adria.junyent-ferreToday I captured a bit more traffic from the application to the quadcopter and played with the on-screen controllers to see how that would affect the messages. Here's what I got. By moving the controllers, some of the bytes in the message change (these are marked with XX):
roll left-right 66 XX .. .. .. XX 99 horizontal position goes from 58 (left) to 80 (centre) and a7 (right) pitch forward-backwards 66 .. XX .. .. .. XX 99 vertical position goes from 59 (bottom) to 80 (centre) and a8 (top) yaw left and right 66 .. .. .. XX .. XX 99 rotation goes from 01(left) to 80 (centre) and fe (right) throttle high and low 66 .. .. XX .. .. XX 99 throttle goes from 01 (bottom) to 80 (centre) and fe (top)
Apparently, the first byte and the last byte are always constant, one is 0x66, the other is 0x99. Also, the penultimate byte seems to be some sort of error correction byte that depends on all other bytes. Finally, the antepenultimate is used to encode different on/off commands such as the headless mode, the "arm" command, the "land" command and the emergency stop:
66 80 80 80 80 00 10 99 headless (the 10 in the antepenultimate byte is continuously sent) 66 80 80 80 80 01 01 99 start to spin (the 01 in the antepenultimate byte is sent for 1 second -20 messages-) 66 80 80 80 80 02 02 99 land (the 02 in the antepenultimate byte is sent for 1 second -20 messages-) 66 80 80 80 80 04 04 99 emergency stop (the 04 in the antepenultimate byte is sent for 1 second -20 messages-)
I suspect the byte that encodes the commands has each bit identified with a different command, and multiple commands might be sent simultaneously if needed (I haven't tested that).
In order to find out how the error correction byte is encoded, I've collected a few messages obtained by moving the controllers in random directions, I did a quick test with a few data points and it looks like the error correction byte is just an XOR of the other meaningful bytes. I haven't validated this hypothesis with all datapoints, though. Here's the whole lot:
6664 867f 8000 1d99 6664 8c7f 8000 1799 6666 8c7f 8000 1599 6667 787f 8000 e099 6669 707f 8000 e699 666a 8b7f 8000 1e99 666b 697f 8000 fd99 666c 647f 8000 f799 666d 617f 8000 f399 666e 617f 8000 f099 666e 627f 8000 f399 666f 677f 8000 f799 6671 887f 8000 0699 6672 7f7f 8000 f299 6673 767f 8000 fa99 6674 7f7f 8000 f499 6674 857f 8000 0e99 6674 8a7f 8000 0199 6674 937f 8000 1899 6674 987f 8000 1399 6674 997f 8000 1299 6675 877f 8000 0d99 6678 997f 8000 1e99 667a 857f 8000 0099 667b 737f 8000 f799 667d 807f 8000 0299 667e 6c7f 8000 ed99 6680 803e 8000 be99 6680 8041 8000 c199 6680 8046 7400 3299 6680 8048 8000 c899 6680 804a 8c00 c699 6680 804b 8000 cb99 6680 804e 8000 ce99 6680 8052 6600 3499 6680 8056 8000 d699 6680 805f 5900 0699 6680 805f bc00 e399 6680 8060 8200 e299 6680 8061 8000 e199 6680 8063 8300 e099 6680 8070 8000 f099 6680 8070 cc00 bc99 6680 8071 8900 f899 6680 8072 cb00 b999 6680 8074 c900 bd99 6680 8075 c500 b099 6680 8075 c700 b299 6680 8076 c300 b599 6680 8076 c400 b299 6680 8077 be00 c999 6680 8078 b500 cd99 6680 807a a600 dc99 6680 807d 8c00 f199 6680 807f 8000 ff99 6680 8080 8000 0099 6680 8081 8000 0199 6680 8083 8200 0199 6680 8090 4800 d899 6680 8094 9b00 0f99 6680 809b 9400 0f99 6680 80b7 ac00 1b99 6680 80c6 8000 4699 6680 80cd 8000 4d99 6680 80d1 8000 5199 6680 80d3 8000 5399 6680 917f 8000 ee99 6681 937f 8000 ed99 6682 6c7f 8000 1199 6683 807f 8000 fc99 6683 847f 8000 f899 6684 7c7f 8000 0799 6684 867f 8000 fd99 6684 877f 8000 fc99 6686 6e7f 8000 1799 6687 6e7f 8000 1699 6688 7f7f 8000 0899 6688 957f 8000 e299 668a 797f 8000 0c99 668a 817f 8000 f499 668b 737f 8000 0799 668c 6f7f 8000 1c99 668d 957f 8000 e799 668f 717f 8000 0199 6690 927f 8000 fd99 6692 7d7f 8000 1099 6692 927f 8000 ff99 6694 767f 8000 1d99 6696 8f7f 8000 e699 6697 7c7f 8000 1499 6697 807f 8000 e899 6697 817f 8000 e999 6698 877f 8000 e099 6698 a07f 8000 c799 6699 817f 8000 e799 6699 887f 8000 ee99 6699 9e7f 8000 f899 669a 9d7f 8000 f899 669b 9c7f 8000 f899 669d 9a7f 8000 f899 669e 957f 8000 f499 66a0 877f 8000 d899 66a2 837f 8000 de99 66a4 827f 8000 d999 66a5 807f 8000 da99 66a6 807f 8000 d999
Discussions
Become a Hackaday.io Member
Create an account to leave a comment. Already have an account? Log In.