Not having any prior experience with POV, I started poking at things to see how it worked. It turns out that Cenzic made it very easy to access the fan’s EEPROM chip, and with a simple RS232-to-I2C interface you can re-write the EEPROM on this device to make it display whatever you like:

Disassembly was pretty simple, as all the plastic covers can be pried off with your fingers or a small screwdriver. The first step to taking the Cenzic fan apart was to gently pry up the small cover on the front of the fan:

Cenzic POV Fan

Header Cover Removed

This revealed a four pin header, which was very encouraging. Note that this is really all the disassembling you’ll need to do in order to re-program the EEPROM.

Next, prying off the plastic cap revealed the fan blades that double as a sheath for the LED strip:

Fan Cap Removed

Prying off the cover below that allowed access to the circuit board:

Fan Circuit Board

Here you can see the two springs that sit between the circuit board and fan body to supply power to the circuitry while the fan is spinning:

Brush Springs

The hardware in the Cenzic fan is pretty sparse: an unknown controller (covered with epoxy), a few resistors and capacitors, and a single EEPROM chip located right next to the four pin header:

Closer View Of The Circuit Board

The EEPROM chip is a 24C02N, which is a 2Kb I2C EEPROM chip. The four pin header attaches to the 24C02, allowing it to be read from and re-written. The header pin out from bottom to top, as pictured above, is: GND, SDA, Vcc, SCL:

24C02 Header Pin Out

In order to read and write to the EEPROM chip, a simple serial to I2C interface was required. I built the serial adapter circuit found on Chiprecharge.com, which works nicely with PonyProg. This circuit drops the RS-232 voltage on the data and clock lines down to 5v via a pair of zener diodes, and provides 5v power to the EEPROM chip:

PonyProg EasyI2C Serial Interface

Attaching the adapter to the fan’s four pin header allowed me to read out the contents of the EEPROM chip:

Dumping The EEPROM

PonyProg Data Dump

And here’s what the above data displays on the POV fan:

The data dump obtained from the Cenzic fan may need some explanation. If you watched the above video, you saw that the original Cenzic message was broken into five parts:

1. SECURE
2. YOUR
3. WEB APPS
4. WITH
5. CENZIC

The first byte of data in the EEPROM tells the controller how many parts there are to the message (in this case, five, or 0×05).

Following the 0×05 is the byte 0×06; this is the number of letters in the first part of the message (“SECURE”). Each part of the message is prefixed with its string length in bytes.

Each letter is displayed on a 5×7 matrix, that is, there are 7 LEDs aligned vertically, and each letter gets 5 pulses as the LED array moves around in a circle (5 LEDs in width, 7 LEDs in height).

Each of the vertical LED patterns (5 per letter, since each letter is 5 LEDs in width) are describe by a single byte. The first part of the original message is “SECURE”, which is 6 characters long. Therefore, the size of the first part of the message when stored in EEPROM is 6 * 5 = 30 bytes. If we go to offset 0×20 (which is the next byte after the 30 “SECURE” bytes), we see the number 4, which is the string length of the second part of the message (“YOUR”). The microcontroller reads these patterns from the EEPROM until all parts of the message have been displayed, at which point it starts the message over again.

Each byte in the message represents a vertical LED display pattern, with the high-order bit in each byte controlling the bottom LED, and the low-order bit controlling the top LED. A 1 indicates that the corresponding LED is off, while a 0 turns the LED on; however, there are only 7 LEDs, and 8 bits in each byte, so something has to give. The fourth lowest-order bit is ignored, and can be set to either a 1 or a 0 without affecting the resulting display.

Because the fan rotates in a counter-clockwise direction, the letters entered in the EEPROM are a mirror image of what will be displayed; that is, when displaying a message, the controller starts at the end of a message, and works its way backwards. So, the first five bytes in the first message tell the controller how to display the letter “E”, although if you visually mapped out the bit patterns for these five bytes, you would see that the “E” is actually backwards (again, it needs to be a mirror image of what should be displayed).

To help visualize this, take a look at how to display the letter “E”. First, map out a mirror image of the letter on a 5×7 grid:

00000  <- Low order bits
    0
    0
00000  <- This row of bits will be ignored
00000
    0
    0
00000  <- High order bits

Now, fill in everything else with 1′s:

00000  <- Low order bits
11110
11110
00000  <- This row of bits will be ignored
00000
11110
11110
00000  <- High order bits

The resulting hex values for each column of bits is, from left to right:

0×66,0×66,0×66,0×66,0×00
 

And the resulting image that will be displayed by the fan is:

00000
0
0
00000
0
0
00000

In order to make it easier to load new text onto the Cenzic fan, I wrote a Python script to translate ASCII text into a data dump that can be loaded into the fan’s EEPROM using PonyProg. Currently it only supports uppercase letters and smileys, but if you understand the above description, it’s easy enough to modify the script to produce any pattern you’d like. Usage is fairly straightforward; to generate a message that displays “Hello World”:

C:\>python ascii2cenzic.py hello world > hello.bin
 

The resulting hello.bin file can then be opened with PonyProg and written to the EEPROM chip:

Configure PonyProg I/O Settings

Write Data To EEPROM