What is
MODBUS?
Understanding the Modbus Protocol in Industrial Automation

A Brief History of the Modbus Protocol

You might call the Modbus protocol the grandfather of industrial networking. It is nearly as old as the Modicon 084, widely regarded as the first commercially produced programmable logic controller (PLC). Originally, these devices were simply called programmable controllers (PCs), but the industry later adopted the term “PLC” to avoid confusion with personal computers.

Before the Modbus protocol arrived on the scene, it was nearly impossible for a central controller to talk to machines and devices from different manufacturers.

The Modbus Protocol

The Modbus protocol was developed by Modicon (now Schneider Electric) in 1979 and created a universal, open language that allowed PLCs to communicate with other devices, regardless of their manufacturer. It originally included two transmission modes, Modbus ASCII and Modbus RTU. The protocol later evolved in 1999 with the introduction of Modbus TCP/IP as Ethernet became more prominent in industrial networks.

Since 2004, the Modbus protocol has been managed by the Modbus Organization, of which Real Time Automation is a proud member.

Modbus ASCII

The ASCII transmission mode encodes each 8-bit data byte as two hexadecimal ASCII characters (0–9, A–F). While this makes messages twice as large as Modbus RTU, it offers greater timing flexibility because it used specific “start” and “stop” characters to mark the beginning and end of a message. This made it a popular choice for older, less reliable communication links where message gaps might otherwise be mistaken for the end of a transmission.

Modbus RTU

The Modbus RTU format utilized a binary data format that quickly became the dominant industrial standard due to three major advantages:

• Faster Data Throughput: By sending 8-bit values in a single byte (rather than 2), Modbus RTU can transfer twice as much data as Modbus ASCII in the same amount of time.
• 99%+ Accurate Error Checking: Modbus RTU uses a Cyclic Redundancy Check (CRC) that ensures transmission errors are detected with greater than 99% accuracy versus ASCII’s Longitudinal Redundancy Check (LRCs), which was prone to electrical interference.
• Lower Message Overhead: Modbus RTU’s time-based framing uses dead time to signal the start and end of a message versus the start (colon) and stop (carriage returns) characters used by ASCII, removing “container” bytes that consume bandwidth.

Despite the widespread adoption of industrial ethernet-based protocols like Modbus TCP, Modbus RTU is supported by all commercial SCADA, HMI, OPC server and data acquisition software available in the marketplace. This makes it very easy to integrate Modbus-compatible equipment into new or existing monitoring and control applications.

In addition to its simplicity, it also helped that Modbus RTU was created by one of the largest PLC manufacturers at the time and made widely available as an open standard.

Modbus RTU also requires very little in the way of processor code space or RAM, making it a popular choice for device manufacturers. All OEMs need is a serial port and a Modbus driver to make their devices ready-to-use within large, existing Modbus RTU networks.

While this isn’t as important today given the powerful processors and technology available to us, Modbus RTU was very important in the early years of industrial automation when processors used 8-bit technology and resources like RAM and ROM were extremely expensive and scarce.

Modbus TCP/IP

The introduction of Modbus TCP/IP in 1999 marked a significant shift, moving the protocol from serial lines to high-speed Ethernet networks. This variant of the Modbus protocol wraps messages inside a TCP/IP packet, combining the simplicity of the original protocol with the universal compatibility of modern IT infrastructure.

Compared to Modbus RTU, Modbus TCP/IP provides several key advantages:

• Standardized Infrastructure: Modbus TCP/IP runs on standard Ethernet, the most common and widely installed networking hardware in the world. Ethernet is governed by the Institute of Electrical and Electronics Engineers’ (IEEE) 802.3 standards.
• Seamless IT Integration: Modbus TCP/IP utilizes the same networking hardware and TCP/IP stack as standard office networks, making it easier to share data between OT and IT networks.
• Native Device Support: Most modern industrial devices treat Ethernet as the primary communication port, often relegating serial to a legacy backup.
• Leverages Foundations of Modbus RTU: Modbus TCP/IP works almost identically to serial Modbus at the application level. While the physical media, packet framing and device addressing change, the core function codes and data registers remain the same.
• Scalability and Distance: Unlike Modbus RTU which is limited by physical serial constraints, Modbus TCP/IP can support practically unlimited devices on a network. By utilizing standard switches and routers, communication can span across different buildings or even different geographical locations via the internet.
• High-Speed, Concurrent Communication: Modbus TCP/IP operates at much higher speeds than serial connections. More importantly, it allows for simultaneous communication, allowing a single PLC to talk to multiple devices at once instead of waiting for each device to answer in sequence.

Despite the rise of more complex industrial protocols, Modbus TCP/IP remains the global standard for Ethernet-based communication in industrial automation.

