by diablerouge » Thu Dec 29, 2005 8:52 am
not sure if anyone has thought of this, but in case they haven't:
when we download the memory image from the ecu, we get not only the maps for ignition and fueling, but also the code which actually does all the work, correct? if this is the case, and i assume it is, cel codes can be prevented from causing the cel light to come on and will evade obd-ii scan tools (such as inspection stations).
since each cel condition has a specific code relating to a specific malfunction, it must be stored in the same location each time for the obd-ii scanners to find it and recognize it. this means that each cel code has its own address in memory where it can be scanned for. following this logic, we can permanently disable cel codes from appearing by finding each instruction which writes to the address corresponding to a specific cel code, and change the write instruction so that it writes the enable flag for the cel code to some unused memory address.
now, if the coders decided to write the code so that only a few memory words are used to hold all of the cel code flags (one per bit), and these flags are changed by adding xor'ing a mask to the memory word, it would be even easier. one would only have to change the mask for each cel code.
whichever way it works, it shouldn't be terribly difficult for someone who understands the assembly code behind it. i would go ahead with this myself, but i was never terribly good at coding in assembly, and i'm sure there are many others who could whip it up in a quarter of the time i could.
any thoughts? has this been discussed? i'm sure someone had to have thought about this before.