Monday, 04 April 2011 18:41

Safety Principles for Industrial Robots

Rate this item
(11 votes)

Industrial robots are found throughout industry wherever high productivity demands must be met. The use of robots, however, requires design, application and implementation of the appropriate safety controls in order to avoid creating hazards to production personnel, programmers, maintenance specialists and system engineers.

Why Are Industrial Robots Dangerous?

One definition of robots is “moving automatic machines that are freely programmable and are able to operate with little or no human interface”. These types of machines are currently used in a wide variety of applications throughout industry and medicine, including training. Industrial robots are being increasingly used for key functions, such as new manufacturing strategies (CIM, JIT, lean production and so on) in complex installations. Their number and breadth of applications and the complexity of the equipment and installations result in hazards such as the following:

  • movements and sequences of movements that are almost impossible to follow, as the robot’s high-speed movements within its radius of action often overlap with those of other machines and equipment
  • release of energy caused by flying parts or beams of energy such as those emitted by lasers or by water jets
  • free programmability in terms of direction and speed
  • susceptibility to influence by external errors (e.g., electromagnetic compatibility)
  • human factors.

 

Investigations in Japan indicate that more than 50% of working accidents with robots can be attributed to faults in the electronic circuits of the control system. In the same investigations, “human error” was responsible for less than 20%. The logical conclusion of this finding is that hazards which are caused by system faults cannot be avoided by behavioural measures taken by human beings. Designers and operators therefore need to provide and implement technical safety measures (see figure 1).

Figure 1. Special operating control system for the setting up of a mobile welding robot

ACC270F3

Accidents and Operating Modes

Fatal accidents involving industrial robots began to occur in the early 1980s. Statistics and investigations indicate that the majority of incidents and accidents do not take place in normal operation (automatic fulfilment of the assignment concerned). When working with industrial robot machines and installations, there is an emphasis on special operation modes such as commissioning, setting up, programming, test runs, checks, troubleshooting or maintenance. In these operating modes, persons are usually in a danger zone. The safety concept must protect personnel from negative events in these types of situations.

International Safety Requirements

The 1989 EEC Machinery Directive (89/392/EEC (see the article “Safety principles for CNC machine tools” in this chapter and elsewhere in this Encyclopaedia)) establishes the principal safety and health requirements for machines. A machine is considered to be the sum total of interlinked parts or devices, of which at least one part or device can move and correspondingly has a function. Where industrial robots are concerned, it must be noted that the entire system, not just one single piece of equipment on the machine, must meet the safety requirements and be fitted with the appropriate safety devices. Hazard analysis and risk assessment are suitable methods of determining whether these requirements have been satisfied (see figure 2).

Figure 2. Block diagram for a personnel security system

ACC270F2

Requirements and Safety Measures in Normal Operation

The use of robot technology places maximum demands on hazard analysis, risk assessment and safety concepts. For this reason, the following examples and suggestions can serve only as guidelines:

1. Given the safety goal that manual or physical access to hazardous areas involving automatic movements must be prevented, suggested solutions include the following:

  • Prevent manual or physical access into danger zones by means of mechanical barriers.
  • Use safety devices of the sort which respond when approached (light barriers, safety mats), and take care to switch off machinery safely when accessed or entered.
  • Permit manual or physical access only when the entire system is in a safe state. For example, this can be achieved by the use of interlocking devices with closure mechanisms on the access doors.

 

2. Given the safety goal that no person may be injured as a result of the release of energy (flying parts or beams of energy), suggested solutions include:

  • Design should prevent any release of energy (e.g., correspondingly dimensioned connections, passive gripper interlocking devices for gripper change mechanisms, etc.).
  • Prevent the release of energy from the danger zone, for example, by a correspondingly dimensioned safety hood.

 

3. The interfaces between normal operation and special operation (e.g., door interlocking devices, light barriers, safety mats) are necessary to enable the safety control system to automatically recognize the presence of personnel.

Demands and Safety Measures in Special Operation Modes

Certain special operation modes (e.g., setting up, programming) on an industrial robot require movements which must be assessed directly at the site of operation. The relevant safety goal is that no movements may endanger the persons involved. The movements should be

  • only of the scheduled style and speed
  • prolonged only as long as instructed
  • those which may be performed only if it can be guaranteed that no parts of the human body are in the danger zone.

