The CAN bus, accessible through the OBD-II port, is the channel that holds all the secrets of the modern automobile. If you want to display those for your own perusal, you might consider this nifty tool from [EQMOD].
Yes, it’s an OBD-II dongle that you can build using an ESP32 WROVER module. It’s designed to read a car’s CAN bus communications and display them on a self-hosted web page, accessible over WiFi. The build relies on the dual-core nature of the ESP32, with the first core handling CAN bus duties via the SN65HVD230 CAN bus transceiver chip. The second core is responsible for hosting the web page. Data received via the CAN bus is pushed to the web user interface roughly every 60 to 100 milliseconds or so for information like RPM and speed. Less time-critical data, like temperatures and voltages, are updated every second.
It’s a neat little thing, and unlike a lot of dongles you might buy online, you don’t need to install some dodgy phone app to use it. You can just look at the ESP32’s web page for the data you seek. The graphics may be a little garish, but they do the job of telling you what’s going on inside your car. Plus, you can always update them yourself.
Getting to grips with the CAN bus is key if you want to diagnose or modify modern vehicles. Meanwhile, if you’ve been cooking up your own electronic vehicular hacks, don’t hesitate to drop us a line!
As I’ve discovered recently, not all cars with CAN bus expose it over the OBD-II port. My 2024 only leaks a couple of frames when the car starts, then it’s silent, but it can be accessed through a couple of points in the wiring harness, like for the stereo.
Some cars separate the ODB port from the engine ECU bus, and there may be more separate busses in a vehicle.
Also, modern cars are increasingly adopting CAN-FD, which, as far as I know, the ESP32 is not capable off.
No the esp32 onboard can controller only supports classic can, but you can easily add can fd support with a cheap simple mcp2515 over spi and have a multi channel can setup with can fd support
The MCP2515 also can’t do CAN-FD. You’d need an MCP2518FD, but its SPI protocol is very inefficient.
Right, there is a gateway module in between the main networks and the OBD port on all modern cars. You can get data out of it but you have to know how to request it and on very new cars they make that hard to do while the car is moving. Also many companies use more than one channel of CAN (or other protocols) on the OBD port, for example Ford adds pins 3,11.
Newer cars don’t broadcast as much as older ones on the OBD2 port. There is simply not enough bus capacity as they’re already too busy transmitting it to Google, Meta, X, OpenAI, ChatGPT, the FBI, the CIA, the NSA, the IRS, the Mormons and some deep state Psy-Ops team in Connecticut run by a bloke named Brian.
You forgot a three letter agency: WEF. Who else is going to implement carbon taxes for us, carbon credits for the rich if not this merry band of do-gooders?
Hahahahahh very well said
Newer cars don’t broadcast as much as older ones on the OBD2 port. But everything is there you just need to send requests to get responses instead of just listening in to broadcasts with the data.
Looks the same as cansee (of canzee fame) to me?
Yeah, and Macchina has one called A0. There are a bunch these.
Volkswagen cars do not follow a standard protocol for this, FYI. Reading from the CAN bus is pain upon pain.
I had an older Passat and remember needing the special VAG adapter for the OBD2 port and special software to change any settings. I doubt they’ve made it any easier.
“OBD” per definition only features some emission-relevant data, and only read only. Everything else is always more or less vehicle-specific and just uses the OBD-connector for talking to the car (but isn’t “OBD”).
It’s not like Volkswagen cares much about emissions anyways, as we found out :p
I would consider VW/Audi in the special case category. If you have used Ross Tech VCDS interfaces and software then you would know what I mean. There is great potential for permanent damage with this software. It’s possible and recommended to download the entire configuration for a particular car before making changes and SAVE IT so you can return the vehicle to its ‘original’ operating condition. Quickly, the software is set up with two sides, left and right. IIRC, the left side panel can retrieve diagnostic information and won’t do any damage but the right side panels can permanently change configurations, for good or bad. Even the dealerships use VCDS over their own factory stuff.
Neat but the UI is a bit bloated with all this JQuery + bitmaps. On this target (ESP32) I usually go for Svelte + SVG , SCSS, Canvas for the frontend. No bitmaps, all vectors, and a very sleek and fast bundle that weights well below 1MB. No SD needed.
