ccrome · February 6, 2018 21:52 · mdijkens · Apr 7, 2018
diff --git a/eb_tester_digital_load.txt b/eb_tester_digital_load.txt
 The digital load is found here: 
    https://www.aliexpress.com/item/35W-computer-software-online-USB-tester-USB-Discharging-Load-QC2-0-3-0-MTK-PE-Trigger/32707276028.html?spm=a2g0s.9042311.0.0.K9VDeF 

 It uses a binary protocol over the UART for control and data returned.  I used the free version of "Device Monitoring Studio"
 to view the data sent and received from the UART.  

 So far, I have decoded the commands to get the digital load to do things, except for how to compute the checksum byte.

 Here's what there is so far:
 ------------------------------------------

 Command from PC to digital load
 -----------------------------------
 All commands sent are 10 bytes long
 byte 0 is always 0xFA, byte 9 is always 0xF8.  so, FA is a start byte, F8 is end byte.
 byte 8 seems to be some sort of checksum

 Example byte stream:
   0  1  2  3  4  5  6  7  8  9
  FA 07 04 28 00 50 00 00 7B F8

 byte 0:  0xFA   start of frame
 byte 1:  cmd    command.
      01: start
      02: stop
      05: connect
      06: disconnect
      07: update while started
 byte 2:  A-msb  most significant byte of 16-bit current setting.
 byte 3:  A-lsb  least significant byte of 16-bit current setting.
 byte 4:  V-msb  msb of 16-bit voltage
 byte 5:  V-lsb  lsb of 16-bit voltage
 byte 6:  T-msb  msb of timeout setting
 byte 7:  T-lsb  lsb of timeout setting
 byte 8:  checksum
 byte 9:  end of frame

 Current is about 1064/Amp
 Voltage is about 106.4/Volt
 Time is about 1.064/minute

 I don't know why it's not 1000/Amp, 100/Volt, and 1.0/minute.  It's strange.


 Some examples:

 FA 06 00 00 00 00 00 00 06 F8 <<<---- stop  Note, looks like the checksum is pretty simple
 FA 05 00 00 00 00 00 00 05 F8 <<<---- start i.e. zeros don't have any effect.

 Run a ramp from 0.1 to 1.0A in steps:  cuttoff = 0.8V
 FA 07 00 64 00 50 00 00 9F F8 0.1a  200
 FA 07 00 C8 00 50 00 00 9F F8 0.2a  200
 FA 07 01 3C 00 50 00 00 6A F8 0.3a  316?  1.6?
 FA 07 01 A0 00 50 00 00 06 F8 0.4a  416
 FA 07 02 14 00 50 00 00 41 F8 0.5a  532
 FA 07 02 78 00 50 00 00 2D F8 0.6a  632
 FA 07 02 DC 00 50 00 00 89 F8 0.7a  732
 FA 07 03 50 00 50 00 00 04 F8 0.8a  848
 FA 07 03 B4 00 50 00 00 E0 F8 0.9a  948
 FA 07 04 28 00 50 00 00 7B F8 1.0a  1064
 FA 07 04 28 00 50 00 00 7B F8 1.0a
 FA 02 00 00 00 00 00 00 02 F8
 
 
 ----------------------------------------
 Received data
 ---------------------------------------
 I haven't decoded the received data yet.  I figured I'd post this for now... maybe I'll get back to it soon-ish.
 
 Receive data:
 FA 00 00 09 15 73 0B 63 08 8B 00 64 00 00 02 14 1A EC F8  5.155 volts, 0.000 amps
 FA 0A 04 29 15 70 0B 63 08 8B 00 64 00 00 02 14 1A C1 F8  5.152 volts, 0.100 amps
 FA 0A 08 53 15 6F 0B 62 08 89 00 C8 00 00 02 14 1A 07 F8  5.152 volts, 0.200 amps
	The digital load is found here:
	https://www.aliexpress.com/item/35W-computer-software-online-USB-tester-USB-Discharging-Load-QC2-0-3-0-MTK-PE-Trigger/32707276028.html?spm=a2g0s.9042311.0.0.K9VDeF

	It uses a binary protocol over the UART for control and data returned. I used the free version of "Device Monitoring Studio"
	to view the data sent and received from the UART.

	So far, I have decoded the commands to get the digital load to do things, except for how to compute the checksum byte.

	Here's what there is so far:
	------------------------------------------

	Command from PC to digital load
	-----------------------------------
	All commands sent are 10 bytes long
	byte 0 is always 0xFA, byte 9 is always 0xF8. so, FA is a start byte, F8 is end byte.
	byte 8 seems to be some sort of checksum

	Example byte stream:
	0 1 2 3 4 5 6 7 8 9
	FA 07 04 28 00 50 00 00 7B F8

	byte 0: 0xFA start of frame
	byte 1: cmd command.
	01: start
	02: stop
	05: connect
	06: disconnect
	07: update while started
	byte 2: A-msb most significant byte of 16-bit current setting.
	byte 3: A-lsb least significant byte of 16-bit current setting.
	byte 4: V-msb msb of 16-bit voltage
	byte 5: V-lsb lsb of 16-bit voltage
	byte 6: T-msb msb of timeout setting
	byte 7: T-lsb lsb of timeout setting
	byte 8: checksum
	byte 9: end of frame

	Current is about 1064/Amp
	Voltage is about 106.4/Volt
	Time is about 1.064/minute

	I don't know why it's not 1000/Amp, 100/Volt, and 1.0/minute. It's strange.


	Some examples:

	FA 06 00 00 00 00 00 00 06 F8 <<<---- stop Note, looks like the checksum is pretty simple
	FA 05 00 00 00 00 00 00 05 F8 <<<---- start i.e. zeros don't have any effect.

	Run a ramp from 0.1 to 1.0A in steps: cuttoff = 0.8V
	FA 07 00 64 00 50 00 00 9F F8 0.1a 200
	FA 07 00 C8 00 50 00 00 9F F8 0.2a 200
	FA 07 01 3C 00 50 00 00 6A F8 0.3a 316? 1.6?
	FA 07 01 A0 00 50 00 00 06 F8 0.4a 416
	FA 07 02 14 00 50 00 00 41 F8 0.5a 532
	FA 07 02 78 00 50 00 00 2D F8 0.6a 632
	FA 07 02 DC 00 50 00 00 89 F8 0.7a 732
	FA 07 03 50 00 50 00 00 04 F8 0.8a 848
	FA 07 03 B4 00 50 00 00 E0 F8 0.9a 948
	FA 07 04 28 00 50 00 00 7B F8 1.0a 1064
	FA 07 04 28 00 50 00 00 7B F8 1.0a
	FA 02 00 00 00 00 00 00 02 F8


	----------------------------------------
	Received data
	---------------------------------------
	I haven't decoded the received data yet. I figured I'd post this for now... maybe I'll get back to it soon-ish.

	Receive data:
	FA 00 00 09 15 73 0B 63 08 8B 00 64 00 00 02 14 1A EC F8 5.155 volts, 0.000 amps
	FA 0A 04 29 15 70 0B 63 08 8B 00 64 00 00 02 14 1A C1 F8 5.152 volts, 0.100 amps
	FA 0A 08 53 15 6F 0B 62 08 89 00 C8 00 00 02 14 1A 07 F8 5.152 volts, 0.200 amps