Industrial IoT Protocols Compared: OPC-UA, Modbus, PROFINET, and More

TL;DR:

• Modbus is everywhere in brownfield — simple to implement but has no security and limited addressing
• OPC-UA is the convergence target: vendor-neutral, encrypted, semantic, and increasingly mandatory for new industrial deployments
• PROFINET and EtherNet/IP dominate hard real-time control loops; MQTT bridges data to the cloud layer

Industrial IoT protocols reflect 50 years of industrial automation history, which means any realistic deployment involves more than one of them. A typical brownfield factory floor in the UK has Modbus RTU devices from the 1990s, PROFINET PLCs from the 2000s, and a new requirement to stream all of it into a cloud analytics platform. Understanding what each protocol does well — and where its limits are — is the foundation of any IIoT architecture.

The Protocol Landscape

Modbus: The Incumbent

Modbus RTU (serial) and Modbus TCP (Ethernet) remain the most widely deployed industrial protocols in the world — not because they’re good, but because they’ve been shipping in PLCs, drives, and sensors for 45 years and are simple to implement.

The protocol is a register-based polling model: a master queries slave devices by address, requesting coils, discrete inputs, holding registers, or input registers. There’s no security, no encryption, no authentication, and the addressing space caps at 247 serial devices or 65,535 Modbus TCP devices.

Use Modbus when you’re reading data from legacy devices that speak nothing else. Use Modbus TCP gateways (like the Moxa MGate series) to bridge serial Modbus to Ethernet for collection. Never expose Modbus TCP directly to untrusted networks — it has no authentication whatsoever. This is a genuine risk at brownfield UK sites where OT and IT networks have historically been flat.

PROFINET and EtherNet/IP: Real-Time Control

PROFINET (Siemens, widely adopted in European automation) and EtherNet/IP (Rockwell/Allen-Bradley, dominant in North America) both run on standard Ethernet hardware but use deterministic scheduling to achieve real-time control loop timing.

PROFINET IRT (Isochronous Real-Time) achieves cycle times under 1ms with jitter under 1μs — necessary for synchronised motion control. This requires managed switches that support PROFINET’s time-aware scheduling.

EtherNet/IP uses the Common Industrial Protocol (CIP) over TCP for explicit messaging and configuration, and over UDP multicast for I/O (implicit messaging). CIP’s object model provides structured device descriptions that go beyond raw registers.

Both protocols are well-suited for hard real-time control loops: robot arms, CNC machines, synchronised production lines. Neither is designed for cloud connectivity — they’re LAN protocols for deterministic control, not data integration.

OPC-UA: The Convergence Standard

OPC-UA (Unified Architecture) was designed specifically to solve the integration problem that Modbus and field bus protocols created. It’s increasingly mandatory for new industrial deployments in Europe, including those procured by UK manufacturers following IEC 62541 specifications.

Key differentiators: the information model means data isn’t raw registers — it’s typed, named nodes in a browsable address space. A device describes itself semantically: Temperature_Sensor_1.CurrentValue with units, engineering range, and timestamp. Security is built in from the ground up — mutual X.509 certificate authentication and TLS encryption are mandatory, not optional add-ons. Transport is flexible, running over TCP binary (lowest overhead), HTTPS, or MQTT. And companion specifications mean industry consortia have defined OPC-UA models for robotics, CNC, plastic moulding, and dozens of other verticals — devices from different vendors that implement the same companion spec can exchange data without custom integration work.

OPC-UA Pub/Sub over MQTT is the bridge that modern IIoT architectures use to get OPC-UA semantic data into cloud platforms. The PLC exposes data via OPC-UA; a local broker translates to MQTT topics; Azure IoT Hub or AWS IoT Core receives structured messages.

Brownfield vs Greenfield

Brownfield deployments (existing equipment you can’t replace) require a protocol gateway strategy. Inventory all field devices and their native protocols. Deploy protocol gateways — Kepware, Prosys, or open-source node-red-contrib-opcua — to translate Modbus/PROFINET to OPC-UA. Use OPC-UA as the northbound interface from the edge to the cloud.

Greenfield deployments (new equipment selection) should specify OPC-UA as a mandatory requirement. Most PLC vendors (Siemens, Rockwell, Beckhoff, B&R) support OPC-UA servers natively in current firmware. Beckhoff’s TwinCAT and B&R’s Automation Studio have particularly strong OPC-UA implementations.

A practical greenfield stack: PLCs and drives with native OPC-UA servers, edge gateway running EMQX with OPC-UA pub/sub ingestion, MQTT transport to cloud IoT platform, and InfluxDB or TimescaleDB for time-series storage.

Where MQTT Fits

MQTT isn’t an industrial control protocol — it has no real-time guarantees and no semantic data model. Its role in IIoT is as the northbound transport layer: after OPC-UA or a gateway aggregates and structures field device data, MQTT carries it to the cloud efficiently. The MQTT Sparkplug B specification adds a standardised payload format (protobuf-encoded device data with birth/death certificates) that solves the “no semantics” problem for MQTT-based IIoT pipelines.

The Bottom Line

There’s no single industrial IoT protocol that rules them all — the stack is layers. Real-time control stays on PROFINET or EtherNet/IP. Brownfield data collection runs through Modbus gateways. OPC-UA provides the semantic integration layer and the northbound API. MQTT carries structured data to the cloud. Design for this layered reality rather than trying to replace the field bus with a cloud protocol.