DIY Flash programming stock EFI
4th Gear
Joined: Jun 2017
Posts: 8
Likes: 5
From: south africa
hi dude
i am really sad you never get to your end goal, but i would really like to work with you on some other subjects as you look like you have the skill. my approach to this is different. 1 method is frowned upon so i wont discuss it here. the other method is i actually reverse the actual firmware of the ECM to extract the seed/key algorithm. this is the first time i am touching harley but have worked on many new vehicles immobilizer, dashboard and ecu algorithms from the oldest to the last across all makes and models. besides the ecm i am after the BCM algorithms as well. did you ever open any BCM to see what processor is inside ?
i am really sad you never get to your end goal, but i would really like to work with you on some other subjects as you look like you have the skill. my approach to this is different. 1 method is frowned upon so i wont discuss it here. the other method is i actually reverse the actual firmware of the ECM to extract the seed/key algorithm. this is the first time i am touching harley but have worked on many new vehicles immobilizer, dashboard and ecu algorithms from the oldest to the last across all makes and models. besides the ecm i am after the BCM algorithms as well. did you ever open any BCM to see what processor is inside ?
4th Gear
Joined: Jun 2017
Posts: 8
Likes: 5
From: south africa
well obviously from the responses I can gather you not very technical and jumping to conclusions, but the frowned upon of which i dont want to discuss is not because its illegal, but because many engineers have a different opinion on it and it opens up a whole different debate.
so for the sake of clarity and so that you may educate yourselves on the subject its to do with logging and analyzing of an application or software which already supports the function.
in any event while you wasted your time actually jumping to conclusions, and for those really interested in an update on how i made progress. i managed to dump the proc 9s12 of the ecu and found the routines which allow me to calculate the seed/key algorithm for flashing the ecu. i would appreciate if anyone can offer some seednkey pairs and also just seeds, so that i can calc the key and give it to you to confirm if my calculations are correct. it seems the algo is for CAN and not VPW.
in the meantime i am looking into the chksumm algorithms.
so for the sake of clarity and so that you may educate yourselves on the subject its to do with logging and analyzing of an application or software which already supports the function.
in any event while you wasted your time actually jumping to conclusions, and for those really interested in an update on how i made progress. i managed to dump the proc 9s12 of the ecu and found the routines which allow me to calculate the seed/key algorithm for flashing the ecu. i would appreciate if anyone can offer some seednkey pairs and also just seeds, so that i can calc the key and give it to you to confirm if my calculations are correct. it seems the algo is for CAN and not VPW.
in the meantime i am looking into the chksumm algorithms.
Road Warrior
Joined: Jun 2015
Posts: 1,325
Likes: 140
From: Edinburgh UK
Hacking crypto, reverse engineering MCU firmware, and flashing the ECU is not, for the sake of clarity, logging ...and yes, CAN is not the same as J1850 
Last edited by Gordon61; Jun 21, 2017 at 03:21 AM.
Thread Starter
|
Novice
Joined: Jun 2010
Posts: 17
Likes: 6
From: Trempealeau, WI
hi dude
i am really sad you never get to your end goal, but i would really like to work with you on some other subjects as you look like you have the skill. my approach to this is different. 1 method is frowned upon so i wont discuss it here. the other method is i actually reverse the actual firmware of the ECM to extract the seed/key algorithm. this is the first time i am touching harley but have worked on many new vehicles immobilizer, dashboard and ecu algorithms from the oldest to the last across all makes and models. besides the ecm i am after the BCM algorithms as well. did you ever open any BCM to see what processor is inside ?
i am really sad you never get to your end goal, but i would really like to work with you on some other subjects as you look like you have the skill. my approach to this is different. 1 method is frowned upon so i wont discuss it here. the other method is i actually reverse the actual firmware of the ECM to extract the seed/key algorithm. this is the first time i am touching harley but have worked on many new vehicles immobilizer, dashboard and ecu algorithms from the oldest to the last across all makes and models. besides the ecm i am after the BCM algorithms as well. did you ever open any BCM to see what processor is inside ?
I looked for clues to where the algorithm code was, but had now luck reverse engineering it. I knew where the seed and key were stored, as they were easy to find in the hex file. I then looked for areas that accesses those memory locations, still no luck.
Thread Starter
|
Novice
Joined: Jun 2010
Posts: 17
Likes: 6
From: Trempealeau, WI
You can remove a bolt and replace it with something better, why is software/firmware any different.
Yes, if you hack the code and develop a product from it, and capitalize on the work of others, then it's theft.
But if you're only modifying your bike, which you own, it's not theft.
my opinion....for what it's worth.