 

A suggested solution to this goal could involve the use of special operating control systems which permit only controllable and manageable movements using acknowledgeable controls. The speed of movements is thus safely reduced (energy reduction by the connection of an isolation transformer or the use of fail-safe state monitoring equipment) and the safe condition is acknowledged before the control is allowed to activate (see figure 3).

Figure 3. Six-axis industrial robot in a safety cage with material gates

ACC270F1

Demands on Safety Control Systems

One of the features of a safety control system must be that the required safety function is guaranteed to work whenever any faults arise. Industrial robot machines should be almost instantaneously directed from a hazardous state to a safe state. Safety control measures needed to achieve this include the following safety goals:

  • A fault in the safety control system may not trigger off a hazardous state.
  • A fault in the safety control system must be identified (immediately or at intervals).

Suggested solutions to providing reliable safety control systems would be:

  • redundant and diverse layout of electro-mechanical control systems including test circuits
  • redundant and diverse set-up of microprocessor control systems developed by different teams. This modern approach is considered to be state-of-the-art; for example, those complete with safety light barriers.

 

Safety Goals for the Construction and Use of Industrial Robots.

When industrial robots are built and used, both manufacturers as well as users are required to install state-of-the-art safety controls. Apart from the aspect of legal responsibility, there may also be a moral obligation to ensure that robot technology is also a safe technology.

Normal operation mode

The following safety conditions should be provided when robot machines are operating in the normal mode:

  • The field of movement of the robot and the processing areas used by peripheral equipment must be secured in such a way as to prevent manual or physical access by persons to areas which are hazardous as a result of automatic movements.
  • Protection should be provided so that flying workpieces or tools are not allowed to cause damage.
  • No persons must be injured by parts, tools or workpieces ejected by the robot or by the release of energy, due to faulty gripper(s), gripper power failure, inadmissible speed, collision(s) or faulty workpiece(s).
  • No persons may be injured by the release of energy or by parts ejected by peripheral equipment.
  • Feed and removal apertures must be designed to prevent manual or physical access to areas which are hazardous as a result of automatic movements. This condition must also be fulfilled when production material is removed. If production material is fed to the robot automatically, no hazardous areas may be created by feed and removal apertures and the moving production material.

 

Special operation modes

The following safety conditions should be provided when robot machines are operating in special modes:

The following must be prevented during rectification of a breakdown in the production process:

  • manual or physical access to areas which are hazardous due to automatic movements by the robot or by peripheral equipment
  • hazards which arise from faulty behaviour on the part of the system or from inadmissible command input if persons or parts of the body are in the area exposed to hazardous movements
  • hazardous movements or conditions initiated by the movement or removal of production material or waste products
  • injuries caused by peripheral equipment
  • movements that have to be carried out with the safety guard(s) for normal operation removed, to be carried out only within the operational scope and speed, and only as long as instructed. Additionally, no person(s) or parts of the body may be present in the area at risk.

 

The following safe conditions should be assured during set up:

No hazardous movements may be initiated as a result of a faulty command or incorrect command input.

  • The replacement of robot machine or peripheral parts must not initiate any hazardous movements or conditions.
  • If movements have to be carried out with the safety guard(s) for normal operation removed when conducting setting-up operations, such movements may be carried out only within the directed scope and speed and only as long as instructed. Additionally, no person(s) or parts of the body may be present in the area at risk.
  • During setting-up operations, the peripheral equipment must not make any hazardous movements or initiate any hazardous conditions.

 

During programming, the following safety conditions are applicable:

  • Manual or physical access to areas which are hazardous due to automatic movements must be prevented.
  • If movements are carried out with the safety guard(s) for normal operation removed, the following conditions must be fulfilled:
  • (a)Only the command to move may be carried out, and only for as long as it is issued.
  • (b)Only controllable movements may be carried out (i.e., they must be clearly visible, low-speed movements).
  • (c)Movements may be initiated only if they do not constitute a hazard to the programmer or other persons.
  • Peripheral equipment must not represent a hazard to the programmer or other persons.

 

Safe test operations require the following precautions:

Prevent manual or physical access to areas which are hazardous due to automatic movements.

  • Peripheral equipment must not be a source of danger.

 

When inspecting robot machines, safe procedures include the following:

  • If it is necessary to enter the robot’s field of movement for inspection purposes, this is permissible only if the system is in a safe state.
  • Hazards caused by faulty behaviour on the part of the system or by inadmissible command input must be prevented.
  • Peripheral equipment must not be a source of danger to inspection personnel.

