Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • 5 Modbus

    Încărcat de

    Mahar Tri Wahyudin
    51 vizualizări39 pagini
    MODBUS, modbus system, modbus embeded system, modbus adressing

    Titlu original

    5-modbus

    Drepturi de autor

    © © All Rights Reserved

    Formate disponibile

    PPT, PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document
    MODBUS, modbus system, modbus embeded system, modbus adressing

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca PPT, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    51 vizualizări39 pagini

    5 Modbus

    Încărcat de

    Mahar Tri Wahyudin
    MODBUS, modbus system, modbus embeded system, modbus adressing

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca PPT, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 39

    Modbus Embedded Controller

    Kevin Ho

    May,27,2004

    Industrial Computer Products Data Acquisition System

    P.1

    What is Modbus ?
    An open data communication protocol
    Published by Modicon
    http://www.modicon.com
    Open structure
    Flexible
    Widely known
    Supplied by many SCADA and HMI software
    2 serial transmission modes:

    ASCII 10 bits
    RTU (Binary) 11 bits

    Communication interface

    RS-232/485
    Ethernet (TCP/IP)

    Modbus Organization (http://www.modbus.org/default.htm)

    Industrial Computer Products Data Acquisition System

    P.2

    Application Structure (general)


    Modbus Client (Master)
    SCADA

    RS-232/485

    Modbus Device (Slave)

    HMI

    Internet
    Internet

    Modbus Device (Slave)

    Industrial Computer Products Data Acquisition System

    P.3

    Query-Response Cycle
    Query
    Station Number
    Function Code
    Data Bytes
    (Flexible)

    Error Check

    Station Number
    Function Code

    Data Bytes
    (Flexible)

    Error Check

    Response

    Industrial Computer Products Data Acquisition System

    P.4

    Modbus and Modbus TCP


    Client/Server communications protocol designed by
    Modicon in 1979 for use with its PLCs
    Openly published and free of royalties or licensing
    fees
    The most common industrial communications
    protocol in the US
    Used widely for Building Management Systems
    Passes raw words of bits without processing them
    Originally a serial protocol very similar to RS-485, it
    now has a TCP variant
    Also available as Modbus Plus, which is proprietary
    to Modicon
    and requires
    specialized
    hardware
    Industrial
    Computer
    Products
    Data Acquisition
    System

    Modbus and Modbus TCP


    Basic Modbus protocol does not support floating point
    or ASCII
    A MODBUS Request is the message sent on the
    network by the Client to initiate a transaction
    A MODBUS Indication is the Request message
    received on the Server side
    A MODBUS Response is the Response message sent
    by the Server
    A MODBUS Confirmation is the Response Message
    received on the Client side
    Industrial Computer Products Data Acquisition System

    Modbus TCP

    Industrial Computer Products Data Acquisition System

    Modbus TCP

    Industrial Computer Products Data Acquisition System

    Basic Requirements

    The Ethernet physical interface must be present


    The Modbus TCP firmware for the Ethernet
    processor must be installed
    V 1.117 or newer PMAC or V1.941 or newer
    Turbo PMAC firmware must be installed
    A user buffer of 256 or more words must have
    been defined with the DEFINE UBUFFER
    command
    I67 must be set to a value greater than 0.
    Industrial Computer Products Data Acquisition System

    Hardware Classification
    Station Device: 0 ~ 255
    Digital input module

    1xxxx: 4 digits for hexadecimal address (0000 ~ FFFF)


    1xxxxx: 5 digital for decimal address (0 ~ 65535)

    Digital output module

    0xxxx: 4 digits for hexadecimal address (0000 ~ FFFF)


    0xxxxx: 5 digital for decimal address (0 ~ 65535)

    Analog input module

    3xxxx: 4 digits for hexadecimal address (0000 ~ FFFF)


    3xxxxx: 5 digital for decimal address (0 ~ 65535)

    Analog output module

    4xxxx: 4 digits for hexadecimal address (0000 ~ FFFF)


    4xxxxx: 5 digital for decimal address (0 ~ 65535)

    Begining of Address

    From 0: VLC
    From 1: InduSoft, iFix

    Industrial Computer Products Data Acquisition System P.10

    Two Serial Transmission Modes


    ASCII Mode

    Data system
    ASCII character, 0~9,A~F
    Bits per data unit
    1 Start Bit

    7 Data Bits

    1 Parity Bit (Even/Odd) 1 Stop Bit

    1 Start Bit

    7 Data Bits

    2 Stop Bit

    Error Check Field


    Longitudinal Redundancy Check (LRC)

    RTU Mode

    Data system
    8-bit Binary, 00~FF
    Bits per data unit
    1 Start Bit
    8 Data Bits
    1 Start Bit

