Home
News
Let China lead the world in iot
About
Build a smart world where everything is connected
search
History search
Search and find

Modbus communication protocol and programming

2022-03-07 16:01:17| Source:网络| views:| 0

  Modbus host communication protocol is divided into RTU protocol and ASCII protocol. Many instruments of our company adopt Modbus RTU communication protocol, such as yd2000 intelligent power monitor, patrol meter, digital display meter, light column digital display meter, etc. The Modbus RTU protocol is briefly introduced as follows:

  1、 Communication protocol

  (1) Communication transmission mode:

  Communication transmission is divided into independent information header and transmitted encoded data. The transmission mode of Modbus protocol is also compatible with the following RTU communication modes:

  code 8-bit binary

  Start bit 1 bit

  Data bit 8 bits

  Parity bit 1 bit (even check bit)

  Stop bit 1 bit

  Error checking CRC (redundant cyclic code)

  Initial structure = ≥ 4

  Byte time address code = 1

  Byte function code = 1

  Byte data area = n

  Byte error check = 16 bits

  CRC code end structure = ≥ 4 bytes of time

  Address code: the address code is the first byte of communication transmission. This byte indicates that the slave with the address code set by the user will receive the information sent by the host. And each slave has a unique address code, and the response loopback starts with its own address code. The address code sent by the host indicates the slave address to be sent, while the address code sent by the slave indicates the slave address returned.

  Function code: the second byte of communication transmission. Modbus communication protocol defines function numbers as 1 to 127. This instrument only uses part of the function codes. It is sent as a master request and tells the slave what action to perform through the function code. As a slave response, the function code sent by the slave is the same as the function code sent by the host, and indicates that the slave has responded to the host for operation. If the highest bit of the function code sent by the slave is 1 (for example, the function code is 127), it indicates that the slave does not respond to the operation or sends an error.

  Data area: the data area is different according to different function codes. The data area can be the actual value, the set point, the address sent by the host to the slave or the slave to the host.

  CRC code: two byte error detection code.

  (2) Communication protocol:

  When the communication command is sent to the instrument, the equipment conforming to the corresponding address code receives the communication command, removes the address code and reads the information. If there is no error, execute the corresponding task; The execution result is then returned to the sender. The returned information includes the address code, the function code of the action, the data of the result after the action and the error check code. If there is an error, no message is sent.

  1. Information frame structure

  Address code Function code Data area Error check code

  8 bits 8 bits N × 8 bits 16 bit

  Address code: the address code is the first byte (8 bits) of the information frame, from 0 to 255. This byte indicates that the slave with the address set by the user will receive the information sent by the host. Each slave must have a unique address code, and only the slave that meets the address code can respond to the loopback. When the slave sends back information, the equivalent address code indicates where the information comes from.

  Function code: the function code sent by the host tells the slave what task to perform. The function codes listed in Table 1-1 have specific meanings and operations.

  code meaning operation

  03 Read data Reads one or more binary values in the current register

  06 Reset single register Writes the set binary value to a single register

  Data area: the data area contains the actions to be performed by the slave or the return information collected by the slave. This information can be numeric values, reference addresses, and so on. For example, the length of the register and the required data to be read from the register. For different slaves, the address and data information are different.

  Error check code: the host or slave can use the check code to judge whether the received information is wrong. Sometimes, due to electronic noise or some other interference, the information will change slightly in the transmission process. The error check code ensures that the master or slave will not play a role in the error information in the transmission process. This increases the security and efficiency of the system. CRC-16 verification method is adopted for error verification.

  Note: the formats of information frames are basically the same: address code, function code, data area and error check code.

  2. Error verification

  The redundant cyclic code (CRC) consists of 2 bytes, i.e. 16 bit binary. The CRC code is calculated by the transmitting device and placed at the end of the transmitted information. The equipment receiving the information recalculates the CRC code of the received information and compares whether the calculated CRC code is consistent with the received one. If the two do not match, it indicates an error.

  The calculation method of CRC code is to preset all 16 bit registers to 1. Then process every 8 bits of data information step by step. During CRC code calculation, only 8 data bits, start bits and stop bits are used. If there are parity bits, they also include parity bits, which are not involved in CRC code calculation.

