Modbus is the most widely used communication protocol in automation.
Started as a serial protocol (RS-232,Rs-485) and migrated to ethernet (Modbus TCP,Modbus UDP).
Modbus slaves present a set of coil (binary on/off values) and registers (numeric values) that may be read and changed over network.
Modbus commands are called ‘function codes’
Function Code 1 - read coil
Function code 3 - read multiple registers
Function code 16 - write multiple registers
Many controller use proprietary modbus function codes for maintenance and diagnostic.
Why Modbus Firewall is required?
Modbus has no authentication.Any computer that can ping a PLC can issue any modbus command to it.
Reading certain modbus register may divulge sensitive process information.
Writing the wrong register or coil coil have catastrophic impact on the process.
Issuing a maintenance or diagnostic command could reset or re-program PLC.
Malformed or invalid modbus commands can cause some controller to crash