Contact Us
Home / Glossary Terms /

Routes (1H, 2H, 1S, 2S, 3S)

Definition:
Routes define the methods of demonstrating hardware and systematic capability compliance for functional safety equipment. Different routes triggers different tables and rules within the program.
This is a notoriously confusing part of Functional Safety and IEC 61511-1.

Broadly speaking, the “H”‘s are for hardware approach and is more applicable to the facility. “S”‘s are systematic capability and are more applicable to the device manufacturer and the certification body (with exceptions!).

1H uses HFT and SFF concepts. What this really means is that this is applicable to items with diagnostics as SFF is only applicable to diagnostics.

  • 1H is the most common for new modern components. Using SFF would not be problematic.
  • 2H is typically for things with that are mechanical items with no or minimal diagnostics Imagine a rack and pinion actuator. Even if it does have some diagnostics it won’t be sufficient to capture all failure modes. So this would be a 2H path.
  • 2H is often used on legacy equipment without a SIL Certificate. For example something that predates IEC 61508.
  • 2H can be used for industry specific equipment with published field data

The “S” paths are generally for manufactures and the Certification Body (CB) doing the analysis, but at times (and confusingly) can be done by the facility if the facility.

  • A 61508 certified instrument with a SIL certificate and Safety Manual giving all the parameters needed would definitely be 1S.
  • 1S is used by the manufacturer in partnership with a CB.
  • The 2S path needs data. That can be done by a CB (and would include a SIL Certificate) or be done by the facility with a lot of leg work (without a SIL Certificate).
  • 2S uses proven in use and proven in use means route 2S.

Key Points:

  • 1H/2H: “H” is for hardware – these are hardware fault tolerance routes. This decision is typically made by the facility.
  • 1S/2S/3S: “S” is for “systematic capability” – systematic capability routes based on certification, prior use, or quality. For a component that is certified to IEC 61508, 1S is the default setting. If the SIL Certificate doesn’t state that, it is implied.

Example:
Using Route 2H requires field failure data to justify hardware capability.

See also: SIL Certificate, type, HFT, SFF, systematic capability

Cited Source:

  • IEC 61508-2:2010, Clause 7.4.4.

Glossary Catagories

Glossary Catalog

abcdefghijklmnopqrstuvwxyz
a
b
c
d
e
f
g
h
i
l
m
n
o
p
q
r
s
t
u
v
w