Robotic safety: What you don’t know

With robotic safety, what you don’t know CAN hurt you. Get what you need to know about robotic safety, terms, and standards affecting robotic implementations. See knowledge and references below from a robotic safety class.

By Mark T. Hoske May 15, 2017

With robotic safety, the adage, "What you don’t know won’t hurt you" doesn’t apply, which is why the Robotic Industries Association (RIA) continues to teach about applicable robotic safety standards and risk mitigation strategies. At the A3 Business Forum in January, Jeff Fryman, RIA director emeritus of standards development, offered a day-long "Robot Safety Standard (R15.06 2012) & Robot Risk Assessment Training Seminar."

Complying with existing standards and guidelines, training, documentation, and using experts, like Certified Robotic Integrators—which RIA offers—are among Fryman’s suggestions for reducing risk and staying safe.

In 2016, Fryman gave similar training 33 times. Education is particularly relevant, even as the update cycle for R15.06 has begun, with possible completion in 2018 or 2019, Fryman said. The committee can target a one, two, or three-year update timeline.

A recently available technical report (TR) offers the U.S. national standard version of the TR606 technical specification for collaborative robots.

Note about standards: TRs are voluntary, meaning a TR shall not use "shall" in its language, staying only with advice, using the word "should," instead, Fryman said. That specification is expected to be updated in a future international standard for collaborative robotics. 

Unified robotic safety standards

Fryman has been involved as chair to the international robotic safety and secretary to the U.S. national committee and is among those who advocated and helped unify national and international robotic safety standards, which simplifies compliance. He is among the RIA trainers for robotic safety, drawing on the 2012 R15.06 standard, three technical reports written since the 2012 standard, and his experiences. Information Fryman offered in the January class includes the information below. 

International robotics standard

The Canadian standard is interchangeable with the U.S. standard, with some cleanup edits offered two years after the U.S. standard’s release.

Importantly, U.S. and international safety experts worked on ISO 10218-1 and -2 of 2011, two parts legally required in Europe. Part 1 is harmonized; by law, original equipment manufacturers must produce a safe machine. The U.S. adopted Part 1 and Part 2 of the ISO standard; R15.06 2012 fully incorporates both parts of the international standard, with introduction and bibliography; "national deviations" are limited to spelling and formatting only. The standards speak to the supply chain and do not tell users how to run robots or even how to turn them on. Canada did add value by offering user-directed information in annexes to its standard rather than in separate technical reports like in the U.S. version.

Machine builders know that if they’re producing a machine for use in the EU, documentation must use ISO and IEC references, rather than U.S. or Canadian references. 

Must do a risk assessment

Those familiar with the R15.06 robot safety standard from 1999 will recognize that a major change in the 2012 standard includes the need for a risk assessment for robot safety. Previously an option, a risk assessment is now required. It’s mentioned in clause 4 in parts 1 and 2. Any task-based methodology will do, but the TR R15.306 from the 1999 standard will work. In the standard, Table 2 provides a risk level decision matrix.

Control reliability is a term used in North America and refers to the steps needed to make something unreliable into something reliable. In Europe, categories have been used instead. Control reliable is understood as greater than Category 3 and less than Category 4.

Functional Safety language in the international standard overlays "Performance Level d" (PLd) with "Structure Category 3."

Why were the changes made? Control reliable is only a concept and cannot be quantified. ISO 13849-1 provides performance metrics. Math formula proves level requirement with a look up chart. A controls engineer can prove requirements are met. Related terms are functional safety, Performance Level (PL) and category. 

Robotic safety responsibilities

Stakeholders are identified in the R15.06 standards. Part 1 talks to robot manufacturers. Part 2 talks to the rest of supply chain, integrators, consultants, installers and suppliers. But, the user is ultimately responsible for the safety of industrial robot installations. User stakeholder responsibilities:

  • Information for use (ensure safeguards are in place and are used, and training and safe work practices are in place)
  • Compliance with all codes and regulations (such as OSHA lockout/tagout)
  • Risk assessment: Participation in risk assessment and maintenance of related risk-assessment documentation.

Do these things early in the process. By waiting until delivery of the robot or machine, it’s often only possible to enclose the robot or system with safeguards. Often it’s easier to design hazards out. Note that if a user makes modifications, the user qualifies as a system integrator and is responsible for Part 2 of the standard. See the related table about the hierarchy of safeguarding controls. 

Robot safety retrofits

While R15.06 began in 1986, those involved often ask if older robots or systems require compliance. A robot and system should be compliant with the standard in effect on the date of manufacture. New robots should comply with the latest R15.06 or ISO 10218-1:2011 standard.

Rebuilt robots, if equal to their original configuration, should comply with the standard in effect on the date of manufacture.

A remanufactured robot with a new configuration should comply with the new standard, including if the robot gets a new controller. (A software upgrade doesn’t count.)

A moved robot system or cell must comply at least with the 1999 standard. TR R15.506 provides guidance and includes a flow chart of circumstances. It is possible to have a fully compliant 1999 standard robot without a risk assessment, but for compliance to the 2012 standard, a minimum risk assessment must be performed as outlined.