Totally right
Do you have a link for an example?
My advice whenever someone wants to add a wireless interface to a CAN bus is to at least make sure it is read-only. You can do a lot of weird stuff to a car accidentally, and CAN buses in general are pretty sensitive to interference, sonyou might just mess it up by accident.
I don’t know if there are protocol chips that make this guarantee in hardware (e.g. by holding a pin low), but you should be able to add circuitry to the pins to prevent the device from pulling the bus low.
The thing to avoid would be a software-only solution like “the software never sends frames, only reads them” because this can be reconfigured by someone who can exploit the firmware through the wireless interface
Some discussion about it here:
https://electronics.stackexchange.com/questions/655734/hardware-solution-to-guarantee-read-only-access-on-a-can-bus
There is also an inductive coupling adapter called a CAN Crocodile which has the secondary benefit of letting you get onto the bus other than at the OBD port.
https://jv-technoton.com/products/contactless-readers/cancrocodile/
Most all of that is good advice, however, and unfortunately, at this time there is no such thing as CANbus security to save us from ourselves. This is the reason for easy auto thefts and manufacturer data that’s mostly hidden from the rank and file unless you pay for it. This also makes your recommendations good, but limited. As far as a ‘no send’ approach, you can’t get anything sent to the ‘aftermarket’ hardware without sending a request for it, and that’s assuming the manufacturer allows it or you can get through the gateways. Sure, some stuff shows up normally but a lot of it is held for ransom. A limited set of commands would be in order with special access granted for ‘dangerous’ commands, and we don’t really know what those are without a lot of sniffing and decoding. While you may be able to monitor the traffic that occurs when any or all modules are activated you would still need a factory tool to safely trap a full complement of commands.
Don’t forget about the TJA115x transceiver, although I believe it’s main use is in commercial vehicle applications.
Can’t find much in the way of detailed datasheet for those and what I do find needs some explanation, for me at least. It still appears that if the bus can be monitored with a simple logic analyzer while a legitimate access is in progress then maybe the ID token can be found. Would these transceivers be used in a general access systemwide by manufacturer, or model specific, maybe vehicle/VIN specific, gateway specific or an ID token for each module/transceiver? Interesting. Maybe the factory mechanic will provide a registered retinal scan at the request of the factory diagnostic equipment to be able to access the vehicle!!
Discussions about securing the CAN bus with encryption are absolutely irrelevant. A car is not a server in a data center, secured by walls, perimeter fence, armed guards and other near military-grade measures.
A car stands alone 24hours per day in the public space. Those not locked in private garage can be attacked. Those in a private garage can also be attacked if the bounty is high enough.
Security is a hindrance not a deterrent.
As a wanton criminal, I’ll just override any measures you think-up with a higher priority non-encrypted CANBUS message. Or if it’s financially fortuitous, I’ll simply rip out the ECU and replace it with a hacked one. Who’s going to stop me? Nobody. I have all the time in the world.
The solution to this is crime prevention. Steal a car in Saudi Arabia, you’ll have problems pressing the key fob. With no hands.
Catch the criminals, who are doing it, give them a shovel and have them build their own prisons. Repeat offenders, will need to dig deeper. Just like Nicky Santoro.
Enforce the law.
DZ, all true, but you’re assuming that the ultimate safety of the vehicle (not occupants) is the main goal. It’s not. My opinion is that the manufacturers don’t give a hoot about whether your vehicle stays where you last left it. The ultimate goal, the way I see it having dealt with some of it over the last 30+ years, is for the manufacturers to lock out whomever they like. OBD is legislated into giving access for emission monitoring and diagnostics so everyone and their brother has access. But the rest of the systems and modules are many and those have nothing to do with legislated emission access. So what’s the holdup? As Magnus stated down below, they are slow. Slow to figure out how they can hide behind a gateway, allow factory/dealer access and shut out the riff-raff. Case in point, and sorry for the verbosity, but my 2016 Ford Explorer needed a new electric steering rack. I could buy one for $1600 and install it myself EXCEPT that once it’s in, it needs to be programmed in with a factory or factory like tool, with Ford’s software (free) with a log in subscription to Ford’s server ($$). Total cost over doubled. So, you tell me, is the issue a concern for theft or securing factory access only service and maintenance?
