Merge branch 'main' of https://git.etud.insa-toulouse.fr/taban/PIR_MadMax

2026-05-14 23:12:41 +02:00 · 2026-05-14 23:12:41 +02:00 · 8ff0bdd318
commit 8ff0bdd318
parent 4633fa6e56 83338bbdef
3 changed files with 5 additions and 7 deletions
--- a/Article_Scientifique/logiciel.tex
+++ b/Article_Scientifique/logiciel.tex
@ -118,21 +118,21 @@ The setup consisted of a main PC/controller, HC-05 Bluetooth module, ESP8266 µ-
 As the project is open source, and the code is freely accessible, there should be no reason to hide the code. It could however be reasonable to protect the code from changes which could hurt other people. Changing following parameters should at least come with a disclaimer and clearly state the dangers possible by proceeding with said changes. We have in mind the maximum speed permitted and the power available to the motors.

 \subsubsection{LispBM extraction}
-We caught word that the lisp code for the VESC used by Maillon mobility was easy to extract. By building an older firmware with the Maillon mobility software, we observed this by going to the lispBM tab and clicking read. It's up to the MAD if they would like to reinforce this mechanism. A modification on a parameter and then clicking upload allowed us to easily change the speed limit. This could bring up a public danger. This raises questions on the use of the MAD's equipment which is in a traffic friendly manner.
+We caught word that the lisp code for the VESC used by Maillon mobility was easy to extract. By building an older firmware with the Maillon mobility software, we observed this by going to the lispBM tab and clicking read. It's up to the MAD if they would like to reinforce this mechanism. A modification on a parameter and then clicking upload allowed us to easily change the speed limit. This could bring up a public danger. This raises questions on the use of the MAD's equipment, as it's used in a day-to-day traffic environment. 

 \subsubsection{LispBM Code}
-When we flashed newer firmware from the project made by Benjamin Vedder\cite{b1}, we also observed some difficulties in uploading the lispBM script taken from the one on firmware version 6.06. This could indicate that there needs to be further maintenance of the code in order to get the software up to speed. This needs to be documented better for someone  to continue the project. This could be a good investment for the MAD as well in the context of training for the people working on the motor control part of the e-bike.
+When we flashed newer firmware from the project made by Benjamin Vedder\cite{b1}, we also observed some difficulties in uploading the lispBM script taken from the one on firmware version 6.06. This could indicate that there needs to be further maintenance of the code in order to get the software up to date. This needs to be documented better for someone  to continue the project. This could be a good investment for the MAD.

-This documentation could be as simple as referencing the relevant parts of the lispBM documentation \cite{b2}
+This documentation could be as simple as referencing the relevant parts of the lispBM documentation. \cite{b2}

 \subsubsection{Proposed Solution}
-This risk could be patched by developing a VESC application for the VESC controller or using a binary. This is a solution which is less open source, but which is make unlawful use of the material harder. The application could be created using C and use an algorithm known by the MAD in order to secure the access to someone to change the parameters only if they are the MAD certified personnel. This encryption would preferably be reduced to the most essential settings in order to align with what our impression of the philosophy of the MAD would be.
+This risk could be patched by developing a VESC application for the VESC controller or using a binary. This is a solution which is less open source, but defends well against malicious intent.The application could be created using C and use an algorithm known by the MAD in order to secure the access to someone to change the parameters only if they are MAD certified personnel. This encryption would preferably be reduced to the most essential settings in order to align with what our impression of the philosophy of the MAD would be.


 \subsection{VESC Compiling}
 As mentioned, we have been able to compile the VESC tool and the VESC firmware. This firmware has been put onto an STM32F4xx Discovery card. This card uses the same chip as the aforementioned ``Cheap FOCer'' project. The thought was that using something with the same chip would facilitate the switch from the discovery card to a PCB with the same target.

-However, this choice posed several obstacles for our progress on the topic of cybersecurity. We will nonetheless summarise what we have learned for you and propose some additional work for the future. The challenges we encountered were the following: The lack of bluetooth capabilities. We did not have a module with BLE either. We had access to a HC-05 module, but that only allows for a normal bluetooth protocol and would require further work on a bridge to UART by using an esp8622 that we had as well. We propose that the next group has access to a VESC controller from the beginning, as well as a motor we could control. This could be in cooperation with the MAD, as the MAD could propose some models they're interested in.
+However, this choice posed several obstacles for our progress on the topic of cybersecurity. We will nonetheless summarise what we have learned for you and propose some additional work for the future. The challenges we encountered were the following: The lack of bluetooth capabilities. We did not have a module with BLE either. We had access to a HC-05 module, but that only allows for a normal Bluetooth version 2.0 protocol and would require further work on a bridge to UART by using an esp8622 that we had as well. We propose that the next group has access to a VESC controller from the beginning, as well as a motor we could control. This could be in cooperation with the MAD, as the MAD could propose some models they're interested in.

 We also found that the information on the VESC is scattered around the internet. The resources is also sometimes based on a Debian-based Linux system which adds more work for someone using another distribution of Linux. This could hinder the implementation facility for new users. We struggled particularly with the Qt packages for positioning and game pad. We would therefore recommend the use of a Debian-based Linux system for the computer working with the VESC for the MAD associates.

--- a/Sécurité/UARTVESC/VescUartControl
+++ b/Sécurité/UARTVESC/VescUartControl
@ -1 +0,0 @@
-Subproject commit 43228716a24f8ccfa1e55f7c12f01de51aa44f7b
--- a/Sécurité/UARTVESC/bldc_uart_comm_stm32f4_discovery
+++ b/Sécurité/UARTVESC/bldc_uart_comm_stm32f4_discovery
@ -1 +0,0 @@
-Subproject commit c19a6283e187040f25aa52e213673938db054d06
				`@ -1 +0,0 @@`
				`Subproject commit 43228716a24f8ccfa1e55f7c12f01de51aa44f7b`
				`@ -1 +0,0 @@`
				`Subproject commit c19a6283e187040f25aa52e213673938db054d06`