When you had a bike with a carburetor, and you put on bigger exhaust, for example, you had to put new jets in your carburetor, right? the jets cost you a little bit of money, and you probably had the to tools to put them in for not a lot of money.
the tune data in the ECM is no different than the jets in your carburetor. They affect how much fuel you engine gets. However, you have to buy very expensive tools to make the change! It should be affordable, just like changing jets!
Last edited by redbeard_trucks; Jun 21, 2017 at 02:32 PM.
Road Master
Joined: Sep 2013
Posts: 1,185
Likes: 248
From: Sterling IL.
Once you own the bike, you own everything in it.
You can remove a bolt and replace it with something better, why is software/firmware any different.
Yes, if you hack the code and develop a product from it, and capitalize on the work of others, then it's theft.
But if you're only modifying your bike, which you own, it's not theft.
my opinion....for what it's worth.
When you had a bike with a carburetor, and you put on bigger exhaust, for example, you had to put new jets in your carburetor, right? the jets cost you a little bit of money, and you probably had the to tools to put them in for not a lot of money.
the tune data in the ECM is no different than the jets in your carburetor. They affect how much fuel you engine gets. However, you have to buy very expensive tools to make the change! It should be affordable, just like changing jets!
You can remove a bolt and replace it with something better, why is software/firmware any different.
Yes, if you hack the code and develop a product from it, and capitalize on the work of others, then it's theft.
But if you're only modifying your bike, which you own, it's not theft.
my opinion....for what it's worth.
When you had a bike with a carburetor, and you put on bigger exhaust, for example, you had to put new jets in your carburetor, right? the jets cost you a little bit of money, and you probably had the to tools to put them in for not a lot of money.
the tune data in the ECM is no different than the jets in your carburetor. They affect how much fuel you engine gets. However, you have to buy very expensive tools to make the change! It should be affordable, just like changing jets!
HD Forum Stories
The Best of Harley-Davidson for Lifelong Riders
7 Surprising Harley-Davidson Products that Are Not Motorcycles
Verdad Gallardo
8 Best Harley-Davidson Motorcycles Ever
Pouria Savadkouei
10 Worst Harley-Davidson Motorcycles Ever
Pouria Savadkouei
Killer Custom's Jail Break Is The Breakout That Refused to Blend In
Verdad Gallardo
Crazy Bunderbike Build Looks Amazing, But Is It Impossible to Ride?
Verdad Gallardo
Harley-Davidson Reveals Super Cool Cafe Racer Concept
Verdad Gallardo
Engraved Rebellion: Inside Bundnerbike's Glam Rock II
Verdad Gallardo
10 Motorcycles You Should Never Buy
Joe Kucinski
10 Things Harley-Davidson Needs to Fix in 2026
Verdad Gallardo
1st Gear
Joined: Jul 2017
Posts: 5
Likes: 0
From: Canada, Quebec
Hi guys, there's already some tool available to ''read/write'' Harley ECM since they came out. I'm the owner of a car/truck chiptuning companie since 10+ years now (MRTuning in quebec) and then I just started to look into providing tune for Harley, and my actual tool that I use for car do have the protocol to read/write Harley ECM. This is Alientech Kess V2, there is other tool but these are the one I use, the problem is that it's 6000$usd for the tool and car/bike protocol, so it's not worth it for DIY'erI guess.
I do also have a registered software to edit ECM file that is another 3000$, and what I'm looking for is to find documentation on ''harley'' specific file, they are called ''Damos, A2l,etc.. file) having the .bin file is ok, having the software to edit the file is ok, but to have map definition, factor & ofset of each map and their axis is another story, without this, you can't do much, as an example, If we need to increase the RPM cut off to 6000rpm, the value to search in the file maybee something like 58962 in hexadecimal, and we also need to know where it's located in the file.
If someone have any info on this, it will be appreciated.
Just a tip, we all know that chinese are copying everything they can, so it's possible for a DIY'er to find a cheap clone of what it's needed to read write harley ECM.
I do also have a registered software to edit ECM file that is another 3000$, and what I'm looking for is to find documentation on ''harley'' specific file, they are called ''Damos, A2l,etc.. file) having the .bin file is ok, having the software to edit the file is ok, but to have map definition, factor & ofset of each map and their axis is another story, without this, you can't do much, as an example, If we need to increase the RPM cut off to 6000rpm, the value to search in the file maybee something like 58962 in hexadecimal, and we also need to know where it's located in the file.
If someone have any info on this, it will be appreciated.
Just a tip, we all know that chinese are copying everything they can, so it's possible for a DIY'er to find a cheap clone of what it's needed to read write harley ECM.