  When calculating the CRC code, the 8-bit data is different from the data of the register or the result is shifted by one byte to the low, and the highest bit is filled with 0. Then check the lowest order. If the lowest order is 1, the contents of the register are different from the preset number. If the lowest order is 0, no XOR operation is performed.

  This process has been repeated eight times. After the 8th shift, the next 8 bits are different from the contents of the current register or, and this process is repeated 8 times as above. When all data information is processed, the content of the last register is the CRC code value. When sending and receiving data in CRC code, the low byte comes first.

  The steps of calculating CRC code are:

  § the preset 16 bit register is hexadecimal ffff (i.e. all are 1). Call this register CRC register;

  § the first 8-bit data is different from the low bit of the 16 bit CRC register or the result is placed in the CRC register;

  § shift the contents of the register to the right by one bit (towards the low order), fill the highest order with 0, and check the lowest order;

  § if the lowest order is 0: repeat step 3 (shift again); If the lowest bit is 1: exclusive or between CRC register and polynomial A001 (1010 0000 0000 0001);

  § repeat steps 3 and 4 until it is shifted to the right for 8 times, so that the whole 8-bit data is processed;

  § repeat steps 2 to 5 to process the next 8-bit data;

  § the final CRC register is the CRC code.

  3. Function code 03, read point and return value:

  The instrument adopts Modbus RTU communication protocol, and the operation of reading point ("holding register") or return value ("input register") can be carried out by using communication command. Both the hold and input registers are 16 bit (2-byte) values, with the high bit first. In this way, the reading point and return value for the instrument are 2 bytes. The maximum number of registers that can be read at one time is 60. Since some programmable controllers do not use function code 03, function code 03 is used as read point and return value. The command format of slave response is slave address, function code, data area and CRC code. The register data in the data area is every two bytes, and the high byte comes first.

  4. Function code 06

  The host uses this command to save the single point data to the memory of the instrument. The slave also uses this function code to return information to the host. 2、 Programming example

  The following is an example of Modbus RTU communication written in VC

  (1) . communication port setting

  DCB dcb;

  hCom=CreateFile("COM1",

  GENERIC_ READ|GENERIC_ WRITE,

  0

  NULL,

  OPEN_ EXISTING,

  0

  NULL);

  if(hCom==INVALID_HANDLE_VALUE)

  {

  MessageBox("createfile error,error");

  }

  BOOL error=SetupComm(hCom,1024,1024);

  if(!error)

  MessageBox("setupcomm error");

  error=GetCommState(hCom,&dcb);

  if(!error)

  MessageBox("getcommstate,error");

  dcb. BaudRate=2400;

  dcb. ByteSize=8;

  dcb. Parity=EVENPARITY;// NOPARITY;

  dcb. StopBits=ONESTOPBIT;

  error=SetCommState(hCom,&dcb);

  (2) . CRC check code calculation

  UINT crc

  void calccrc(BYTE crcbuf)

  {

  BYTE i;

  crc=crc ^ crcbuf;

  for(i=0;i<8;i++)

  {

  BYTE TT;

  TT=crc&1;

  crc=crc>>1;

  crc=crc&0x7fff;

  if (TT==1)

  crc=crc^0xa001;

  crc=crc&0xffff;

  }

  }

  (3) . data transmission

  zxaddr=11;// Read the patrol table data with address 11

  zxnum=10;// Read data from ten channels

  writebuf2[0]=zxaddr;

  writebuf2[1]=3;

  writebuf2[2]=0;

  writebuf2[3]=0;

  writebuf2[4]=0;

  writebuf2[5]=zxnum;

  crc=0xffff;

  calccrc(writebuf2[0]);

  calccrc(writebuf2[1]);

  calccrc(writebuf2[2]);

  calccrc(writebuf2[3]);

  calccrc(writebuf2[4]);

  calccrc(writebuf2[5]);

  writebuf2[6]=crc & 0xff;

  writebuf2[7]=crc/0x100;

  WriteFile(hCom,writebuf2,8,&comnum,NULL);

  (4) . data reading

  ReadFile(hCom,writebuf,5+zxnum*2,&comnum,NULL);// Reading zxnum channel data can add error handling procedures, such as address code error, CRC code error judgment, communication fault handling, etc.


Contactus
Manager Wang Manager Wang
Official Accounts OfficialAccounts
Service hotline
400-6688-400