I want to learn some about canbus on can vehicles. I like to learn by doing. It's the only way to learn!

Does anyone know a good hardware/software combo to start out with that is affordable? Most devices I have found are crazy expensive.

I know the elm327 devices are supposed to work decent, but not sure if there is any software that actually sniffs the canbus packets and will let you send your own commands?

Also, I see this device CAN BUS Analyzer Tool (http://www.microchip.com/stellent/idcplg?IdcService=SS_GET_PAGE&nodeId=1406&dDocName=en546534)

It looks interesting.

Anyone else sniffing/monitoring/analyzing canbus packets that can give me some guidance?

thanks!

I use this (http://www.minsk555.narod.ru/canhacker.htm)

I want to learn some about canbus on can vehicles. I like to learn by doing. It's the only way to learn!

Does anyone know a good hardware/software combo to start out with that is affordable? Most devices I have found are crazy expensive.

I know the elm327 devices are supposed to work decent, but not sure if there is any software that actually sniffs the canbus packets and will let you send your own commands?

Also, I see this device CAN BUS Analyzer Tool (http://www.microchip.com/stellent/idcplg?IdcService=SS_GET_PAGE&nodeId=1406&dDocName=en546534)

It looks interesting.

Anyone else sniffing/monitoring/analyzing canbus packets that can give me some guidance?

thanks!

i bought that tool, looked good but never got it working....

i use Canhacker software with Peak Canusb interface, works very good !

This is a good product, I have only had it a few weeks and still haven't had as much time to play with it as I would like, but so far it is looking promising. http://www.elrasoft.com/uucan.htm

I feel sure that coming from the company that produces UPA-USB that they will respond favourably to feedback and requests for features.

Download a copy of the demo software and you can see all the features.

What do you know about CAN, networking and the likes?

This is a good product, I have only had it a few weeks and still haven't had as much time to play with it as I would like, but so far it is looking promising. ELRASOFT Products (http://www.elrasoft.com/uucan.htm)

I feel sure that coming from the company that produces UPA-USB that they will respond favourably to feedback and requests for features.

Download a copy of the demo software and you can see all the features.

What do you know about CAN, networking and the likes?

Well I am learning, and don't know much right now. Without a device I can't really learn much. I've looked at the elrasoft device before and almost pulled the trigger.

I want to learn about communicating with devices on the high speed can network. If you haven't seen this already, have a look!!

http://images.thetruthaboutcars.com/2010/05/cars-oakland2010.pdf

Of course my intentions are peaceful!

i bought that tool, looked good but never got it working....

i use Canhacker software with Peak Canusb interface, works very good !
I'm using CanHacker software with some CAN-USB translator as well.... Haven't get deep enough to understand what means what. As for game it's good for me. May be in one day it will get clear for me. At least hope so.

Of course my intentions are peaceful!

Cool. Me too, its a long enough haul trying to work out what does what for diagnostic reasons, working through all the security would seem it could take forever.

If someone works out how to communicate with a bluetooth enabled radio for example and send CAN packets all manner of things could happen, maybe that is when in-car security of the CAN network will be tested.

I wonder how many cars have a wake-on-CAN controller that can be activated by a remote source? imagine the potential consequences of something like that.

The scary thing is that I am not aware of any car based CAN network that blocks messages from unknown CAN devices by default.

The scary thing is that I am not aware of any car based CAN network that blocks messages from unknown CAN devices by default.
Because of the way the (identifier of) message on the can-bus is defined, that is never going to happen. There's only an identifier for the data in the message, not for which device has send it.
Furthermore, because of the way how the priority and collision detection has been designed, it's not even possible to stop a message, because the decision to give it exclusive rights to the bus is made before the full identifier is known.

Warwick Control Technologies - Products : X-Analyser for CAN and LIN (http://www.warwickcontrol.com/products/analyzer/x-analyser-for-can-and-lin/)

Because of the way the (identifier of) message on the can-bus is defined, that is never going to happen. There's only an identifier for the data in the message, not for which device has send it.
Furthermore, because of the way how the priority and collision detection has been designed, it's not even possible to stop a message, because the decision to give it exclusive rights to the bus is made before the full identifier is known.

Sorry, maybe I wasnt being clear with what I said, there is a big diference between the data that travels the network and what a control unit will accept and from where.

It should be possible to reject a command if its from an unrecognised source.

It should be possible to reject a command if its from an unrecognised source.
How do you suggest that should be done, as the source address is not include in the message.

How do you suggest that should be done, as the source address is not include in the message.

By what is commonly referred to as Challenge and Response, in a nutshell for security reasons it is common for certain controllers to use seeds and keys to allow authorisation for certain functions within the control unit.

As you are probably aware each unit on the CAN network has certain functions that allow one unit to request another to perform a particular function, seeds and keys are passed between the units to confirm that they have the necessary authority to request the function.

A good example of this requirement is used on some Vauxhall Vectra's around 2004, where most of the control units have to be programmed with the security seed, I have seen situations where a faulty door control module prevents the car starting.

It all depends on what you call an "unrecognized source".
Adam Opel A.G. probably calls Op-com (Vaux-com) an unrecognized source. The user's have no problem with it.
Seed and key or pin-numbers may protect some functions a little bit. It only takes a bit longer to crack, that's all.

My point exactly.

There are as I am sure you are aware a number of "rules" built into the CAN specification that allow for reasonable security to obtained, where necessary over the CAN network. It will be interesting to see how much has actually been implemented by the manufacturers.

If as has been proven they have not even prevented ECU programming when a vehicle is moving, which the specifications strictly forbid, what else has been left out or holes left open.

Clearly the specifications are open to interpretation and proprietary standards have been developed by some, which in some ways circumvent some of the safeguards, so looks like it is the usual free-for-all where the manufacturers do as they like regardless.

There are as I am sure you are aware a number of "rules" built into the CAN specification that allow for reasonable security to obtained, where necessary over the CAN network.
Which rules are you referring to? SAE J2534 perhaps?

Which rules are you referring to? SAE J2534 perhaps?

There are many, a good place to start is

"edit" Link removed, I placed an incorrect link here, silly mistake, The document I intended to link to has been removed, I will update when I find the info again "edit"

It is only a starting point though, it then splits off into all manner of "standards" that are all open to interpretation and many allow OEM specific functions to be added also.

I doubt if I will find any rules in ISO 11898. That only defines the data link and the physical wires.
So, which rules are you referring to? Maybe quote them and list the source?

I doubt if I will find any rules in ISO 11898. That only defines the data link and the physical wires.
So, which rules are you referring to? Maybe quote them and list the source?

Sorry, you are correct as usual :top: I linked to totally the wrong document, my mistake, I will resolve this ASAP.

This is a good product, I have only had it a few weeks and still haven't had as much time to play with it as I would like, but so far it is looking promising. ELRASOFT Products (http://www.elrasoft.com/uucan.htm)

I feel sure that coming from the company that produces UPA-USB that they will respond favourably to feedback and requests for features.

Download a copy of the demo software and you can see all the features.

What do you know about CAN, networking and the likes?

Hey man, have you had a chance to play with this yet? I think I am going to order it.

So it is impossible to order from Elrasoft ... I have an Amex business that I charge between $5000-$10000 in parts a month, and it was rejected. I then tried paypal, which I use at least 15 times a month, and the payment wouldn't go through. I called Paypal, and they claim it is their auto-security system, and nothing can be done to override it. I yelled at the lady for 10 minutes, and her answer was sorry can't do anything about it ... So frustrating ... no wonder people just buy Elrasoft clones! I've sent thousands of dollars of payments using paypal to shady companies in China with no problems.