    8 Data Bits

    1 Parity Bit (Even/Odd) 1 Stop Bit


    2 Stop Bit

    Error Check Field


    Cyclical Redundancy Check (CRC)

    Industrial Computer Products Data Acquisition System P.11

    Modbus Message Packet


    ASCII Mode
    Start
    1 Char

    Station Number
    2 Chars

    Function Code
    2 Chars

    Data
    n Chars

    Error Check
    2 Chars
    LRC

    End
    2 Chars
    CR,LF

    Start
    Station Number
    3.5 Char
    1 Char
    Silence

    Function Code
    1 Char

    Data
    n Chars

    Error Check
    2 Chars
    CRC

    End
    3.5 Chars
    Silence

    Function Code

    Data

    :
    RTU Mode

    Modbus Plus network


    Prefixed Data Station Number
    6 x 8 Bits

    Byte 0, 1: transaction ID usually 0


    Byte 2, 3: protocol ID = 0
    Byte 4, 5: number of bytes following

    Industrial Computer Products Data Acquisition System P.12

    Modbus Function Code


    01: read DOs (0xxxx)
    02: read DIs (1xxxx)
    03: read AOs (4xxxx)
    04: read AIs (3xxxx)
    05: write single DO (0xxxx)
    06: write single AO (4xxxx)
    15: wirte DOs (0xxxx)
    16: write AOs (4xxxx)

    Industrial Computer Products Data Acquisition System P.13

    8000-MTCP System Application


    Multi Serial Clients (Masters)

    command protocol
    depend on serial
    devices

    Multi Modbus/TCP Clients (Masters)

    Internet
    Internet

    VxComm Technique

    Modbus/TCP
    command protocol

    Modbus/TCP Slave

    RS-485

    RS-232

    Industrial Computer Products Data Acquisition System P.14

    8000-MTCP System Application


    Multi Modbus/TCP Clients (Masters)

    Modbus/TCP

    Internet
    Internet

    Modbus/RTU

    Modbus/RTU

    Industrial Computer Products Data Acquisition System P.15

    8000E MTCP Features


    Supports Modbus/TCP communication protocol to access I/Os that plug on slots
    Supports VxComm technique for every COM port of controllers
    Auto scan I/O modules

    Automatically range register address of I/O modules

    Allows multi-client (or master) access simultaneously


    Online configuration (using Modbus Utility via Ethernet)
    Supports I-8000 and I-87000 series I/O modules
    Firmware updateable and programmable

    Industrial Computer Products Data Acquisition System P.16

    Tools
    MiniOS7 Utility (Download files and update OS image)

    PCDiag (Diagnostic tools)


    NAP OPC Server (Check I/O action quickly)
    MBTCP.exe (Check Modbus/TCP package details)
    MBRTU.exe (Check Modbus/RTU package details)

    Industrial Computer Products Data Acquisition System P.17

    8000E-MTCP Program Block


    Modbus Client (Master)
    Modbus protocol
    SCADA

    User-defined protocol

    HMI

    Modbus Embedded Controller

    Check Modbus Request


    Update I/O

    RS-485

    Run User Process

    .. .
    I-7000

    I-7000

    I-87K

    RS-232

    PLC

    Industrial Computer Products Data Acquisition System P.18

    8000E -MTCP SDK Features


    2 communication protocols

    User-defined: port 10000


    Modbus/TCP: port 502

    4 Internal register tables

    (MTDemo50)

    iMemory_DI

    Points of DI module plug on slots

    User-defined

    iMemory_DO

    Points of DO module plug on slots

    User-defined

    Points of AI module plug on slots

    User-defined

    Points of AO module plug on slots

    User-defined

    iMemory_AI
    iMemory_AO

    Access I/Os that plug on slots (MTDemo51)


    Link I-7000 or I-87000 series modules via COM ports
    Modbus/RTU master (MTDemo53)

    (MTDemo52)

    Industrial Computer Products Data Acquisition System P.19

    Industrial Computer Products Data Acquisition System P.20

    User-defined Internal Registers


    Modbus/TCP
    Write

    Modbus Kernel
    Read
    Slot

    iMemory_DI iMemory_DO
    iMemory_AI iMemory_AO

    User Process

    RS-232

    RS-485

    .. .
    I-7000

    I-7000

    I-87K

    Industrial Computer Products Data Acquisition System P.21

    Be a Modbus/RTU

    Master

    iMemory_DI iMemory_DO
    iMemory_AI iMemory_AO

    User Process

    Modbus/RTU

    Modbus/RTU

    User-defined Input

    Input

    User-defined Output

    Output

    int ModbusMaster2Slave(int iPort,unsigned char cNetID, unsigned char cFunction,


    int iControllerMemoryBaseAddress, int iDeviceMemoryBaseAddress,int iIOCount);