 

Troubleshooting often requires starting the robot machine while it is in a potentially hazardous condition, and special safe work procedures such as the following should be implemented:

  • Access to areas which are hazardous as a result of automatic movements must be prevented.
  • The starting up of a drive unit as a result of a faulty command or false command input must be prevented.
  • In handling a defective part, all movements on the part of the robot must be prevented.
  • Injuries caused by machine parts which are ejected or fall off must be prevented.
  • If, during troubleshooting, movements have to be carried out with the safety guard(s) for normal operation removed, such movements may be carried out only within the scope and speed laid down and only as long as instructed. Additionally, no person(s) or parts of the body may be present in the area at risk.
  • Injuries caused by peripheral equipment must be prevented.

 

Remedying a fault and maintenance work also may require start-up while the machine is in an unsafe condition, and therefore require the following precautions:

  • The robot must not be able to start up.
  • The handling of various machine parts, either manually or with ancillary equipment, must be possible without risk of exposure to hazards.
  • It must not be possible to touch parts that are “live”.
  • Injuries caused by the escape of liquid or gaseous media must be prevented.
  • Injuries caused by peripheral equipment must be prevented.

 

Back

Read 21657 times Last modified on Saturday, 20 August 2011 17:58
Published in 58. Safety Applications
More in this category: « Safety Principles for CNC Machine Tools Electrical, Electronic and Programmable Electronic Safety-Related Control Systems »
back to top

" DISCLAIMER: The ILO does not take responsibility for content presented on this web portal that is presented in any language other than English, which is the language used for the initial production and peer-review of original content. Certain statistics have not been updated since the production of the 4th edition of the Encyclopaedia (1998)."

Contents

Safety Applications References

Arteau, J, A Lan, and J-F Corveil. 1994. Use of Horizontal Lifelines in Structural Steel Erection. Proceedings of the International Fall Protection Symposium, San Diego, California (October 27–28, 1994). Toronto: International Society for Fall Protection.

Backström, T. 1996. Accident risk and safety protection in automated production. Doctoral thesis. Arbete och Hälsa 1996:7. Solna: National Institute for Working Life.

Backström, T and L Harms-Ringdahl. 1984. A statistical study of control systems and accidents at work. J Occup Acc. 6:201–210.

Backström, T and M Döös. 1994. Technical defects behind accidents in automated production. In Advances in Agile Manufacturing, edited by PT Kidd and W Karwowski. Amsterdam: IOS Press.

—. 1995. A comparison of occupational accidents in industries with of advanced manufacturing technology. Int J Hum Factors Manufac. 5(3). 267–282.

—. In press. The technical genesis of machine failures leading to occupational accidents. Int J Ind Ergonomics.

—. Accepted for publication. Absolute and relative frequencies of automation accidents at different kinds of equipment and for different occupational groups. J Saf Res.

Bainbridge, L. 1983. Ironies of automation. Automatica 19:775–779.

Bell, R and D Reinert. 1992. Risk and system integrity concepts for safety related control systems. Saf Sci 15:283–308.

Bouchard, P. 1991. Échafaudages. Guide série 4. Montreal: CSST.

Bureau of National Affairs. 1975. Occupational Safety and Health Standards. Roll-over Protective Structures for Material Handling Equipment and Tractors, Sections 1926, 1928. Washington, DC: Bureau of National Affairs.

Corbett, JM. 1988. Ergonomics in the development of human-centred AMT. Applied Ergonomics 19:35–39.

Culver, C and C Connolly. 1994. Prevent fatal falls in construction. Saf Health September 1994:72–75.

Deutsche Industrie Normen (DIN). 1990. Grundsätze für Rechner in Systemen mit Sicherheitsauffgaben. DIN V VDE 0801. Berlin: Beuth Verlag.

—. 1994. Grundsätze für Rechner in Systemen mit Sicherheitsauffgaben Änderung A 1. DIN V VDE 0801/A1. Berlin: Beuth Verlag.

—. 1995a. Sicherheit von Maschinen—Druckempfindliche Schutzeinrichtungen [Machine safety—Pressure-sensitive protective equipment]. DIN prEN 1760. Berlin: Beuth Verlag.

—. 1995b. Rangier-Warneinrichtungen—Anforderungen und Prüfung [Commercial vehicles—obstacle detection during reversing—requirements and tests]. DIN-Norm 75031. February 1995.