Modbus TCP/IP uses standard Ethernet hardware and technologies, making it uniquely suited for smart factories and Industry 4.0. In addition to manufacturing, it is increasingly used in smart grids for monitoring renewable energy systems, for communication with Industrial Internet of Things (IIoT) devices and in building management systems (BMS) for controlling HVAC, lighting and security systems.

Because Modbus was designed before cybersecurity was a primary concern, all Modbus variants (including Modbus TCP/IP) lack native security features like encryption or authentication. To address this, the Modbus /TCP Security variant was introduced, utilizing TLS certificates to secure communications. However, despite the availability of this secure version of Modbus and new global regulations like the EU Cybersecurity Resilience Act (CRA), many legacy systems still rely on standard Modbus TCP/IP.

Why Modbus is Important in Industrial Settings

Modbus plays a critical role in streamlining industrial operations. From PLC control to device monitoring, Modbus PLC communication is the backbone of many industrial processes. Because it’s an open standard, manufacturers around the world continue to implement the Modbus protocol into new equipment and systems.

Here’s why it continues to thrive:

• It reduces wiring and simplifies installation in PLC networks.
• It integrates well with other industrial protocols through gateways.
• It supports both serial (Modbus RTU) and Ethernet (Modbus TCP) communications.
• It is ideal for industrial automation communication protocol needs across diverse environments.

Modbus Protocol Variants

Understanding the differences between the types of Modbus protocols is essential when choosing the right solution.

• Modbus RTU: This is a serial protocol typically transmitted over RS-232 or RS-485. Modbus RTU is compact, binary-based and highly efficient for data transfer in environments where timing is critical.
• Modbus ASCII: Like RTU, but the data is encoded in ASCII characters. It’s human-readable but slower and less common in modern applications.
• Modbus TCP/IP: Known simply as Modbus TCP, this version operates over Ethernet. It’s widely used for networked devices and allows for faster communication and support for multiple clients.

Each variant of the Modbus protocol addresses unique connectivity needs in industrial automation. Whether you need to wire a few devices together in a plant or create an enterprise-wide PLC communication strategy, there’s a Modbus format that fits.

Modbus Function Codes

Modbus function codes are at the heart of Modbus PLC communication. These codes tell Modbus-enabled devices what actions to perform. Here are common ones:

• FC01: Read Coils
• FC02: Read Discrete Inputs
• FC03: Read Holding Registers
• FC05: Write Single Coil
• FC06: Write Single Register
• FC15: Write Multiple Coils
• FC16: Write Multiple Registers

By using these function codes, a Modbus client (or master) can collect sensor data, control actuators, and adjust system parameters across any Modbus RTU or Modbus TCP network. 

Modbus Device Types

In the Modbus protocol, two main device types are defined:

• Clients (Masters): These devices initiate communication. In a Modbus PLC communication setup, this is often a PLC or SCADA system.
• Servers (Slaves): These devices respond to requests and return data. Examples include drives, sensors and meters.

The clarity of this master/slave architecture makes Modbus one of the easiest industrial automation communication protocols to understand and deploy.

Modbus Message Structure

Each Modbus message consists of a function code, data fields and error-checking components. This structure remains consistent whether you’re using Modbus RTU, Modbus ASCII or Modbus TCP/IP.

Fields include:

• Function Code
• Start Address
• Quantity of Registers/Coils
• Byte Count
• CRC (RTU) or LRC (ASCII) for error detection
• MBAP Header (TCP)

Modbus Use Cases

Wondering how this protocol is used? Here are some real-world Modbus use cases:

• Connecting legacy PLCs and HMI systems with Modbus RTU
• Integrating smart energy meters using Modbus TCP/IP
• Monitoring remote tanks with cellular gateways using Modbus
• Retrofitting legacy automation equipment for IIoT using Modbus explained integration techniques

The protocol’s simplicity makes it the go-to solution for many industrial communication scenarios.

Connecting PLCs with Modbus

PLCs use Modbus to communicate with devices like VFDs, sensors, I/O blocks and other PLCs. In a typical Modbus PLC communication setup:

• A master PLC sends a query
• The slave device responds with data or status
• This cycle repeats continuously for real-time updates

Whether through Modbus RTU or Modbus TCP, this structure forms the backbone of many modern automation systems.

How RTA Gateways Help with Modbus Integration

Real Time Automation offers industrial-grade gateways that make it easy to convert Modbus RTU to Modbus TCP, or bridge Modbus to protocols like BACnet, EtherNet/IP and Profinet. These plug-and-play devices eliminate programming complexity and ensure fast, reliable integration.

If you’re working with Modbus protocol integration projects—especially ones involving different types of industrial automation communication protocols—RTA’s solutions provide the fastest path to connectivity.

Why Modbus Still Matters

Modbus isn’t going away anytime soon. It’s one of the most widely used, easiest-to-implement protocols available for industrial automation. With strong support for Modbus RTU, Modbus TCP and flexible gateway solutions, it provides a seamless pathway for connecting and controlling modern automation equipment.