QTMP Cyber Security Assessment Train Image

QTMP Cyber Security Consulting and Assessment Project

Challenge

The Queensland Train Manufacturing Program (QTMP) will build 65 new six-car passenger trains at a purpose-built manufacturing facility at Torbanlea on the Fraser Coast in Australia. The programme will also see the construction of a new rail facility at Ormeau in the Gold Coast region.

The QTMP will support the population and economic growth of South East Queensland, as well as Cross River Rail and the Brisbane 2032 Olympic and Paralympic Games.

As part of the project, Hyundai Rotem is responsible for all aspects of EMU supply and the need to conform to cyber security related standards and requirements such as IEC 62443 and CLC/TS 50701.

Approach

To meet the cyber security requirements of the QTMP project, Ricardo will establish a project-specific cyber security risk analysis and assessment process and support the execution of cyber security lifecycle phases in conjunction with the safety management programme.

Ricardo will also provide guidance on the various standards and specifications required to facilitate the execution of the cyber security work for Hyundai Rotem, which is new to cyber security projects. For the testing part (e.g. vulnerability assessment & penetration test), which requires independence in the delivery of cyber security consultancy services, Ricardo will leverage our partnership with NCC Group to support the client.

The work which Ricardo delivers for the QTMP Cyber Security Consulting & Assessment project includes the following activities:

System Definition Phase

Cybersecurity Management Plan Review

Preliminary Design Phase

Guide and Review Initial Risk Assessment (IRA)
- Establish an IRA strategy and method
- Review and support IRA
- Assist in responding to comments on existing IRA
- Assist to produce Zone & Conduit models and SLT

Detailed Design Phase

Conduct Detailed Risk Assessment (DRA)
- Elicit Cybersecurity Requirements
- Further assessment and Update IRA
- Assist to confirm SL-T and Zone & Conduit
- Review an applied cybersecurity design
- Maintain a traceability of cybersecurity requirements

Testing and Validation Phase

Perform a vulnerability assessment
Perform penetration testing
Conduct a cybersecurity verification and validation
Produce a cybersecurity case.

Results

With the support of Ricardo's cybersecurity experts, the client, Hyundai Rotem, will deepen its understanding of cybersecurity standards and gain hands-on experience in applying and ensuring cybersecurity for railway vehicles. Developing a challenging cybersecurity application case for QTMP, for rolling stock within Australia's national railway project, will position Hyundai Rotem favorably for future opportunities to engage in a range of international projects.

Client

Hyundai Rotem

Start and end dates

03/2024 - 12/2026

Location

Queensland, Australia

First Name *

Last Name *

Job Title *

Company *

Phone number

Email *

Message *

Consent for storing submitted data *

Yes, I give permission to store and process my data

Consent for marketing

Yes I'd like to keep up to date on Ricardo services, products and events. Your information will be stored on our secure systems, will not be shared with 3rd parties, and you can unsubscribe at any time.

Are you a robot? *

Related case studies

View all case studies

Hazardous materials training: supporting the emergency services

Read case study

Electric vehicle sustainability and efficiency research

Read case study

Cyber security uplift project for rail organisation

Read case study