User Manual

ManualsBrandsSiemens ManualsAutomationSignal module SIMATIC S7-1200 Series

161

162

163

164

165

166

167

168

169

170

Easy to communicate between devices

7.10 PtP, USS, and Modbus communication protocols

Easy Book

Manual, 03/2014, A5E02486774-AF

167

7.10.5

Modbus instructions

The CPU supports Modbus communication over different networks:

● Modbus RTU (Remote Terminal Unit) is a standard network communication protocol that

uses the RS232 or RS485 electrical connection for serial data transfer between Modbus

network devices. You can add PtP (Point to Point) network ports to a CPU with a RS232

or RS485 CM or a RS485 CB.

Modbus RTU uses a master/slave network where all communications are initiated by a

single Master device and slaves can only respond to a master’s request. The master

sends a request to one slave address and only that slave address responds to the

command.

● Modbus TCP (Transmission Control Protocol) is a standard network communication

protocol that uses the PROFINET connector on the CPU for TCP/IP communication. No

additional communication hardware module is required.

Modbus TCP uses client-server connections as a Modbus communication path. Multiple

client-server connections may exist, in addition to the connection between STEP 7 and

the CPU. Mixed client and server connections are supported up to the maximum number

of connections allowed by the CPU. Each MB_SERVER connection must use a unique

instance DB and IP port number. Only 1 connection per IP port is supported. Each

MB_SERVER (with its unique instance DB and IP port) must be executed individually for

each connection.

WARNING

If an attacker can physically access your networks, the attacker can possibly read and

write data.

The TIA Portal, the CPU, and HMIs (except HMIs using GET/PUT) use secure

communication that protects against replay and "man-in-the-middle" attacks. Once

communication is enabled, the exchange of signed messages takes place in clear text

which allows an attacker to read data, but protects against unauthorized writing of data.

The TIA Portal, not the communication process, encrypts the data of know-how

protected blocks.

All other forms of communication (I/O exchange through PROFIBUS, PROFINET, AS-i,

or other I/O bus, GET/PUT, T-Block, and communication modules (CM)) have no

security features. You must protect these forms of communication by limiting physical

access. If an attacker can physically access your networks utilizing these forms of

communication, the attacker can possibly read and write data.

For security information and recommendations, please see our "Operational Guidelines

for Industrial Security" on the Service and Support site:

www.industry.siemens.com/topics/global/en/industrial-

security/Documents/operational_guidelines_industrial_security_en.pdf

(http://www.industry.siemens.com/topics/global/en/industrial-

security/Documents/operational_guidelines_industrial_security_en.pdf)

Note

Modbus

TCP will only operate correctly with CPU firmware release V1.02 or later. An

attempt to execute the Modbus instructions on an earlier firmware version will result in an

error.