Döös, M and T Backström. 1993. Description of accidents in automated materials handling. In Ergonomics of Materials Handling and Information Processing at Work, edited by WS Marras, W Karwowski, JL Smith, and L Pacholski. Warsaw: Taylor and Francis.

—. 1994. Production disturbances as an accident risk. In Advances in Agile Manufacturing, edited by PT Kidd and W Karwowski. Amsterdam: IOS Press.

European Economic Community (EEC). 1974, 1977, 1979, 1982, 1987. Council Directives on Rollover Protection Structures of Wheeled Agricultural and Forestry Tractors. Brussels: EEC.

—. 1991. Council Directive on the Approximation of the Laws of the Member States relating to Machinery. (91/368/EEC) Luxembourg: EEC.

Etherton, JR and ML Myers. 1990. Machine safety research at NIOSH and future directions. Int J Ind Erg 6:163–174.

Freund, E, F Dierks and J Roßmann. 1993. Unterschungen zum Arbeitsschutz bei Mobilen Rototern und Mehrrobotersystemen [Occupational safety tests of mobile robots and multiple robot systems]. Dortmund: Schriftenreihe der Bundesanstalt für Arbeitsschutz.

Goble, W. 1992. Evaluating Control System Reliability. New York: Instrument Society of America.

Goodstein, LP, HB Anderson and SE Olsen (eds.). 1988. Tasks, Errors and Mental Models. London: Taylor and Francis.

Gryfe, CI. 1988. Causes and prevention of falling. In International Fall Protection Symposium. Orlando: International Society for Fall Protection.

Health and Safety Executive. 1989. Health and safety statistics 1986–87. Employ Gaz 97(2).

Heinrich, HW, D Peterson and N Roos. 1980. Industrial Accident Prevention. 5th edn. New York: McGraw-Hill.

Hollnagel, E, and D Woods. 1983. Cognitive systems engineering: New wine in new bottles. Int J Man Machine Stud 18:583–600.

Hölscher, H and J Rader. 1984. Mikrocomputer in der Sicherheitstechnik. Rheinland: Verlag TgV-Reinland.

Hörte, S-Å and P Lindberg. 1989. Diffusion and Implementation of Advanced Manufacturing Technologies in Sweden. Working paper No. 198:16. Institute of Innovation and Technology.

International Electrotechnical Commission (IEC). 1992. 122 Draft Standard: Software for Computers in the Application of Industrial Safety-related Systems. IEC 65 (Sec). Geneva: IEC.

—. 1993. 123 Draft Standard: Functional Safety of Electrical/Electronic/Programmable Electronic Systems; Generic Aspects. Part 1, General requirements Geneva: IEC.

International Labour Organization (ILO). 1965. Safety & Health in Agricultural Work. Geneva: ILO.

—. 1969. Safety and Health in Forestry Work. Geneva: ILO.

—. 1976. Safe Construction and Operation of Tractors. An ILO Code of Practice. Geneva: ILO.

International Organization for Standardization (ISO). 1981. Agricultural and Forestry Wheeled Tractors. Protective Structures. Static Test Method and Acceptance Conditions. ISO 5700. Geneva: ISO.

—. 1990. Quality Management and Quality Assurance Standards: Guidelines for the Application of ISO 9001 to the Development, Supply and Maintenance of Software. ISO 9000-3. Geneva: ISO.

—. 1991. Industrial Automation Systems—Safety of Integrated Manufacturing Systems—Basic Requirements (CD 11161). TC 184/WG 4. Geneva: ISO.

—. 1994. Commercial Vehicles—Obstacle Detection Device during Reversing—Requirements and Tests. Technical Report TR 12155. Geneva: ISO.

Johnson, B. 1989. Design and Analysis of Fault Tolerant Digital Systems. New York: Addison Wesley.

Kidd, P. 1994. Skill-based automated manufacturing. In Organization and Management of Advanced Manufacturing Systems, edited by W Karwowski and G Salvendy. New York: Wiley.

Knowlton, RE. 1986. An Introduction to Hazard and Operability Studies: The Guide Word Approach. Vancouver, BC: Chemetics.

Kuivanen, R. 1990. The impact on safety of disturbances in flexible manufacturing systems. In Ergonomics of Hybrid Automated Systems II, edited by W Karwowski and M Rahimi. Amsterdam: Elsevier.

Laeser, RP, WI McLaughlin and DM Wolff. 1987. Fernsteurerung und Fehlerkontrolle von Voyager 2. Spektrum der Wissenshaft (1):S. 60–70.

