MS3 CAN Gateway

Testing and development of Megasquirt 3

Moderators: jsmcortina, muythaibxr

bytesandbolts
Helpful MS/Extra'er
Posts: 58
Joined: Thu Oct 18, 2012 5:50 am
Location: London, UK
Contact:

Re: MS3 CAN Gateway

Post by bytesandbolts »

jsmcortina wrote:I can't think of any situation that could cause that. Even permanently changing settings by accident is unlikely as you would need to send a 'burn' command.
By introducing an a node into the CAN that also has Internet access (RPi with 4G dongle), there is potential for the device to become compromised and an attacker would have access to the CAN bus.
I built a dash for my MS3 using a RPi a few months ago and now wish to connect it to the Internet to add additional functionality. Before I do this I wanted to verify any MS3 specific implications, and it looks like there are some. Therefor in my opinion a gateway is necessary at this point in time.

v1.5 might change this requirement in the future though perhaps if we are able to configure a broadcasting only function.
MS3X powered 1974 Mk1 Escort Turbo
bytesandbolts
Helpful MS/Extra'er
Posts: 58
Joined: Thu Oct 18, 2012 5:50 am
Location: London, UK
Contact:

Re: MS3 CAN Gateway

Post by bytesandbolts »

MWPau wrote:
jsmcortina wrote:Maybe also add a switch to disable the MS CAN message format?
So turning it off would disable all table set/fetch related CAN commands, but keep enabled generic CAN receiving and broadcasting.
Excellent idea!
MS3X powered 1974 Mk1 Escort Turbo
jsmcortina
Site Admin
Posts: 39585
Joined: Mon May 03, 2004 1:34 am
Location: Birmingham, UK
Contact:

Re: MS3 CAN Gateway

Post by jsmcortina »

bytesandbolts wrote:v1.5 might change this requirement in the future though perhaps if we are able to configure a broadcasting only function.
That's there now for 11bit CAN (i.e. you disable the 29bit altogether.)

With the 29bit "Megasquirt-CAN" there is no such thing as a broadcast, because the system is a proprietary "send and reply" protocol built on top of CAN. The responses are handled in close to a direct write to memory - this is resource efficient but risky.

James
I can repair or upgrade Megasquirts in UK. http://www.jamesmurrayengineering.co.uk

My Success story: http://www.msextra.com/forums/viewtopic ... 04&t=34277
MSEXTRA documentation at: http://www.msextra.com/doc/index.html
New users, please read the "Forum Help Page".
bytesandbolts
Helpful MS/Extra'er
Posts: 58
Joined: Thu Oct 18, 2012 5:50 am
Location: London, UK
Contact:

Re: MS3 CAN Gateway

Post by bytesandbolts »

jsmcortina wrote:That's there now for 11bit CAN (i.e. you disable the 29bit altogether.)
Ah right that relates to my initial question.

Am I correct when I say there isn't anything else not mentioned or documented that utilises CAN communication, other than what I manually enable which in this case would be 11bit broadcasting only.
Given the above, at no point under any typical use case would I expect to see my MS3 CAN interface (with only broadcasting enabled) request or respond to any other traffic.
Last edited by bytesandbolts on Fri Nov 25, 2016 4:38 am, edited 1 time in total.
MS3X powered 1974 Mk1 Escort Turbo
jsmcortina
Site Admin
Posts: 39585
Joined: Mon May 03, 2004 1:34 am
Location: Birmingham, UK
Contact:

Re: MS3 CAN Gateway

Post by jsmcortina »

Unless you actively disable 29bit CAN, it will be enabled and could receive "dangerous" packets.

The 11bit CAN implementation is safer as it only listens and acts on a specific set of packets and only when you have "CAN Receiving" enabled.

James
I can repair or upgrade Megasquirts in UK. http://www.jamesmurrayengineering.co.uk

My Success story: http://www.msextra.com/forums/viewtopic ... 04&t=34277
MSEXTRA documentation at: http://www.msextra.com/doc/index.html
New users, please read the "Forum Help Page".
bytesandbolts
Helpful MS/Extra'er
Posts: 58
Joined: Thu Oct 18, 2012 5:50 am
Location: London, UK
Contact:

Re: MS3 CAN Gateway

Post by bytesandbolts »

jsmcortina wrote:Unless you actively disable 29bit CAN, it will be enabled and could receive "dangerous" packets.

The 11bit CAN implementation is safer as it only listens and acts on a specific set of packets and only when you have "CAN Receiving" enabled.

James
Okay so in that case for my system design, if running < v1.5 I would need a CAN gateway as I can't disable the 29Bit CAN interface. If running >= v1.5 a gateway would might not be needed as the 29Bit/11Bit CAN interface/requests can be disabled.

Think that sums up my situation well.
MS3X powered 1974 Mk1 Escort Turbo
jsmcortina
Site Admin
Posts: 39585
Joined: Mon May 03, 2004 1:34 am
Location: Birmingham, UK
Contact:

Re: MS3 CAN Gateway

Post by jsmcortina »

pre-1.5 is ready to alpha test.

James
I can repair or upgrade Megasquirts in UK. http://www.jamesmurrayengineering.co.uk

My Success story: http://www.msextra.com/forums/viewtopic ... 04&t=34277
MSEXTRA documentation at: http://www.msextra.com/doc/index.html
New users, please read the "Forum Help Page".
bytesandbolts
Helpful MS/Extra'er
Posts: 58
Joined: Thu Oct 18, 2012 5:50 am
Location: London, UK
Contact:

Re: MS3 CAN Gateway

Post by bytesandbolts »

jsmcortina wrote:pre-1.5 is ready to alpha test.
Thanks I will test when I get the chance
MS3X powered 1974 Mk1 Escort Turbo
Post Reply