Statement by the Critical Infrastructure Association of the Slovak Republic on the Railway Communications Outage in Germany

According to media reports, trains in Germany were temporarily held at stations after a nationwide problem emerged in the digital railway radio system used for internal communication across the railway network. After the situation stabilized, operations were gradually restored through emergency procedures.

The Critical Infrastructure Association of the Slovak Republic considers this event a warning that does not concern only one operator or one country. It is a practical example of how the failure of a single technological element can affect an entire essential service.

“What happened in Germany is an important warning for Slovakia as well. Today, railways are not only about tracks, stations, and trains. Communication, control, and information systems are equally important, because safe operation cannot be ensured without them. If such a system fails, an essential service can come to a halt very quickly, even if the physical infrastructure remains undamaged. That is why we must regularly test the resilience of critical infrastructure in real-life scenarios, not only when a crisis occurs,” said Tibor Straka, President of the Critical Infrastructure Association of the Slovak Republic.

Transport is a strategic service of the state

Transport is one of the key sectors of critical infrastructure. Rail transport has a special position because it ensures the daily mobility of the population, the transport of goods, industrial logistics, and, in crisis situations, support for national defence, healthcare, supplies, and public administration.

When rail transport comes to a halt, it is not merely a matter of train delays. In the event of a larger-scale or longer-lasting incident, it may become a problem with consequences for the economy, public order, the safety of the population, and the state’s ability to provide essential services.

It is therefore necessary to view the railway as one interconnected system. Its components are not only tracks, stations, and vehicles, but also power supply, signalling, telecommunications networks, control centres, data centres, cybersecurity, service partners, supply chains, and crisis procedures.

Not every incident is an attack, but every incident tests preparedness

Publicly available information does not indicate that the outage in Germany was caused by a cyberattack. That is precisely why this case is important. Critical infrastructure must be prepared not only for deliberate attacks, but also for technical failures, update failures, configuration errors, power outages, supplier incidents, communication network failures, or human error.

For operators of critical infrastructure, the decisive question is therefore not only whether an incident was caused by an attack or by a failure. What matters is whether the organization can quickly detect the incident, limit its impact, switch to backup mode, maintain at least a necessary level of service, inform the public, and safely restore operations.

The resilience of critical infrastructure is not proven in documents. It is proven when an outage occurs.

Communication systems are part of operational safety

Systems such as GSM-R are not merely technical support for operations. In rail transport, they are elements directly linked to safety and traffic management. They are used for communication between train drivers, dispatching, and control centres. If such a system fails, the operator must act cautiously, and safety must take priority over the speed of recovery.

That is the correct principle. At the same time, however, every such outage shows how important backup communication channels, clear emergency procedures, regular exercises, and the ability to quickly inform passengers and partners really are.

Modern infrastructure is increasingly interconnected. The benefits of digitalization are significant, but they also bring new dependencies. If these dependencies are not regularly tested, they may only become apparent at the moment when the service has already been interrupted.

Lessons for Slovakia

Since 1 January 2025, Slovakia has had new legislation on critical infrastructure, which emphasizes risk management, security plans, incidents, the resilience of critical entities, and the continuity of essential services. Transport is among the sectors that require special attention.

AKI SR considers it essential that, when assessing risks in transport infrastructure, not only physical threats are thoroughly evaluated, but also technological, communication, cyber, and supplier dependencies. Critical entities must know which systems are essential for providing the service, how long they can operate without the main communication system, which backup mode is activated first, and who decides on restricting or restoring operations.

Equally important is the regular exercising of broader scenarios. It is not sufficient to prepare only for local failures. Critical infrastructure must also take into account situations in which a regional or nationwide communication layer, control centre, data connectivity, or supplier support fails.

Crisis communication is part of resilience

In incidents affecting critical infrastructure, public trust also plays a decisive role. Passengers, the media, state authorities, local and regional governments, and partners need fast, factual, and understandable information. Uncertainty during an outage often increases the societal impact of an incident more than the technical failure itself.

Crisis communication should therefore not be an add-on to technical plans. It should be a natural part of them. The operator must know what it communicates, to whom, through which channels, and at what time intervals. It must also be clear who is responsible for communication.

Resilience must be tested, not assumed

AKI SR has long emphasized that the protection of critical infrastructure cannot be merely formal. Without regular tests, audits, exercises, and practical checks, security plans remain only administrative documents.

Every critical entity should have clear answers to basic questions: which systems are essential for providing the service, what the greatest technological dependencies are, what supplier risks exist, how the backup mode works, who makes decisions in a crisis situation, how communication with the public is handled, and when the failure of a key technology was last tested in practice.

These questions are not theoretical. They are directly linked to the safety of citizens, the stability of the state, and public trust in essential services.

A shared European experience

The incident in Germany shows that even technologically advanced countries can face outages that have an immediate impact on large numbers of people. For Slovakia, it is therefore important to monitor such cases, evaluate them, and translate the lessons learned into its own practice.

The aim should not be to look for someone to blame abroad. The aim should be better preparedness at home.

The Critical Infrastructure Association of the Slovak Republic will continue to support professional cooperation between the state, critical infrastructure operators, technology suppliers, the security community, and the academic sector. The protection of critical infrastructure is a shared responsibility. It requires not only laws and strategies, but also practical preparedness, investment, testing, and an open exchange of experience.



The railway communications outage in Germany is a reminder that modern infrastructure can be very strong, but at the same time dependent on elements that the public often does not see. It is precisely these elements that must be subject to systematic protection, regular testing, and responsible management.