Route 2H is one of two Architectural constraints options made available in the standards IEC 61508-2 and IEC 61511. Route 1H . Both Route 1H and Route 2H are limitations that impose the hardware selected to implement a safety-instrumented function, regardless of the performance calculated for a subsystem.
What exactly is Route 2H ? Route 2H is an assessment of the reliability data for the entire element according to IEC 61508. It is mostly based around the historical data of a device and is based on a method that demands 90% confidence in the data. Instead of the SFF calculation, the Minimum Hardware Fault Tolerance is determined by a set of rules, and the table from IEC 61508, shown below. This table is very similar to the IEC 61511 Prior-Usejustification table.
IEC 61508 states that “If Route 2H is selected then the reliability data used when quantifying the effect of random hardware failures (see 7.4.5) shall be:
based on field feedback for equipment in use in a similar application and environment, and based on data collected in accordance with published standards (e.g., IEC 60300-3-2: or ISO 14224); and,
be evaluated according to
- the amount of field feedback; and
- the exercise of expert judgement; and when needed
- the undertake of specific tests,
in order to estimate the average and the uncertainty level (e.g., the 90% confidence interval or the probability distribution - see note 2) of each reliability parameter (e.g., failure rate) used in the calculations.”
This lets us know that it is important, when comparing historical data, it comes from similar applications and environments. Therefore, if you are running a subsea valve on a platform in the North Sea, you cannot base your failure rates from a controlled atmosphere valve nice and protected inside a plant with clean process fluid.
If you do have the well-kept and high confident data, you can reduce Architectural Constraints, using the above table, based on high confidence (90%) in the quality of the failure data. (FYI, this 90% confidence is more than just keeping records, or even a statistical analysis done to your data… 90% means a high-quality data collection system is required!)
How can you tell if a device has been evaluated per Route 2H? Easy! Just look at its certificate or SIL assessment report. They both will always list how the architectural constraints were assessed to evaluate the Random Capability.
Fun Fact: Back in the day, (pre-2010, 2nd edition) there was only the Route 1H option, referred to then only as SFF. The SFF equation was slightly different and included no effect failures ( . However, companies were “cheating” the calculation by adding in extra parts and possible no effect failures to “improve” their rating. So, when the 2nd edition of the standard was released, the SFF equation changed to no longer include no effect failures, and referred to as Route 1H, and the introduction to Route 2H began. For more info on Route 1H see here!
Related Items
Back to Basics 01 - Functional Safety
Back to Basics 02 - Safety Integrity Level (SIL)
Back to Basics 03 - Safety Instrumented Function (SIF)
Back to Basics 04 - Safety Instrumented System (SIS)
Back to Basics 05 - What is a Safety Function?
Back to Basics 07– Safety Lifecycle – IEC 61508
Back to Basics 09 – Safety Lifecycle – IEC 61511
Back to Basics 10 – How Does a Product Get a SIL?
Back to Basics 11 – How is SIL Used by an End User?
Back to Basics 12 – What is IEC 61508 Certification?
Back to Basics 13 - How Do I Start IEC 61508 Certification?
Back to Basics 14 - Systematic Capability
Back to Basics 15 - Architectural Constraints
Back to Basics 17 - PFH (Probability of dangerous Failure per Hour)
Tagged as: route 2h Route 1H Loren Stewart IEC61511 IEC61508 back to basics architecture constraints