	0000h-ffffh	03H 06H 0FH	Hold Register	Readable and writable

1.3 Description of Register type

Table 1.3 Modbus Register type description

Register type	Description	PLC analogy	Examples Show
Coil State	Output port. The output state of the port can be set, or the output state of the bit may be read. Can be divided into two different execution states, such as the holding type or the edge trigger type.	Do Digital output	Solenoid valve OUTPUT, MOSFET output, LED display, etc.
Discrete Input status	Enter the port. Change the input state via external settings, readable but not writable.	DI Digital inputs	Dial switch, proximity switch, etc.
Keep Register	Output parameters or hold parameters, some parameters that are set when the controller is run. Can be read and writable.	AO Analog output	Analog output SetPoint, PID operating parameters, variable valve output size, sensor alarm upper limit.
Input Register	Input parameters. Parameters obtained from external devices while the controller is running. Readable but not writable.	AI Analog inputs	Analog inputs

1.4 Plc address and protocol address differences

PLC address can be understood as a variant of the protocol address, in the touch screen and PLC programming more widely used.

1.4.1 Register PLC Address

Register PLC address refers to the address stored in the controller, these controllers can be PLC, can also make a touch screen, or text display. PLC address is generally used in 10 binary description, a total of 5 bits, of which the first bit of code register type. The correspondence between the first digit and the register type is shown in table 1. PLC address such as 40001, 30002 and so on.

1.4.2 Register Protocol Address

Register protocol address refers to the address of the register used in the communication, for example, the address address of the PLC 40001 corresponding addressing 0x0000,40002 address 0x0001, the Register addressing address is generally used 16 binary description. For example, the PLC register address 40003 corresponds to the protocol address 0002,PLC register address 30003 corresponds to the protocol address 0002, although two PLC register registers communicate with the same address, but need to use different command access, so there is no conflict when accessing.

Modbus protocol Finishing--function code description