More ELM327 Fun (Read: Headaches)

[DS106Q]

Based on the success @ironduke has had with his ELM327 v1.5 BT interface, I went ahead and purchased one from a US seller (not that I believe it was made in the US).

When it arrived I was able to use CoolTerm to connect to it and all the connection issues I had with my USB v2.1 interface disappeared. It was responding exactly as @ironduke said his was, until it wasn't!

Two issues, first is that when I give it the ATMA command to monitor the bus, it returns a ? as though that's not a valid command. More troubling is that whenever I issue a basic OBD command (say 0105) the response is "NO DATA."

Below is a cut and paste of a terminal session:
>ATZ
ELM327 v1.5
>ATDP
AUTO
>ATSP2
OK
>ATDP
SAE J1850 VPW
>ATRV
12.8V
>ATMA
?
>0100
NO DATA
>0101
NO DATA
>0105
NO DATA
>ATSH686AF1
OK
>0105
NO DATA
>0602
NODATA
>ATMA
?
>

It's really odd so I pulled out the Nano and used Universal Patcher's Logger to see what, if anything, it was sending.

Now is where we enter the Twilight Zone! The logger showed it was sending the commands! I could clearly see every time I typed in 0105 it would send 68 6A F1 01 05, BUT there was no response. It was completely ignored. If I sent the command via the logger I got a response.

Clearly, the problem is this is a Chinese piece of junk, but what's the scoop as to why its commands are being ignored? Could it be that the checksum is being calculated/sent incorrectly? The logger doesn't show me the checksum byte so I'm not sure what it was sending (not that I would know how to calculate it or if it was correct), but that's all I can think of.

Any other ideas/thoughts??

[kur4o]

Can`t speak up of this exact issue, what you need is elm with stnXXXX chip inside.
newer elms are targeted to CAN communication and most of them don`t even support vpw, even though they should, I have seen hardware missing from the circuit.

To monitor all try
after fresh reset and protocol setup.

atal
ath1
atma

When elm send the custom command does pcm response at all. If pcm response elm don`t get response, it could be some filtering turned on.

[DS106Q]

I'll look for the stnxxxx chip.

ATMA always returns ?, regardless of what was typed before it (but I tried al for long byte strings and h1 to turn headers on, didn't help).

There is a continuous flow of data on the bus, but as far as I can tell there isn't any response, and certainly not anything beginning with 48 6B 10 (after a basic 68 6A F1 query, such as the 0100, or 0101, or 0105 above). It appears to be completely ignored. That's why I took a stab in the dark about the checksum being wrong.

What else could cause the command to be ignored?

Edit: If you mean UP's Logger filtering, that's not the case. If I disconnect the v1.5 BT one and switch to the v2.1 USB one it works perfectly (for basic 68 6A F1 queries) and I can see both the command and the response in the logger (unlike the v1.5 interface where I only see the original command an no response).

[antus]

hard to say without all the information, but one thought is it could just be low quality electronics and the timing is out just enough that the PCM cant decode it, even though the nano might have slightly higher tolerances, and/or see a slightly different waveform on the bus where it is. Try swapping which interface is on which plug on your double adapter. Its impossible to see the analog realm with digital tools, because 1s and 0s, it either works or it doesn't. You need a tool with the ability to measure timings to get a better idea and analog visibility to check the shape of the waveform and voltages etc. When one device can see data and another cannot, its usually poor signal quality.

[DS106Q]

Interesting read, as frustrating as this can be, I have been learning a lot and that part has been very enjoyable.

No change in swapping the plugs on the double adapter. I also can't get it to execute commands, such as door locking, when plugged directly into the vehicle's connector (without the Y adapter).

Absolutely no doubt it's low quality electronics, just got me curious when I could see it in UP's logger.

[Tazzi]

Getting ? when sending ATMA is one of the aspects of a emulated ELM command set.

Theres a write up online somewhere that I read where someone bought a bunch of ELM cables and there were a bunch which had the CPU etched off (No writing) and they didnt work with a bunch of commands.

Typically VPW (J1850) is also not on bluetooth dongles due to the fact it requires a 8v regulator, and a bunch or resistors/transistors to complete the circuit so it is typically not on the cheap ELM knockoffs. Ontop of that, the actual J1850 protocol is quite a challenge to implement in firmware, so the non genuine ELMs using emulated ELM firmware typically dont even have the coding for it available even if you add the circuitry to it.
Basically any bluetooth units which are not in a full standard ELM case are usually missing a heap of parts, and usually only support canbus only.

If the CPU is no the PIC28K (or whatever the genuine processor was again), then it will not be a genuine ELM firmware... or at least the last of the cloned genuine ELM firmware. elmelectronics do also sell a bunch of newer cpus, but the cpu by itself are around $20+usd each I believe.

Its basically a "you get what you pay for" situation.

[DS106Q]

Basically any bluetooth units which are not in a full standard ELM case are usually missing a heap of parts, and usually only support canbus only.

Well, that answers that! Thanks!

Its basically a "you get what you pay for" situation.

While I understand what you're saying, I was trying to pay for better quality units, but I don't think they are available anymore without jumping into a whole other category (like I did with the Nano, or the Pro GT).

[Tazzi]

While I understand what you're saying, I was trying to pay for better quality units, but I don't think they are available anymore without jumping into a whole other category (like I did with the Nano, or the Pro GT).

I did not mean that in a bad way, just the fact that the genuine ELM chips were about $20usd a piece just for the processor unless buying in massive bulk, then ontop of that is building the circuit board to go with it. I went to link to their product page but I did not realise they have actually closed their doors!

I have had more time dealing with ELMs then Id like to even remember. I recall at one stage, having 4 of them hooked up at once to simulate ECU responses while reverse engineering tech2 live data So, you can do alot with an ELM, but there are limitations. Whereas using a J2534 tool, youll be free of those limits.

[antus]

The fact it was a chip, not an interface was probably a mis-step for elm as well as botching their 1.0 security and getting cloned straight away. Being a chip only there is no such a thing as a standard elm interface. Manufacturers are free to put whatever analog electronics they want around the chip, and there is no certifying body on signal quality for the low end. Want to omit the 8v circuity for vpw? ebay doesnt care. Want to omit the vpw circuity entirely? ebay doesnt care. Want to not even use an elm and call it an elm? lol. The only good thing about the whole situation is that there is an elm reference circuit schematic, even if its seldom implemented properly.

[MudDuck514]

Hi all;
One thing to remember is that there is NO "official" v1.5 ELM Firmware!
As Antus stated, the original ELM v1.0 was NOT protected, therefore people copied it and use it as their firmware.
If I am not mistaken, versions skip from 1.4x (not sure off hand if it was a or b) to 2.0 or 2.1.

Mike