When working with Modbus communication, understanding the key concept of function codes is essential for ensuring efficient and accurate data exchange. Sometimes a device manual might only refer to the supported Modbus function codes and the range of offsets available for those function codes. A solid understanding of function codes is critical in achieving optimized performance and resolving potential communication issues.
After reading this blog, you'll know how you can leverage TOP Server’s Modbus driver to automatically handle the appropriate function codes for your application – while also taking advantage of its flexibility and other advanced features – to enhance performance, ensure compatibility with your devices, and reduce troubleshooting time.
What are Modbus Function Codes?
At their core, function codes are numerical identifiers that represent specific operations in Modbus communication. These codes instruct the device on actions to take such as reading the status of coils, retrieving values from registers, or writing new data. Each function code corresponds to a particular memory type and operation, such as reading holding registers (FC3) or writing multiple coils (FC15).
Modbus Memory Type Refresher
Before we jump further into function codes, let’s get a brief refresher of the 4 different types of Modbus memory:
Modbus memory is made up of input and output coils (coils being a Boolean, 0 or 1), as well as input and holding (output) registers. Each memory type follows a specific addressing convention, starting with 0, 1, 3, or 4, followed by the memory location's offset. To better understand Modbus addressing and offsets, check out our detailed blog: Modbus Offset vs. Addressing: Why Does It Matter?
Modbus Function Codes Supported by TOP Server
Modbus Function codes determine which type of memory is being accessed and whether or not it is a read or write operation. Below, you’ll find a chart outlining the Modbus function codes supported by TOP Server and their purposes, helping to clarify how these operations are performed in practice.
While function codes 1-6 are straightforward, function codes 15 & 16 require a bit of a deeper dive to fully understand how they are utilized by TOP Server.
While the primary purpose of FC 15 is to write to multiple output coils. However, some devices only support FC 15 for both single and multiple writes and do not support FC 05. In such cases, you can disable FC 05 (Write Single Coil) in the TOP Server device settings, ensuring that all coil writes – single or multiple- to use FC 15. Similarly, FC 16 is designed for writing to multiple holding registers, but for devices that only support FC 16, disabling FC 06 (Write Single Register) ensures all register writes, even single ones, use FC 16.
I’ve included a brief example with Communication Diagnostics to demonstrate this setting in action. In both requests, I perform a write to a single output coil. The first example uses the default setting with "Modbus Function 5" enabled, and as highlighted in red, we can see that Function Code 5 is being used.
However, if I disable this setting and perform a single write again, the request is now forced to use Function Code 15 (Hex 0F), even though it is only for a single coil.
You can utilize these settings in TOP Server to improve compatibility with devices that don’t fully support single writes.
Lastly, let's take a look at Modbus Function Code 22. FC 22 enables direct bit writes within holding registers (4xxxxx) in a single transaction, avoiding the risks of the default Read/Modify/Write operation. This method prevents inadvertently altering other bits during the write process, making it safe for devices with frequently changing register values.
It's important to note FC 22 is disabled by default in TOP Server because many Modbus devices do not support it. The alternative involves reading the entire register using FC 03, modifying the target bit, and writing the updated value back to the device using FC 6 or FC 16. This can cause errors if other bits are changed during the process.
If you have confirmed your Modbus device supports FC 22 you can enable "Holding Register Bit Writes" in the device properties within TOP Server to safely write to individual bits without altering other bits in the register.
TOP Server’s default settings align with typical Modicon Modbus PLCs, but other third-party Modbus devices may require adjustments. If you are unsure what to use for your device, please refer to the device documentation for supported function codes. Also, feel free to read over our blog, Why Are My Data Values Wrong?, that explores the Data Access and Data Encoding settings for Modbus devices in TOP Server.
Putting it All Together
Now let's put these pieces together and take a look at the whole picture.
Every Modbus request is a structured message that enables precise communication between the Modbus Client (TOP Server) and the Modbus device. These requests combine key components to ensure the correct data is accessed or modified:
- Function Code: Specifies the action to perform. (ex. a read action for coils or registers, or a write action to modify data.)
- Starting Address: The memory location (or address) where the data is located. (ex. register 40001 - offset 0.)
- Data Quantity: The number of registers, coils, or other data units you wish to read or write.
Below is an example of what a request (TX) would look like reading data from 10 holding registers:
- Function Code 3 is being used as denoted by the red box. This is the function code used to read holding registers.
- The starting offset of 1 can be seen outlined in green.
- The quantity of holding registers, 10 (Hex 0A), is outlined in blue.
- The device then responds with the values for each of the 10 requested holding registers.
TOP Server will automatically select the correct function code, handle offsets, and send the request to the device, which will then deliver the response. This simple yet powerful structure ensures that all Modbus communication, no matter how complex, follows the same principles. When paired with TOP Server's diagnostic tools, this structured approach also simplifies troubleshooting, enabling you to pinpoint and resolve issues quickly.
The following chart offers quick reference to the Modbus function codes, their purposes, and the memory types they interact with. Use this as a handy guide when configuring or troubleshooting your Modbus devices with TOP Server.
Conclusion
By leveraging TOP Server’s ability to handle function codes automatically and configure settings like block sizes, single or multiple writes, and bit-level operations, you can streamline this process even further. These tools ensure that communication remains reliable and tailored to the specific requirements of your devices, whether they follow Modicon standards or have unique implementations.
Understanding Modbus function codes and how they interact with memory types, addressing, and requests is critical for efficient communication. When paired with the flexibility and advanced features of TOP Server, you can optimize performance, maintain compatibility with your devices, and reduce troubleshooting time. Whether you are reading registers, writing coils, or modifying bits, the building blocks of Modbus communication remain the same and TOP Server ensures those blocks are used to their full potential.
If you run into any problems or have any questions regarding Modbus Function Codes, please feel free to contact our technical support team.
Don't forget to subscribe to our blog to find out about the latest updates to TOP Server and for other useful tutorials and resources as well as take a look at our other Modbus related Technical Blog posts.
Ready to get started using TOP Server with your Modbus devices? Download the free trial today.
