The SIMATIC S7-400FH system features a unique design that is flexible, modular and redundant and which enables the assembly of extremely fault-tolerant architectures. Unlike traditional leg-based architectures, where the failure of a single component causes shutdown of an entire leg of the system, the SIMATIC S7-400FH system integrates certified safety-fieldbus technology, allowing each module to function independently of the other modules in the system.

The level of fault-tolerance can be tailored to match the needs of the application by mixing and matching single, dual and triple redundancy in the same system. As a result, the SIMATIC S7-400FH architecture tolerates multiple faults with no degradation in safety since every component of the system is certified to SIL 3.

Third-party system reliability modeling has shown that Siemens Flexible Modular Redundancy™ delivers higher levels of availability than traditional dual and triple redundant architectures. At the same time, the flexibility of the architecture allows redundancy only where it is needed, providing a more attractive and cost-effective solution than traditional one-size-fits-all architectures.

Benefits with Flexible Modular Redundancy™:
	Highest flexibility to choose the redundancy levels to fit the Safety Instrumented Function (SIF)
	Field device redundancy can be designed to achieve safety and availability goals
	I/O and field device redundancy can be matched to: - Minimize cost - Maximize availability
	Multiple fault-tolerance - Fieldbus architecture allows system to tolerate multiple faults without interruption - I/O redundancy independent of CPU redundancy
	All components rated for SIL3 - No degraded mode - Safety not dependent on redundancy