Code:I am changing the name of the thread to fit the direction it is going. In earlier models there is no CAN-BUS, looks like maybe around 05 for our cars. So really it looks like I need to better understand the systems. To acomplish this by creating a function system of PCM/BCM and emulating the sensors with a Raspberry PI. I will start a thread on the Pi forum for this purpose. I will replace this with the URL once I get it started. So I am changing the name from "Reverse Engineer the CAN-BUS" to "Raspberry Pi - Virtual Sensors for Car Computers"
I tried searching this forum and could not find any post on how to connect to the ECU's for the Pontiac Grand Prix. There are several web sites started on how to hack the communication network of cars, but nothing dedicated to Grand Prix. So I thought I would start this thread for the sharing of information. I will post several links that has inspired me to start this project. I wish I would started it while there was snow on the ground, now that it is starting to warm up I should be getting the project car on the road. If this takes off then maybe we can move it to the technical forum. If someone has started a thread, please let me know. If not then here we go!
30,000 Foot View
As I start this discussion, keep in mind I am learning, so if there is any misinformation given, I am open to correction. A CAN-BUS is basically a network. http://en.wikipedia.org/wiki/CAN_bus It is used in a lot of different industries and one of them being automotive. We are all familiar with ODBII. ODBII is a published standard, of some sort, that uses the CAN network to query information. What you can do with ODBII is limited to what the car manufactures publish. There is are areas that are not published, or have to buy expensive manuals for the protocols. This company has done a lot of research into car network hacking, reason being the more information out there, the better aware we will be about protecting our car's networks from hacking. Just as in home computers, now most people know not to click on that URL in some email we not know where it came from. Here is their thread releasing the tools they used. http://blog.ioactive.com/2013/08/car...g-content.html
This is the video that got me interested. https://www.youtube.com/watch?v=oqe6S6m73Zw
The purpose is not to play games, but be able to master our cars and maybe even flash some settings. To do that we have to know what bytes are what, before that we need to read and write to the memory, before that we have to get past the security, before that we have to communicate with the systems. The good news I found some white papers to get us started, bad news is, sounds like all cars are different. Even within the same manufacture/model it changes from year to year. This will take a lot of time, hence the need for a place to share so we don't have to reinvent the wheel every time.
WARNING!!!
As mentioned in the white papers, we don't want to be hacking around on our daily driver, and all of them over and over stressed, "DO NOT HACK ON A MOVING CAR". I think the reasons for NOT hacking on a moving car is obvious. Try everything at your own risk, I read in a paper that in all the testing they never bricked an ECU, but knowing my luck....
Phase 1.
One of the first links will be to a pdf about creating a test bed. http://www.ioactive.com/pdfs/IOActiv...ng_Poories.pdf
Also, here is the link to http://blog.ioactive.com/2013/08/car...g-content.html At the start of the blog is a link to a zip file with all the tools and pdf explaining some of it. They used a ECon cable https://www.cancapture.com/buy-now.html right now all you need is the cable, not the capture software. The zip files have some home grown tools.
As I researched I found some other interfaces. Next I found one called "Canberry" http://www.industrialberry.com/canberry-v-2-0/ which goes onto a Raspberry PI http://www.raspberrypi.org/products/...-pi-2-model-b/.
This web page has a homegrown interface, that is self contained and he put a display on it for a simple gauge readout. Look at the two videos at the bottom. https://sites.google.com/site/hobbyd...sed-obd-reader
Hopefully this week I will get by out local pull a part and get a couple of ECU. Looks like they charged $25 for PCM or BCM, so I thought I would start there. Looks like they have a 97 GP, which is what I will start with. I also have some old PC boxes laying around for my power supply. So it may be some time before the rubber meets the road so to speak, but I thought I would start the post and see what interest is out there.
Here are all the links I have saved, not in any order or meaning. Some of them seem to be the same paper but dressed up. Not sure if there is a nugget that is in one but not the other so I am posting all.
http://en.wikipedia.org/wiki/CAN_bus
https://www.cancapture.com/buy-now.html
http://illmatics.com/car_hacking.pdf
http://www.canbushack.com/blog/index.php
http://www.canbushack.com/blog/index...&c=1&tb=1&pb=1
http://www.autosec.org/pubs/cars-usenixsec2011.pdf
http://www.ioactive.com/pdfs/IOActiv...trol_Units.pdf
http://www.ioactive.com/pdfs/IOActiv...k_Surfaces.pdf
http://www.ioactive.com/pdfs/IOActiv...ng_Poories.pdf
https://www.youtube.com/watch?v=ANFXBaQmceU
https://sites.google.com/site/hobbyd...sed-obd-reader
http://www.raspberrypi.org/forums/vi...718682#p718682 (last link at this posting)
http://elinux.org/RPi_CANBus
