Cyber security uplift project for rail organisation

Customer requirement

Current trends in the rail sector suggests cyber-attacks on railways are doubling annually. These attacks are not only targeting core IT systems, but operational systems and connected rail hardware that can result in substantial financial, operational and reputational losses as well as significant safety risks.

A Victorian based rail organisation had a requirement for a cyber security uplift for their operational and train control systems (OCS/TCS), aimed at mitigating cyber security vulnerabilities in these critical rail networks

Ricardo solution

Ricardo worked with the NCC Group to assess the current network setup, identifying boundary limits, evaluate data flows and provide recommendations for segmentation and security controls. This resulted in a detailed recommendation report and functional specification, enabling the customer to strengthen its cyber security framework while maintaining uninterrupted operations of its rail services.

A key challenge was upgrading the OCS/TCS network without disrupting the safety-critical rail operations. The existing network’s boundary limitations and complex data flows required careful examination to ensure that any cyber security enhancements were implemented seamlessly. Another challenge was ensuring coordination between the client’s internal stakeholders and external parties to collect essential data, all while maintaining confidentiality of sensitive information. The team needed to provide a robust cyber security solution that minimised operational disruptions while addressing the vulnerabilities within the existing network infrastructure.

Customer benefit

With the support of Ricardo's cybersecurity experts, the client saw significant improvements to their OCS/TCS network security. Ricardo and NCC Group’s comprehensive assessment identified vulnerabilities and provided targeted recommendations for network segmentation, flow restriction, and enhanced security controls. The final recommendation report and functional specification laid the foundation for the client to progressively implement the necessary cyber security measures. This included improvements to data confidentiality, integrity, and overall network resilience. As a result, the client’s critical rail operations became more secure against emerging cyber threats. The collaboration allowed them to enhance their cyber security posture, securing its essential infrastructure while maintaining operational efficiency. This project represents a significant milestone in the client’s journey to bolstering the safety and security of its rail services.

Client

Victorian based rail operator

Start and end dates

09/2024 - 10/2027

Location

Victoria, Australia

First Name *

Last Name *

Job Title *

Company *

Phone number

Email *

Message *

Consent for storing submitted data *

Yes, I give permission to store and process my data

Consent for marketing

Yes I'd like to keep up to date on Ricardo services, products and events. Your information will be stored on our secure systems, will not be shared with 3rd parties, and you can unsubscribe at any time.

Are you a robot? *

Related case studies

View all case studies

Hazardous materials training: supporting the emergency services

Read case study

Electric vehicle sustainability and efficiency research

Read case study

QTMP Cyber Security Consulting and Assessment Project

Read case study