Couldn’t agree more. Automotive companies make little money on the sale of vehicles. Leasing + Financing, Extras, After Sales, Extended Warranties, Replacement Parts, Insurance. That’s where they make they money.
I refuse to buy a new vehicle at the moment because of the electric car “green energy” nonsense. I like the motors, but the infrastructure can’t match my Diesel. I can travel 1,100 km / 750 (mi) on a tank. I can refuel in 5 minutes and drive another 1,100 km. Runs like clockwork. Since they want to ban combustion engines, no point in buying a new one. Keep the old one. It works fine. Saves me money.
If you buy a new car, the benefits are sadly missing. Fuel economy is no longer a big jump any more. I now get between 5L/100km (47mpg) and 9L/100km (26mpg) on a tank. Newer vehicles may be able to reduce that (if you believe their marketing hype) but I doubt it. It used to make sense to replace older cars for this reason alone, but the cost benefit is no longer there. On a new RV, they’ll turn the alternator off to meet emission targets. You arrive and you’re batteries dead.
Then you have the privacy aspect. I don’t want my car sending data to anyone. Sooner or later, they’ll send the data straight to the police when you exceed the speed limit even just a little. Or straight to the bank. Not going to happen with me. They can keep it.
Furthermore, they’ve begun with subscription services. So your heated seating or A/C will not operate without a monthly subscription. BMW and others already doing this. I’m not buying into this.
Then there is the oil change. I remember as a kid, my dad would do the oil change. Quality oil and a filter. New oil drain plug. Easy.
Nowadays, they have all this synthetic crap and they want $150 for a few liters. It’s a rip-off. I have a number of cars and when my car needs to be checked, the garage always wants to replace everything because the manual says so.
Oil that’s been in the ground millions of years suddenly goes off after 2 years being in an engine sump after 5,000km (3,000 mi). Nope. It stays in.
Automotive companies just wanna have fun fun! Automotive companies just wanna have fun!
And Don’t get me going on those motorized car boot actuators! Pet hate!
DZ, we’re on the same page. I drive older cars and trucks and haven’t purchased a new vehicle since my 1970 Fiat 850 Coupe for $1700. I wish I still had the thing. As a longtime Master Tech and certificated Engine Machinist it pained me greatly to take the Explorer to the dealer for repair. My vehicles are 30+ years old including a 1962 Ford Ranchero. The Explorer belongs to the wife. Sorry, folks, for some non-CANbus discussion.
Most of the OEM are adapting the EE architectures to adopt new cibersecurity regulation. Forget about CAN exposed in the OBD connector anymore.
The car industry isn’t known to change very fast though 😅 There has been talk about encrypting the buses for… well how many years/decades? Of course it’s coming. But man they are slow 😁
I have 2 cars, one with a 2001 motor and a $10 Bluetooth OBD reader coupled with Torque (great app, certainly not “dodgy”) allows me to read everything.
The other motor is from the 1970’s and only requires functional human ears to diagnose a problem.
Keep life simple. Love it! Complexity only benefits other. Just because you can, does not mean you should.
Add an stm32 and cpld or fpga
Have a can bus and ecu flasher via Bluetooth run different engine tunings from my phone
Tune to push torque when hauling shit. Then right after that get on my phone and tune it to haul ass and not eat gas
Try driving a v6 or v8 as a daily.
Even the cheap no-name bluetooth OBD dongle I got years ago works with the popular non-sketchy OBD apps, e.g. “Torque” for general purposes or “AlfaOBD” and other manufacturer-specific apps for deeper control. There’s some open source options too that can do what a handy owner wants to do – read some data or a code, or reset a code once you’ve fixed something. Sometimes you need adapters to dodge the security gateways and access the right bus to talk too a particular module. Not to say a thing against this, but the little bluetooth dongles can actually do a better job than implied.
I still use “Torque” & my cheapo $12 Amazon dongle to diagnose all 3 of my vehicles. Just replaced a fuel pressure sensor on my 2010 Ford Crown Victoria that was running funny.