OSHA General Duty Clause requires employers to provide a safe workplace. OSHA looks if industry standards exist, such as R15.06, and others.

Language in standards is important. For instance, R15.06 is written in ISO English, which might not be the words many people normally would use. English is not precise, but ISO English is, which is important, because France and Germany use one word for safety and security. 

Understanding robot standards

To help in understanding standards, know that:

  • American National Standard Institute (ANSI) is voluntary
  • Normative means shall
  • Informative means should
  • Notes are generally explanatory
  • Statements and permission differ. Can means there’s a possibility. May is permissive.

According to the standard, what qualifies as an industrial robot requires answering five bullet points affirmatively. If any answer is no, it might be useful to use R15.06 anyway, which helps for any highly automated machine, although other standards may apply. An industrial robot:

  • Is automatically controlled
  • Has a reprogrammable multipurpose manipulator
  • Is programmable in three or more axes…
  • …which can be either fixed in place or mobile
  • Is for use in industrial automation applications.

If an OSHA compliance officer gives a citation for an automated guided vehicle (AGV), apologize then go to an administrative law judge and explain this is not a robot because it doesn’t meet all five points and the standard does not apply. Always be nice to OSHA compliance officers.

An industrial robot system is an industrial robot; end effector(s); and any machinery, equipment, devices, external auxiliary axes or sensors. The system supports the robot in performing its tasks. An industrial robot cell is one or more robotic system, including associated machinery and equipment and the associated safeguarded space and protective measures.

More definitions include maximum space (which can be swept by a robot and end effector), restricted space, operating space, and safeguarded space. 

Robot safety help

Robot Risk Assessment Software V7.0, is available from RIA via the Robot Safety Center. RIA’s site provides related news and information by category, including an "Ask the experts" section, with opinions rather than interpretations of standards.

The R15 Standards Approval Committee includes more than safety (R15.06). Sections are:

  1. Electrical Interface
  2. Human Interface
  3. Mechanical Interface
  4. Communication/information
  5. Performance
  6. Safety 
  7. Simulation and off-line programming
  8. Mobile industrial robots.

Related activities include: ASC T15 Intelligent Assist Devices, ASC B11 Machine Tools, Z244 Committee on Lockout/Tagout, UL1740 Standards Technical Panel, D16 Robotic Welding, CSA Z434 Robot Safety Committee, CSA Z460 Control of Hazardous Energy, and ISO TC 299 WG3 Industrial Safety.

Working groups (WG) for ISO TC 299—Robotics are WG1 Vocabulary and Characteristics (ISO 8373), WG2 Personal Care Safety (ISO 13482), WG3 Industrial Safety (ISO 10218, ISO/TS 15066), WG4 Service Robots, JWG5 IEC/SC 62 A&D Medical Robot Safety, and WG6 Service Modularity. Committees are open to anyone with a "direct and material interest."

Review of R15.06 is likely to start later this year, with possible revision in 2019. The RIA Robot Safety Conference is Oct. 10-12 in Pittsburgh.

More information about robotic risk assessment

Doing a robotic risk assessment is required to follow the Robot Safety Standard (R150.06-2012), explained Fryman, as part of a day-long "Robot Safety Standard (R15.06 2012) & Robot Risk Assessment Training Seminar."

A risk assessment shall give particular consideration to intended operations at the robot, including:

  • Teaching, maintenance, setting and cleaning
  • Unexpected start-up
  • Access by personnel from all directions
  • Effect of failure in the control system
  • Hazards associated with the specific robot application (where necessary).

Risks shall be eliminated or reduced first by design or by substitution, then by safeguarding and other complementary measures. Residual risk then shall be reduced by other measures (warnings, signs, training, and requirements in Clause 5 derive from the iterative process consisting of applying safeguarding measures to the list of hazards in Annex A that can be present with robots). Clause 5 includes design requirements and protective measures.

The standard further covers safety-related control system performance, functional safety, robot stopping functions, sources of energy and energy control, actuating controls, single point of control, speed control, reduced speed, optional speed controls, operational modes, pendant controls, and singularity protection, among other areas.

See RIA’s Robot Safety Standard and Robot safety training (which includes a copy of the standard and summary training slides).

Also see the Control Engineering robotics page. https://www.controleng.com/discrete-manufacturing/robotics.htm

Mark T. Hoske is content manager, CFE Media, Control Engineering, mhoske@cfemedia.com. The RIA is a part of the Association for Advancing Automation (A3), a CFE Media content partner.

MORE ADVICE

Key concepts

  • Robot Safety Standard (R15.06 2012) is a unified international standard.
  • It requires a risk assessment, unlike the 1999 version in which it was optional.
  • Language, terms, and training aid understanding of robotic safety.

Consider this

If time or money is preventing creation of a low-risk safety culture, have you calculated the all the costs related to a major injury accident?

ONLINE extra

This online article includes more embedded links and more information.


Author Bio: Mark Hoske has been Control Engineering editor/content manager since 1994 and in a leadership role since 1999, covering all major areas: control systems, networking and information systems, control equipment and energy, and system integration, everything that comprises or facilitates the control loop. He has been writing about technology since 1987, writing professionally since 1982, and has a Bachelor of Science in Journalism degree from UW-Madison.