There are always better ways.... I'm up to reverse engineer some CAN-BUS signals. Before I start, I'd like to discuss with guys who done this before and are willing to share their methodology.
I'm interested in Hardware and Software used to achieve the goals of identifying CAN signals.
Any one with experience?
Thanks!
PD: it would be nice to have the tag 'reverse engineer' on this site :-)
While this might be a great question for the reverse engineering site that's in beta, I'll give you my take.
1) They make an ODB II <==> UART hardware interface, that will give you serial access to your CAN signals. You can effectively read and write signals to the bus.
2) There are boards like Freescale's SABRE Automotive Infotainment, which is a single board computer that has a CAN chip on-board. This board will run linux and is heavily supported by the community.
1) I'll address the linux software. A mainstream option for linux and CAN is SocketCAN. SocketCAN uses the OS Network Stack for communicating with the CAN bus. This is attractive for several reasons, for me the fact that multiple user space applications can read/write to the bus (just like the TCP/IP protocol). I found the kernel documentation extremely helpful.
There is test software called cantest and candump that will show what's being picked up on the bus, your best chance for reverse engineering the signals is to play around with certain functions of the car and look for repeating signals, such as pressing the the hvac button (for example) and looking for repeating signals on the bus. Diagnostic codes should be googlable or present in the repair manual possibly so that's easy enough.
