CAN Sniffing

dyezak

Major
May 4, 2017
1,768
1,518
0
Plano TX
Ride
335is
So I soldered up my CAN sniffer tonight. It's been so damn long for me doing any coding and development (and even then I was only a hack) that I'm going to have to relearn arduino before I can make serious progress here. But I wanted to share some resources:

https://www.bimmerforums.com/forum/showthread.php?2298830-E90-Can-bus-project-(E60-E65-E87-)/page4

http://e46canbus.blogspot.com/2017/12/e90-warning-lights.html

http://www.loopybunny.co.uk/CarPC/k_can.html

The goal is for me to code up a this arduino as a sniffer that can log do an internal micro SD card from the PT_CAN bus (high speed). With the speed of the bus and the max SD card of 32gb I should be able to log 64min of CAN traffic, then analyse it on a computer. I want to really monitor the EKG (transmission), DSC, DME, KOMBI and see how they interact during different driving situations (during a shift for example).

I'll have to do MHD logs and then pair the logs up so you can see the MHD log and what is going on there that makes sense to everyone and what the associated PT_CAN traffic looks like at those same points.

I'm kind of pumped about this but need to first take a break as I have a work trip for the rest of this week, and second need to re-learn basic arduino so I can apply that to this project.

FUN!
 
  • Like
Reactions: doublespaces

doublespaces

Administrator
Oct 18, 2016
9,303
4,331
0
AZ
Ride
2009 E93 335i
I bought an Arduino set for my son, its still in the box. Maybe I'll make use of it if you've got any use for data collection on my end. Let me know which modules you have once you figure out what is needed.
 

NoQuarter

Major
Nov 24, 2017
1,662
1,066
0
Indiana, USA
Ride
Z4 35is, 535xi, X5 35i
Getting the canbus traffic is the easy part.

Deciphering the message was always so difficult for me. Things like iDrive knob left/right/up/down is pretty easy but messages that carry something like oil temp (or any variable message) you need to do the bit math which is a bit like breaking a code when you don't know what the message is supposed to say.

I has some fun with it a long way back making a macro operate when I pushed a steering wheel button. Turn on active backrest, set trans to sport mode, change idrive screen to display obd data, etc.
 
  • Like
Reactions: doublespaces

dyezak

Major
May 4, 2017
1,768
1,518
0
Plano TX
Ride
335is
Getting the canbus traffic is the easy part.

Deciphering the message was always so difficult for me. Things like iDrive knob left/right/up/down is pretty easy but messages that carry something like oil temp (or any variable message) you need to do the bit math which is a bit like breaking a code when you don't know what the message is supposed to say.

I has some fun with it a long way back making a macro operate when I pushed a steering wheel button. Turn on active backrest, set trans to sport mode, change idrive screen to display obd data, etc.

People are using clusters and connecting them to the arduino and sending the variable message and altering the bits so they can let the cluster decipher the message. The suggestion I keep seeing is to go backwards from the way you were doing it. Don't decipher the message, emulate the message and allow the car (cluster) to decipher what you just sent so you can see what is going on.

This won't work for everything, but it's a cool trick for some of the things.
 
  • Informative
Reactions: aus335iguy

NoQuarter

Major
Nov 24, 2017
1,662
1,066
0
Indiana, USA
Ride
Z4 35is, 535xi, X5 35i
People are using clusters and connecting them to the arduino and sending the variable message and altering the bits so they can let the cluster decipher the message. The suggestion I keep seeing is to go backwards from the way you were doing it. Don't decipher the message, emulate the message and allow the car (cluster) to decipher what you just sent so you can see what is going on.

This won't work for everything, but it's a cool trick for some of the things.

Clever idea - I like it for those cases.
 

dyezak

Major
May 4, 2017
1,768
1,518
0
Plano TX
Ride
335is
Clever idea - I like it for those cases.

I think I'm going to take that one step further. MHD is doing logging via CAN bus messages (K-CAN that has been scrubbed by the JBB, but they are PT-CAN messages that are unaltered). You should be able to connect the arduino directly to your K+D-CAN cable, emulate PT-CAN messages (at the K-CAN baud rate) and MHD can decipher them for you and let you know what you just sent.

There are data loggers that are more sophisticated than MHD that can be used in the same manner, but I have MHD so......