-1

I have an obsolete hardware level/pressure transmitter that communicate with mcu using custom protocol (it appear to be similar to modbus RTU), that hardware comes along with an old commissioning software that works perfectly fine under latest windows, that software contain all communication protocol components that I try to extract and use in something like Arduino to pull data out of transmitter, anyone can help out?

Update - Didn't mentioned above that form of communication here is half-duplex serial communication where master hardware/software query slave transmitter. Now mentioned to program Arduino mcu to pool data out of transmitter.

What best way of getting readable data out of it? Again many thanks for all your comments and help!

300B
  • 3
  • 3
  • 4
    You are interested in *reverse engineering* i.e. taking a thing apart to understand how it works. The easiest way to start is by looking at the protocol on an oscilloscope (or some other device that's electrically compatible with the protocol). Often it's simple enough: pressing button 1 sends this packet, pressing button 2 sends that packet, and then you can just copy the packets. – user253751 May 06 '22 at 14:51
  • An oscilloscope seems tp me much too low-level for this task (the OP apparently does not want to examine an internal bus, he seems interested in communication between a PC-Windows and the radar device). – bortzmeyer May 06 '22 at 15:01
  • Sounds like it is using serial interface. You will need some piece of serial port sniffing software - off-the-shelf or self-made (not a big deal if utilizing some virtual serial port driver). Can be done by some "man-in-the-middle" hardware too, but why bother? Then you just monitor the messages being sent when different events occur. – Eugene Sh. May 06 '22 at 15:10
  • Running [whatever the equivalent in windows is of] `strace` can trace the data. Also, disassembling/decompiling the software can also help. Do you know any of the vendors, product names, model numbers, etc? Are there any identifying strings in the executable? – Craig Estey May 06 '22 at 15:16
  • You need some recording of communication, together with the "upstream" meaning. For this you can make use of for example tools of the project "com0com" that provides virtual null-modem connections and a virtual serial hub. – the busybee May 06 '22 at 15:38

2 Answers2

2

What you need is called a sniffer. Use that as a keyword and you should be able to find plenty of info here at SO and around the web.

To set the record straight it is actually possible to use Wireshark to sniff on Modbus RTU over serial, see my answer here. If your protocol is similar to Modbus I would start with SerialPCAP.

If you prefer more Windows-friendly solutions you can check these out: 1, 2.

Since Modbus is pretty simple I would say reverse engineering a similar protocol should be, maybe not a piece of cake but just manageable, even if you are not very experienced.

These days when almost everyone is a maker or at least a wannabe, you might want to first take a good look around, maybe somebody else already reverse-engineered that protocol and published it somewhere.

Marcos G.
  • 3,371
  • 2
  • 8
  • 16
0

The best tool to analyze a protocol is Wireshark. Run it on the communication link between the Windows machine and the radar. First possibility: the protocol is actually something that Wireshark knows (some trials and errors with the "Decode as" menu may be necessary.) Second possibility, less funny: the protocol is indeed completely proprietary and unknown to Wireshark. At least, Wireshark will make it easier to examine the binary data.

bortzmeyer
  • 34,164
  • 12
  • 67
  • 91