Looking for a way to figure out how my wind turbine controller software works. My goal is to not use the original software at all and poll the serial data via a python program via Linux. Right now the software is in an exe format ran with windows. I have tried using a serial sniffer program to get what is being sent and received but the hex data doesn’t seem to match the values the windows software shows. I also tried contacting the company for a serial register list but no luck.

Any suggestions?

 

First you need to know what data the controller is sending, and then you need to know just what format it is in. Usually what can be measured is voltage and current, which then feed analog to digital converters. From there the binary is put into some format to be useful.
Probably the company that made the turbine controller should be able to provide a description of what it is doing for you, even if they do not say how. Then you can use a terminal emulator to examine the serial data string to see what is being sent.

Or maybe you got the system used with no information at all

 

Is there anything that the screen shots provided would be used to help pin this down?

 

The screen shots say it is a solar system controller. So it might possibly not play well with a wind turbine generator. Or possibly that is just an artifact from your software

 

No, it does both solar and wind. As my post says it works just fine using the pc program but I am trying to read the data without their program. The 2nd screen shot shows what I have read from the serial port in hex formst

 

Possibly the data your sniffer sees does not jive with what the software shows, because the device transmits a raw value and the software performs a scaling operation on it. For example the voltage level raw value might be 0-4096 (12 bit) with -50V corresponding to 0 and 100V corresponding to 4096 so the 53.x Volts displayed in the software looks nothing like what you see in the serial sniffer.

If this is so, then will make it things harder for you. You will need to figure out the scaling points.

 

Possibly the data your sniffer sees does not jive with what the software shows, because the device transmits a raw value and the software performs a scaling operation on it. For example the voltage level raw value might be 0-4096 (12 bit) with -50V corresponding to 0 and 100V corresponding to 4096 so the 53.x Volts displayed in the software looks nothing like what you see in the serial sniffer.

If this is so, then will make it things harder for you. You will need to figure out the scaling points.

Yikes that’s what I was afraid of. The other thing I thought if it’s some Chinese value but you’d think numbers are numbers.

 

I’m not too familiar with windows executables but is there a way to rip their program apart to find that out?

 

I’m not too familiar with windows executables but is there a way to rip their program apart to find that out?

Probably. Maybe. But this forum isn't the best place to get help with that sort of thing. You can try opening the program in notepad or hexedit and see what you can see. Sometimes there is enough plain-text breadcrumbs to be helpful, but usually not.

 

Probably. Maybe. But this forum isn't the best place to get help with that sort of thing. You can try opening the program in notepad or hexedit and see what you can see. Sometimes there is enough plain-text breadcrumbs to be helpful, but usually not.

I figured there are other groups that deal with that kinda stuff. It would be nice if it was a mac or Linux program which would be easier to figure out.

 

What you need to see the data exactly as it is sent is a cuBut that would allow you to ent version of a program that I had used back in the DOS era.
The program was called "DTE " Dumb Terminal Emulator."
All it did was display every character it received, as well as every non-character string . You will probably need to run it in a non-windows environment because microsopht does not allow that to happen. There may be a similar program available from a Linux group, or you might even be able to get hold of an antique actual ascii terminal.
That will allow you to see the actual data stream.
What is wrong with the program that you do not want to use?? Or will it simply not run under the current windows version?

 

What I would like to do with the data is add it into my home assistant for data logging and to help the current battery management program I wrote have the turbine input to help it be more accurate and help divert power when needed.
Right now the pc program is only a visual output of what the controller is doing. I cannot have any logic attached to it.

 

OK, now the whole problem is very clear. And certainly the DTE function could be useful. Unfortunately the author of that died 30 years ago and is not available. And quite possibly the data is not being sent in ascii.
The work-around is rather tedious, which is code to parse the screen output and capture the portions that you want to use. It would have the benefit of providing the scaled values of the data you wanted.
The other means would require access to the source code of the display program. There are folks who can de-compile and disassemble code like that, and I am NOT one of them.

 

OK, now the whole problem is very clear. And certainly the DTE function could be useful. Unfortunately the author of that died 30 years ago and is not available. And quite possibly the data is not being sent in ascii.
The work-around is rather tedious, which is code to parse the screen output and capture the portions that you want to use. It would have the benefit of providing the scaled values of the data you wanted.
The other means would require access to the source code of the display program. There are folks who can de-compile and disassemble code like that, and I am NOT one of them.

That’s where I’m kinda at with this. I guess if there’s no way around listening to the data as it passes to read it at that point the only other way is to somehow take apart their program.

 

hi,
I would do as @strantor suggests, get a hex file viewer and check out the Win exe file visually, it could give an insight on the coding.
E
Post it here, add a .txt to the exe file name when uploading.

 

hi,
I would do as @strantor suggests, get a hex file viewer and check out the Win exe file visually, it could give an insight on the coding.
E
Post it here, add a .txt to the exe file name when uploading.

 

The only things I could find by doing as suggested is that it cannot be ran in dos mode and it utilizes MSVBVM60.dll which allows a visual basic program to run in windows.

 

Okay, going down the rabbit hole, downloaded https://www.vb-decompiler.org/download.htm, opened that exe and it looks like it was indeed made from VB. It can view all the pages and resources. Just need to now figure out how it reads that serial data. I'm not very good with windows programming and scripting how VB works. If anyone knows this part and could help me that would be super awesome.

 

The only things I could find by doing as suggested is that it cannot be ran in dos mode and it utilizes MSVBVM60.dll which allows a visual basic program to run in windows.

Reverse engineering anything is akine to trying to break a code.
Im not certain were able to help with reverse engineering what is evidently not your code !

In a general way
You need to understand the "data" you see in any program, as to what it means
e.g. asic is a 7 bit code, represented in a 8 bit field,
or it could be a pure hex number
e..g
if your seeing W3039
is that write 09 ?
or write 3039 ?
or what ?

the same 8 bits at different times could be a control code, a number , a letter dependent upon the protocol.

The data might even be little endian / big endian swapped,
might have a CRC , could even be encrypted

you need first to get a good look at the real data on the line,
1 and 0.
then you can start deciding what it is,

Once you have the above,
then look for patterns,
is there a regular set of data ,
is there correlation between wind going up and a set of data going up

It can be done,
look at things like SAMBA for file access , that was reverse engineered

But its not easy, and takes lots of pain staking logging / recording, and a fair amount of luck,
once you have one bit, you can generally build on that
some times down a false path, but persistance.

Have you looked here
https://freeserialanalyzer.com/

 

hi S07,
Download the Relyze program from this link.
It analyses the wind exe OK, but I don't have the time to read the results.
E

https://mohamad-wael.medium.com/best-microsoft-windows-disassemblers-and-decompilers-6fdfbf9990de