Case Study: Hyundai Rotem achieves compliant and secure digital transformation with NCC Group

Achieving Regulatory Compliance and Securing Digital Transformation for the Queensland Train Manufacturing Program (QTMP)

Hyundai Rotem, delivering the rolling stock component of Queensland’s Train Manufacturing Program (QTMP), needed to prove end-to-end cyber security compliance for a major new rail program. The challenge involved complex multi-phase delivery, new manufacturing and maintenance facilities, and strict alignment with IEC 62443 and CLC/TS 50701 standards across onboard and operational systems. NCC Group was engaged as the specialist cyber security partner to support these requirements.

NCC Group implemented a full cyber security lifecycle program covering system definition, risk assessments, design reviews, zone and conduit modeling, testing, and validation, plus cyber security and safety case development. NCC Group also provided vulnerability assessment, penetration testing, independent verification, and knowledge transfer alongside Downer Group. As a result, Hyundai Rotem and QTMP achieved regulatory compliance with a traceable audit trail, strengthened cyber-secure design and controls, and built lasting internal cyber capability—helping set a benchmark for future rail programs in Australia.

Hyundai Rotem