QTMP Cyber Security Assessment Train Image

QTMP Cyber Security Consulting and Assessment Project

Challenge

The Queensland Train Manufacturing Program (QTMP) will build 65 new six-car passenger trains at a purpose-built manufacturing facility at Torbanlea on the Fraser Coast in Australia, as well as the construction of a new rail facility at Ormeau in the Gold Coast region.

The QTMP is part of a wider programme or infrastructure investment to support the economic growth of South East Queensland, as well as the forthcoming Cross River Rail project, and Brisbane's Olympic and Paralympic Games in 2032.

As part of the project, Hyundai Rotem is responsible for all aspects of the new EMU fleet, including conformity with cyber security related standards and requirements such as IEC 62443 and CLC/TS 50701.

Approach

To meet the cyber security requirements of the QTMP project, We have been appointed to establish a project-specific cyber security risk analysis and assessment process that will support the execution of cyber security lifecycle phases in conjunction with the safety management programme.

Our work will include:

System Definition Phase

Cybersecurity Management Plan Review

Preliminary Design Phase

Guide and Review Initial Risk Assessment (IRA)
- Establish an IRA strategy and method
- Review and support IRA
- Assist in responding to comments on existing IRA
- Assist to produce Zone & Conduit models and SLT

Detailed Design Phase

Conduct Detailed Risk Assessment (DRA)
- Elicit Cybersecurity Requirements
- Further assessment and Update IRA
- Assist to confirm SL-T and Zone & Conduit
- Review an applied cybersecurity design
- Maintain a traceability of cybersecurity requirements

Testing and Validation Phase

Perform a vulnerability assessment
Perform penetration testing
Conduct a cybersecurity verification and validation
Produce a cybersecurity case.

In the course of their duties, our teams will also provide guidance and knowledge management support to Hyundai Rotem's on the key standards and specifications. For the testing phase (e.g. vulnerability assessment & penetration test), which requires independence in the delivery of cyber security consultancy services, we will utilise our partnership with NCC Group to support the project.

Results

With the support of our cyber security experts, Hyundai Rotem will deepen its understanding of cyber security standards and gain hands-on experience in applying and ensuring cyber security for its vehicles.

Developing a robust cyber security application case for QTMP - and for rolling stock in general within Australia's national railway - will position Hyundai Rotem favorably for future opportunities in a range of international projects.

Client

Hyundai Rotem

Start and end dates

03/2024 - 12/2026

Location

Queensland, Australia

Contact our experts

First Name *

Last Name *

Job Title *

Company *

Phone number

Email *

Message *

Consent for storing submitted data *

Yes, I give permission to store and process my data

Consent for marketing

Yes I'd like to keep up to date on Ricardo services, products and events. Your information will be stored on our secure systems, will not be shared with 3rd parties, and you can unsubscribe at any time.

Are you a robot? *

Related case studies

View all case studies

Rail cyber security training and consultancy

Read project

Cyber risk assessment for new Hong Kong signalling system

Read project

Aventra Vehicle Digital Risk Assessment

Read project