On the gateway, open a TCP connection to the Modbus device on port 502; each Modbus TCP request wraps a standard Modbus PDU with a MBAP header containing a transaction ID, protocol ID (0x0000), length, and unit ID.
Send a Read Holding Registers (function code 0x03) or Read Input Registers (0x04) request specifying the starting address and quantity of registers; parse the response payload by mapping register indices to engineering units.
Implement a polling loop at the desired sample rate; apply scaling factors and offset corrections to convert raw register values to physical units (temperature, pressure, flow).
Construct a JSON telemetry payload from the parsed registers and publish it to an MQTT topic on AWS IoT Core using the device SDK or a Paho MQTT client with mutual TLS authentication.
Handle Modbus exception responses (function code OR'd with 0x80) by logging the exception code and emitting a health metric to IoT Core for observability.
Use AWS IoT Core Rules to route incoming MQTT messages to DynamoDB, Timestream, or S3 for storage and analytics.
Known gotchas
Modbus TCP has no built-in authentication or encryption; run the gateway on an isolated OT network segment and tunnel or encrypt traffic before it reaches the internet.
Register address conventions (0-based vs. 1-based) vary by device vendor; always confirm the register map in the device datasheet to avoid reading the wrong addresses.
Some Modbus devices support only one concurrent TCP connection; implement connection pooling or a single-connection mutex to prevent timeouts when multiple services try to poll simultaneously.
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp