Bosch Starter Motor Freed From Mercedes Prison

Vehicle alternators are interesting beasts. Produced on a massive scale, these electric machines are available for a minimum of cost and contain all kinds of great parts: some power electronics and a belt-driven generator are generally standard fare. This generator can also be used as a motor with only minor changes to the machine as a whole, so thanks to economies of scale it’s possible to get readily-available, powerful, compact, and cheap motors for all kinds of projects using alternators as a starting point. [LeoDJ] noticed that this starter motor in a modern Mercedes had some interesting benefits beyond all of these perks, but it took a bit more work to get up and running than a typical alternator would have.

The motor, built by Bosch, can be found in the Mercedes E200 EQ Boost. This is a hybrid car, but different than something like a Prius in that it doesn’t have an electric motor capable of powering the car on its own. Instead it uses a combination starter motor/alternator/generator to provide extra power to the engine during acceleration, increasing efficiency and performance. It can also charge the small battery bank when the car slows down. Vehicles that use this system need much beefier alternators than a standard car, but liberating it from the car means that it has much more power available than a typical alternator would.

There were a number of issues to solve, though. Being that the motor/alternator has to do all of this extra work (and that it came out of a car whose brand is known for being tedious to work on in the first place) it is much more complicated than an off-the-shelf alternator. [LeoDJ] has been able to get his to spin by communicating with it over the CAN bus, but there’s still some work to be done before it goes into something like an impressively fast electric bicycle.

Thanks to [RoganDawes] for the tip!

Game boy with custom cartridge mounted on car dashboard

A Game Boy Speedometer, Just Because You Can

From a practical standpoint, [John] may be correct that his recent creation is the “world’s worst digital dash”, but we’re still oddly enamored with the idea of using a Nintendo Game Boy as a digital speedometer. Pulling it off meant interfacing the handheld with the vehicle’s CAN bus system, so whether you’re into retro gaming or car hacking, this project has something to offer.

Showing real-time vehicle speed on the Game Boy sounds like it should be relatively easy, but the iconic game system wasn’t exactly built for such a task. Its 2 MHz CPU and 160×144 pixel dot-matrix screen were every kid’s dream in 1989, but using it as a car dashboard is pushing it. To bridge that gap, [John] designed two custom circuit boards. One interfaces with the Game Boy, intercepting its memory requests and feeding it data from a microcontroller. The other processes the CAN bus signals, translating speed information into a form the Game Boy can display. [John] used inexpensive tools and software to read the CAN bus data, and used GBDK-2020 to write the software in C. His video goes in great detail on how to do this.

Months of work have gone into decoding the Game Boy’s data bus and creating a schematic for the interface board. Tricking the Game Boy into thinking it was loading a game, while actually displaying incoming speed data. The screen’s low resolution and slow refresh rate rendered it barely readable in a moving vehicle. But [John]’s goal wasn’t practicality — it was just proving it could be done.

Want to dive deep into the Game Boy?  Have you seen the Ultimate Game Boy talk?

Continue reading “A Game Boy Speedometer, Just Because You Can”

PCB Design Review: Tinysparrow, A Module For CAN Hacking Needs

I enjoy seeing modules that can make designing other devices easier, and when I did a call for design reviews, [enp6s0] has submitted one such board to us. It’s a module called TinySparrow (GitHub), that helps you build your own vehicle ECUs and any other CAN-enabled things. With a microcontroller, plenty of GPIOs, a linear regulator and a CAN transceiver already onboard, this board has more than enough kick for anyone in hobbyist-range automotive space – and it’s surprisingly tiny!

You could build a lot of things around this module – a CAN bus analyzer or sniffer, a custom peripheral for car dashes, or even a full-blown ECU. You can even design any hardware for a robot or a piece of industrial technology that uses CAN for its backbone – we’ve all seen a few of those! It’s a great board, but it uses six layers. We’ll see if we can do something about that here.

Modules like TinySparrow will make your PCBs cheaper while ordering, too! Thanks to the carefully routed microcontroller and the CAN transmitter, whatever board you design around this chip definitely wouldn’t need six layers like this one does – and, unlike designing your own board, you can use someone’s well-tested and tailored libraries and reference circuits!

With TinySparrow, you save a lot of time, effort and money whenever you want to design a car or industrial accessory. After looking at the board files, my proposal for helping today’s board is – like last time – to make its production cheaper, so that more people can get this board into their hands if the creator ever does try and manufacture it. I also have some tips to make future improvements on this design easier, and make it more friendly for its userbase.

Continue reading “PCB Design Review: Tinysparrow, A Module For CAN Hacking Needs”

A Dashboard Outside The Car

One of the biggest upsides of open communications standards such as CAN or SPI is that a whole world of vehicle hacking becomes available, from simple projects like adding sensors or computers to a car or even building a complete engine control unit from the ground up. The reverse is true as well; sensors and gauges using one of these protocols can be removed from a car and put to work in other projects. That’s the idea that [John] had when he set about using a vehicle’s dashboard as a information cluster for his home.

The core of the build is an Astra GTE dashboard cluster, removed from its host vehicle, and wired to an Arduino-compatible board, in this case an ESP32. The code that [John] wrote bit-bangs an SPI bus and after some probing is able to address all of the instrument gauges on the dashboard. For his own use at home, he’s also configured it to work with Home Assistant, where each of the gauges is configured to represent something his home automation system is monitoring using a bit mask to send data to specific dials.

While this specific gauge cluster has a lot of vehicle-specific instrumentation and needs a legend or good memory to tie into a home automation system without any other modification, plenty of vehicle gauges are more intuitive and as long as they have SPI they’d be perfect targets for builds that use this underlying software. This project takes a similar tack and repurposes a few analog voltmeters for home automation, adding a paper background to the meters to make them easier to read.

Continue reading “A Dashboard Outside The Car”

Unbricking Trains, Uncovering Shady Behavior

The first clue was that a number of locomotives started malfunctioning with exactly 1,000,000 km on the odometer. And when the company with the contract for servicing them couldn’t figure out why, they typed “Polish hackers” into a search engine, and found our heroes [Redford], [q3k], and [MrTick]. What follows is a story of industrial skullduggery, CAN bus sniffing, obscure reverse engineering, and heavy rolling stock, and a fantastically entertaining talk.

Cutting straight to the punchline, the manufacturer of the engines in question apparently also makes a lot of money on the service contracts, and included logic bombs in the firmware that would ensure that revenue stream while thwarting independent repair shops. They also included “cheat codes” that simply unlocked the conditions, which the Polish hackers uncovered as well. Perhaps the most blatant evidence of malfeasance, though, was that there were actually checks in some versions of the firmware that geofenced out the competitors’ repair shops.

We shouldn’t spoil too much more of the talk, and there’s active investigation and legal action pending, but the smoking guns are incredibly smoky. The theme of this year’s Chaos Communication Congress is “Unlocked”, and you couldn’t ask for a better demonstration of why it’s absolutely in the public interest that hackers gotta hack. Of course, [Daniel Lange] and [Felix Domke]’s reverse engineering of the VW Dieselgate ECU shenanigans, another all-time favorite, also comes to mind.

ESP32 Used As Wireless CAN Bus Reader

The CAN bus, accessible through the OBD-II port, is the channel that holds all the secrets of the modern automobile. If you want to display those for your own perusal, you might consider this nifty tool from [EQMOD].

Yes, it’s an OBD-II dongle that you can build using an ESP32 WROVER module. It’s designed to read a car’s CAN bus communications and display them on a self-hosted web page, accessible over WiFi. The build relies on the dual-core nature of the ESP32, with the first core handling CAN bus duties via the SN65HVD230 CAN bus transceiver chip. The second core is responsible for hosting the web page. Data received via the CAN bus is pushed to the web user interface roughly every 60 to 100 milliseconds or so for information like RPM and speed. Less time-critical data, like temperatures and voltages, are updated every second.

It’s a neat little thing, and unlike a lot of dongles you might buy online, you don’t need to install some dodgy phone app to use it. You can just look at the ESP32’s web page for the data you seek. The graphics may be a little garish, but they do the job of telling you what’s going on inside your car. Plus, you can always update them yourself.

Getting to grips with the CAN bus is key if you want to diagnose or modify modern vehicles. Meanwhile, if you’ve been cooking up your own electronic vehicular hacks, don’t hesitate to drop us a line!

Get MOST Into Your Pi

When looking the modify a passenger vehicle, the Controller Area Network (CAN) bus is a pretty easy target. In modern vehicles it has access to most of the on-board systems — everything from the climate control to the instrument cluster and often even the throttle, braking, and steering systems. With as versatile as the CAN bus is, though, it’s not the right tool for every job. There’s also the Media Oriented Systems Transport (MOST) bus which is increasingly found in automotive systems to handle multimedia such as streaming music to the stereo. To access that system you’ll need to approach it slightly differently as [Rhys] demonstrates.

[Rhys] has been working on replacing the dated head unit in his Jaguar, and began by investigating the CAN bus. He got almost everything working with replacement hardware except the stereo, which is where the MOST bus comes into play. It provides a much higher bandwidth than the CAN bus can accommodate but with almost no documentation it was difficult to interact with at first. With the help of a Raspberry Pi and a lot of testing he is able to get the stereo working again with a much more modern-looking touchscreen for control. It is also able to do things like change CDs in the car’s CD player, gather song information from the CD to display on the panel, and can perform other functions of the infotainment center.

For more detailed information on the MOST bus, [Rhys] also maintains a website where he puts his discoveries and other information he finds about this system. Unfortunately car stereo systems in modern vehicles can get pretty complicated these days, but adapting car stereos in older vehicles to modern technology carries some interesting challenges as well.

Continue reading “Get MOST Into Your Pi”