Terra, thank you once again for releasing this great tool. As I've played around with it lately and successfully learned how to read, make changes and write files to my car I am incredibly grateful a tool like this exist and is available to the public.

Just had a thought about this section here:
If a new DME is used, can the EWS delete that was found in the other thread be applied to the new DME, can that then work without the need to burn the new key into the CAS?

- Trevor

You need hardware/software tool to modify the ISN in CAS. That way you don't have to worry about VO mismatch or anything else.

R270 and probably some tools from Xhorse are able to do that.

It's super easy, the hardest part is finding the offset location in the file then you just have to change 40 82 to 48 00 (that is for MSS65, but please go read the details as the location depends on the version the dme is on for the S85), post in the EWS delete topic if you need help, but it's super easy. It's pretty much the easiest change you can make to a hex/binary file.

Thought it would be easily understood I was referring to the mss6x version, considering we are in the thread for the mss6x version.

I'll call it MSS6x Flasher from now on then.👍

Hi Trevor,
yes I know this thread is about MSS6xFlasher, and that is why I thought it was odd that you mentioned removing EWS with MSSFlasher which is the name of a program that is used to flash MSS5x ECU's. I guess you just made a typo...

You'll need to change the ISN in the CAS to match that of your donor DME. You'll only be able to do this with specialist hardware.

terra - thank you for clarifying, one piece of the puzzle solved!

tdott - thank you for the input. I’m going to look into a hex editor, hoping I can come across one that’s a good mix of being user friendly and also capable of doing what I need, both for this and other things I have going on. I’ll definitely look into the hxd you mentioned.

mark - I appreciate the offer, unfortunately I am quite a distance from you and additionally, I don’t know if the original dmes circuit board is in a condition where it would be possible to extract the necessary data to clone it successfully. Not to say it’s definitely impossible, as I haven’t made an effort to do so (or have someone attempt I should say), but I would be surprised if it could be done on this particular board only because of how damaged it seems to be.

so as of now, I’m going to download a hex editor software and continue on with the diy attempt, and hopefully I can get it sorted. If not, or if I run out of time, I’ll resort to having someone else take care of it. In the meantime, if anyone with some experience using hex editor software(s) cares to share some opinions on what’s out there (paid or free versions, doesn’t matter) or has any recommendations as to which one to go with or which would be best for someone who isnt yet familiar with the process, I would definitely appreciate any advice. Of course I will continue researching on my own, but I always prefer obtaining the most relevant information from those who know better than I do, and in this case, have experience using editing software specifically on bmws as opposed to basing my software choice on feedback from those who specialize in other brands. Based on the little I’ve come to understand so far, editing software in general is pretty versatile and relevant for most ecus regardless of the automaker, but again, I would rather look into software that has been proven to be effective with these cars in particular as I don’t really get involved too much with anything outside bmw. Thanks again for the help guys.

This thread's topic is the mss6x version. Did you read the Original post Mark?
https://nam3forum.com/forums/forum/e...r-now-released

MSSFlasher is only for MSS5x, not for any later ECU.

If e82s65 is in the Toronto area, I have the proper tools to clone his ECU to another.

DME and CAS has to match in order for it to start. EWS delete will allow the DME to function with the CAS/key as long as the key matches the CAS (I believe).

A few threads below in this section you will see a topic on the EWS delete.
It can be done with MSSflasher and a hex editor such as Hxd and the proper dcan cable.

The ISN is from the DME. The "CAS" ISN is simply formatted how it would be stored in the CAS.

Sorry, I should have been more specific, I never tried pulling anything from the original dme. The boards were burnt up and corroded inside, it lost the ground circuit for the main relay (among other things, I imagine) and I was hoping by grounding out the relay I could at least get communication with ista but no luck. I could run a vehicle test and with the main relay grounded (and maybe a couple other things grounded or powered, I don’t remember exactly) the engine would turn over but it wouldn’t start and it wouldn’t communicate. This was months ago, and I never bothered going any further with that dme.

So the read/isn is from the donor dme and that is what’s currently installed in the m5. Which is why I’m wondering if the CAS isn read-out by the mss6x flasher software is for the donor car’s cas or my currently installed (original) cas. Reason being is it seems to me that the software communicates directly to the dme over dcan and not through the gateway (unless I’m not fully understanding what’s going on in the background), in which case it would make sense that it would not be communicating with the cas at all and is only relaying information specific to the currently installed dme (from the donor car) and in turn only giving me the isn associated with that dme and it’s originally-fitted cas (from the donor car).

So based on what I think I understand about this, I believe the “cas” isn that the mss6x flasher reads to me is coming solely from the dme it’s communicating with. Which means that because the dme it’s currently communicating with is from the donor car, the “cas” isn is not the isn in my car’s cas but instead the isn from the cas in the donor car. If that’s the case, then my only solution would be to somehow write the “cas” isn read-out by mss6x flasher (which is the isn for the donor car cas) into the currently installed cas (which is not from the donor car). I apologize this description is so convoluted I’m just trying to be as specific as I can.

