In-vehicle communication among different vehicle electronic controller units (ECU) to run several applications (I.e. to propel the vehicle or In-vehicle Infotainment), CAN (Controller Area Network) is most frequently used. Given the proprietary nature and lack of standardization in CAN configurations, which are often not disclosed by manufacturers, the process of CAN reverse engineering becomes highly complex and cumbersome. Additionally, the scarcity of publicly accessible data on electric vehicles, coupled with the rapid technological advancements in this domain, has resulted in the absence of a standardized and automated methodology for reverse engineering the CAN. This process is further complicated by the diverse CAN configurations implemented by various Original Equipment Manufacturers (OEMs).
This paper presents a manual approach to reverse engineer the series CAN configuration of an electric vehicle, considering no vehicle information is available to testing engineers. To execute reverse engineering, the CAN data log is to be taken from the OBD-II port by systematically identifying and mapping the CAN with various ECUs interfaced with that CAN line. Driver actions and continuous data logged from the OBD-II port are cross-referenced with CAN data to determine the byte order of signals and message frames. The signals derived from one vehicle use scenario (driving) are then validated against another scenario (charging) to ensure consistency and accuracy.