    Industrial Computer Products Data Acquisition System P.22

    Modify 8000E-MTCP Firmware


    User.c
    void UserInit(void)
    {
    int iRet;
    iRet=InitModbus();
    }
    void UserLoopFun(void)
    {
    UpdateIOModule();
    CheckModbusRequest(iModbusUpLinkPort); //Is any Modbus/RTU request from COM port ?
    CheckLEDMenu();
    }
    int UserCmd(unsigned char *Cmd,unsigned char *Response)
    {
    int iRet;
    if(Cmd[0]=='!')
    iRet=Configuration(Cmd,Response);
    return 1;
    }

    Industrial Computer Products Data Acquisition System P.23

    Modify 8000E-MTCP Firmware


    MBTCP_8E.h
    //Memory base address of every slot
    extern unsigned int iMemoryAddr_DI[8];
    extern unsigned int iMemoryAddr_DO[8];
    extern unsigned int iMemoryAddr_AI[8];
    extern unsigned int iMemoryAddr_AO[8];
    //I/O points of every slot
    extern unsigned int iMemoryNum_DI[8];
    extern unsigned int iMemoryNum_DO[8];
    extern unsigned int iMemoryNum_AI[8];
    extern unsigned int iMemoryNum_AO[8];
    //The I/O values
    extern unsigned char* iMemory_DI;
    extern unsigned char* iMemory_DO;
    extern int*
    iMemory_AI;
    extern int*
    iMemory_AO;
    //Total DI,DO,AI,AO points
    extern int iDINum,iDONum,iAINum,iAONum;

    Industrial Computer Products Data Acquisition System P.24

    7188E-MTCP System Application


    Multi Serial Master (Clients)

    command protocol
    depend on serial
    devices

    Multi Modbus/TCP Masters (Clients)

    Internet
    Internet

    Modbus/TCP
    command protocol

    Single Modbus/RTU Masters (Clients)

    Modbus/RTU
    command protocol

    VxComm Technique

    RS-232/485

    Modbus/RTU

    RS-485

    RS-232

    Industrial Computer Products Data Acquisition System P.25

    7188E-MTCP COM Port Enable Mode


    VxComm (Virtaul COM)
    Modbus/RTU Links to Modbus/RTU slave devices
    Programming Links to RS-232/485/422 devices (controlled by users program)
    UpLink Links to a Modbus/RTU master device
    Debug Prints out communication messages

    Industrial Computer Products Data Acquisition System P.26

    7188E-MTCP Internal Block


    Modbus Client (Master)
    Modbus protocol
    SCADA

    User-defined protocol

    HMI

    Modbus Embedded Controller


    Expansion Bus
    X board

    Check Modbus Request


    RS-485

    Read/Write I/O

    Run User Process


    I-7000
    RS-232

    I-7000

    I-87K

    Modbus/RTU

    Industrial Computer Products Data Acquisition System P.27

    7188E-MTCP Features
    Converts single Modbus/TCP to multi Modbus/RTU (Modbus/TCP slave port)
    Converts single Modbus/RTU to multi Modbus/RTU (Modbus/RTU slave port)
    Supports VxComm technique for every COM port of controllers
    Allowed multi-client (or master) access simultaneously
    Firmware updateable and programmable

    Industrial Computer Products Data Acquisition System P.28

    7188E-MTCP SDK Features


    Modbus/TCP to Modbus/RTU converter
    4 Internal register tables (MTDemo00)
    iMemory_DI

    User-defined

    iMemory_DO

    User-defined

    iMemory_AI
    iMemory_AO

    (Default function)

    User-defined
    User-defined

    Link I-7000 or I-87000 series modules via COM ports


    Access X-board (MTDemo02)
    Modbus/RTU master (MTDemo03)

    (MTDemo01)

    Industrial Computer Products Data Acquisition System P.29

    User-defined Internal Register


    (7188XB,7188E)
    Modbus/TCP
    Write

    Modbus Kernel
    Read
    Expansion Bus
    X board

    iMemory_DI iMemory_DO
    iMemory_AI iMemory_AO

    RS-232

    User Process
    RS-485

    .. .
    I-7000

    I-7000

    I-87K

    Industrial Computer Products Data Acquisition System P.30

    Modbus/RTU

    master (7188XB,7188E)

    iMemory_DI iMemory_DO
    iMemory_AI iMemory_AO

    User Process

    Modbus/RTU

    Modbus/RTU

    User-defined Input

    Input

    User-defined Output

    Output

    int ModbusMaster2Slave(int iPort,unsigned char cNetID, unsigned char cFunction,


    int iControllerMemoryBaseAddress, int iDeviceMemoryBaseAddress,int iIOCount);