As for installing the donor cas, if I could simply throw it in with donor dme, go into winkfp and do some vin changes then that would clearly be the easiest solution. But I don’t know if that’s possible or not using the standard tools, and I’m not comfortable enough with unguided experimenting to risk putting myself in a situation that I need to frantically dig my way out of. The way it sits right now, everything is fully functional outside of running and driving, specifically the most important things like terminal control and elv function so the car can be moved around when needed, put outside and locked, etc. If I do something I don’t know how to reverse on my own, in winkfp for example as I have no experience with any of this until now, and the car gets stuck in my bay or in the middle of the shop, that will become quite the headache.

And in regards to ews delete and dme cloning and things of that nature, from what I understand (or at least believe to understand), that will still leave me in the same boat with having to obtain a separate software with those particular functions/features/capabilities to allow me to do those things - which I’m not opposed to buying as long as the software is worth it and has little to no user limitations - or paying someone for that service. My specific goal here is to eliminate having to outsource for this type of stuff. Not that I’m against paying an expert to do what they do, by any means; I have no problem paying for products, services, advice, tools, software, licenses, tuning, etc. But it would be nice to have a better understanding of all this to be able to do some of these things on my own without having to always rely on other people to bring a project to a close, especially in time-sensitive scenarios. My ignorance on the subject will without a doubt prevent me from flying solo all the time, but at least with the right tools I can put in the time and effort to work toward not being so heavily reliant on everyone else.

I do appreciate the response and suggestions, hopefully I can make some sense of this without needing too much handholding but I’m not off to the best start so far! Lol but thanks again for the reply, it is truly appreciated!

I am no expert and probably best to wait for one to chime in. But I know sometimes it might take a while for one to reply. So I will chime in until then.

Can you confirm if you were able to get a full read/isn/etc from the original dme to the car? That didn't seem clear to me in your post if you were able to. If that is possible it would be the best solution, you can just clone everything to the donor dme and it would be like it was the original afaik keeping mileage and vin in tack.

If you can't do that, then I think your best approach is to use the donor dme, and get the immobilizer/ews deleted and that should get you to atleast start the car using your original cas and key. I am unsure of if you'd need to change the vin or mileage/etc in the dme. Nor do I know how to do that, but I think it might be an option.

The other option would be to swap in the donor dme with matching cas/key, and use that to start the car, but then I think you'd somehow still need to change the vin/mileage to match the original car and like above I'm not sure how/if that can be done or how.

Hello,

first off, thank you terra and all others involved with this project and for each of you who are taking the time to help us users make more sense of this side of our cars - I don’t think any of us (myself included) truly grasp the amount of time and effort you guys put into all this, and the fact that some of you are doctors or not professionally involved/vested in this industry yet have been able to reverse-engineer these dmes and create applications to work with them, on top of being full-time productive members of society in your own fields, it’s very very impressive and respectable. I myself am just a mechanic trying to get some projects finished which is why I’m posting…

long story short, one of my projects is an e60 m5, ebox went swimming from a clogged drain which took out the dme. I have since installed a used dme (verified to be working), and I’m trying to match the isn to get the car on the road. Now I can easily swap over the cas/key from the donor car to get it running but I don’t want a mileage discrepancy or have other issues with mismatched vins in various control units when it comes time to code the car for the active seats I installed (car is an 06, I completed a full lci retrofit - complete interior including active seats, dash with lci switch cluster, infotainment, door panels with lighting package, soft close, everything).

I have successfully gotten a full read from the dme, including the isn using terras software, but a couple things I’m unsure of:
1- mss6x flasher software spits out ISN from dme and cas, but is the cas ISN from the donor dme car (as in, does the dme record the isn from the cas module it’s originally fitted with, in this case the donor car), or is it in fact the ISN from the cas module in my car (the original cas that’s currently connected and has been connected, to my car)?
2 - what now? Lol

Jokes aside, I unfortunately have not been able to make sense of the next step. My understanding is standard tools will be of no use here, winkfp/tool32 are not going to allow me to change isn, nor will other free tools out there (from what I’ve been able to gather on my own) like the binary mod tool from ecuworkx just to name one. So do I need to get my hands on a hexeditor software of some sort in order to complete this process and with that software will I require any specific set of tools or interface devices for it? I’m assuming I download a software that will allow me to edit the data, extract my read into the software, pull my hair out trying to find the data I need to edit within that software, change the necessary data, load the updated file into mss6x flasher, program ecu and off I go… easier said than done I’m sure but I’m hoping I’m at least correct up to this point. I’m not looking to monetize or take advantage of the help I’m hoping to receive here, just simply trying to be a little more self reliant as I have a handful of other projects in the works that will require me to be more competent with this side of things in order to speed up the process.

So if I do need a particular software or set of tools on top of what I already have (ICOM, kdcan cable, all factory software tools, mss6x flasher of course), can anyone tell me specifically what I need to complete the puzzle, or have any recommendations to point me in the right direction (aside from the obvious need to set aside a lot more time for learning and research)? Any help is greatly appreciated.

Thank you in advance.

I am going to install 241 e on my car but I will modify with ECUWorx to remove the lambda control but I am also considering increasing Max Rpm. What do you think ? is it risking to increase Max Rpm to 8600 out of 241e ?