    Industrial Computer Products Data Acquisition System P.31

    Modbus Gateway Application 1


    Original system: one PC connect to a HoneyWell PLC
    Requirement: allow two extra PCs to connect to the same PLC
    Problem: the communication interface of the PLC is RS-232.
    RS-232 is point to point interface, it cannot links 4 devices (3 PCs + 1 PLC)

    iFix
    (A)

    HoneyWell
    Modbus/RTU device
    RS-232 @ 38400 bps

    iFix
    (B)

    iFix
    (C)

    Industrial Computer Products Data Acquisition System P.32

    Thinking 1 (RS-485 method)


    Thinking: RS-485 is a broadcast interface. Change to RS-485 interface can allow all PCs
    communicate with the PLC.
    Problem: The PLC will broadcast its response to every PC.
    The two PCs will feel confuse.
    Final: Doesnt work
    iFix
    (A)

    2
    iFix
    (B)

    Response

    2
    Request

    iFix
    (C)

    Industrial Computer Products Data Acquisition System P.33

    Thinking 2 (Ethernet to RS-232 converter)


    Thinking: the converter allow the 3 PCs share one COM port
    Problem: The communication band width is shared by the 3 PCs.
    Thus the communication efficiency becomes 1/3.
    Final: Works but not efficient.

    iFix (A)

    Hub

    1
    iFix (A)

    Modbus/RTU

    8 Response

    Modbus/RTU 5
    Request
    iFix (A)

    Ethernet/RS-232
    converter

    COM1 @ 38400 bps

    Modbus/RTU HoneyWell
    Modbus/RTU device
    Response

    11 7
    2

    Modbus/RTU
    Request

    10

    12
    9

    Industrial Computer Products Data Acquisition System P.34

    Thinking 3 (Modbus/TCP Gateway)


    Thinking: Doesnt need to install extra VxComm driver on the PC
    Problem: The communication band width is shared by the 3 PCs.
    Thus the communication efficiency becomes 1/3.
    Final: Works but inefficient.
    iFix (A)

    4
    1
    iFix (B)

    Modbus/TCP

    8 Response

    Modbus/TCP 5
    Request
    iFix (C)

    7188E-MTCP
    Hub

    COM1 @ 38400 bps

    Modbus/RTU HoneyWell
    Modbus/RTU device
    Response

    11 7
    3
    2

    Modbus/RTU
    Request

    10

    12
    9

    Industrial Computer Products Data Acquisition System P.35

    Thinking 3 (Modbus/TCP Gateway)


    Thinking: 7188E polls PLCs memory to its share memory
    The 3 PCs get PLCs data from the share memory
    Goods: Ethernet communication is much faster than RS-232,
    The 3 PCs can get PLC data in very short time (less than 1 second)
    Final: Works and efficient
    iFix (A)
    7188E-MTCP

    Hub

    1
    iFix
    (B)

    Modbus/TCP

    4 Response
    Modbus/TCP
    Request

    iFix
    (C)

    Share
    Memory

    COM1 @ 38400 bps

    Modbus/RTU HoneyWell
    Modbus/RTU device
    Response

    B
    A
    Modbus/RTU
    Request

    6
    5

    Industrial Computer Products Data Acquisition System P.36

    Modbus Gateway Application 2


    Original system: one ABB DCS connect to one AB PLC
    Requirement: The system needs to include two AB PLC more.
    Problem: The communication interface of the DCS and PLC is RS-232

    AB PLC #1
    RS-232 @ 9600 bps

    AB PLC #2

    AB PLC #3

    Industrial Computer Products Data Acquisition System P.37

    Solution
    Hardware: 7188XB + X505 = 4* RS-232 port + 1* RS-485
    Software: 7188XB polls 3 AB PLCs data to its share memory
    ABB DCS access the 7188XB to get all data of the 3 AB PLCs
    7188XB

    ABB DCS

    AB PLC #1
    RS-232 @ 9600 bps

    Share
    Memory

    Analog Output

    AB PLC #2
    Analog Input
    DI

    DO

    AI

    AO
    AB PLC #3
    Analog Input

    Industrial Computer Products Data Acquisition System P.38

    Multi PC access PLCs on the same RS-485

    Polling PLCs backgroundly


    7188E-MTCP

    Hub

    Modbus/TCP
    Response

    Modbus/TCP
    Request

    Share
    Memory

    RS-485

    Modbus/RTU
    Response

    B
    A
    Modbus/RTU
    Request
    PLC#1

    PLC#2

    PLC#3

    6
    5

    Industrial Computer Products Data Acquisition System P.39

    S-ar putea să vă placă și