Lan, A, J Arteau and J-F Corbeil. 1994. Protection Against Falls from Above-ground Billboards. International Fall Protection Symposium, San Diego, California, October 27–28, 1994. Proceedings International Society for Fall Protection.

Langer, HJ and W Kurfürst. 1985. Einsatz von Sensoren zur Absicherung des Rückraumes von Großfahrzeugen [Using sensors to secure the area behind large vehicles]. FB 605. Dortmund: Schriftenreihe der bundesanstalt für Arbeitsschutz.

Levenson, NG. 1986. Software safety: Why, what, and how. ACM Computer Surveys (2):S. 129–163.

McManus, TN. N.d. Confined Spaces. Manuscript.

Microsonic GmbH. 1996. Company communication. Dortmund, Germany: Microsonic.

Mester, U, T Herwig, G Dönges, B Brodbeck, HD Bredow, M Behrens and U Ahrens. 1980. Gefahrenschutz durch passive Infrarot-Sensoren (II) [Protection against hazards by infrared sensors]. FB 243. Dortmund: Schriftenreihe der bundesanstalt für Arbeitsschutz.

Mohan, D and R Patel. 1992. Design of safer agricultural equipment: Application of ergonomics and epidemiology. Int J Ind Erg 10:301–310.

National Fire Protection Association (NFPA). 1993. NFPA 306: Control of Gas Hazards on Vessels. Quincy, MA: NFPA.

National Institute for Occupational Safety and Health (NIOSH). 1994. Worker Deaths in Confined Spaces. Cincinnati, OH, US: DHHS/PHS/CDCP/NIOSH Pub. No. 94-103. NIOSH.

Neumann, PG. 1987. The N best (or worst) computer-related risk cases. IEEE T Syst Man Cyb. New York: S.11–13.

—. 1994. Illustrative risks to the public in the use of computer systems and related technologies. Software Engin Notes SIGSOFT 19, No. 1:16–29.

Occupational Safety and Health Administration (OSHA). 1988. Selected Occupational Fatalities Related to Welding and Cutting as Found in Reports of OSHA Fatality/Catastrophe Investigations. Washington, DC: OSHA.

Organization for Economic Cooperation and Development (OECD). 1987. Standard Codes for the Official Testing of Agricultural Tractors. Paris: OECD.

Organisme professionel de prévention du bâtiment et des travaux publics (OPPBTP). 1984. Les équipements individuels de protection contre les chutes de hauteur. Boulogne-Bilancourt, France: OPPBTP.

Rasmussen, J. 1983. Skills, rules and knowledge: Agenda, signs and symbols, and other distinctions in human performance models. IEEE Transactions on Systems, Man and Cybernetics. SMC13(3): 257–266.

Reason, J. 1990. Human Error. New York: Cambridge University Press.

Reese, CD and GR Mills. 1986. Trauma epidemiology of confined space fatalities and its application to intervention/prevention now. In The Changing Nature of Work and Workforce. Cincinnati, OH: NIOSH.

Reinert, D and G Reuss. 1991. Sicherheitstechnische Beurteilung und Prüfung mikroprozessorgesteuerter
Sicherheitseinrichtungen. In BIA-Handbuch. Sicherheitstechnisches Informations-und Arbeitsblatt 310222. Bielefeld: Erich Schmidt Verlag.

Society of Automotive Engineers (SAE). 1974. Operator Protection for Industrial Equipment. SAE Standard j1042. Warrendale, USA: SAE.

—. 1975. Performance Criteria for Rollover Protection. SAE Recommended Practice. SAE standard j1040a. Warrendale, USA: SAE.

Schreiber, P. 1990. Entwicklungsstand bei Rückraumwarneinrichtungen [State of developments for rear area warning devices]. Technische Überwachung, Nr. 4, April, S. 161.

Schreiber, P and K Kuhn. 1995. Informationstechnologie in der Fertigungstechnik [Information technology in production technique, series of the Federal Institute for Occupational Safety and Health]. FB 717. Dortmund: Schriftenreihe der bundesanstalt für Arbeitsschutz.

Sheridan, T. 1987. Supervisory control. In Handbook of Human Factors, edited by G. Salvendy. New York: Wiley.

Springfeldt, B. 1993. Effects of Occupational Safety Rules and Measures with Special Regard to Injuries. Advantages of Automatically Working Solutions. Stockholm: The Royal Institute of Technology, Department of Work Science.

Sugimoto, N. 1987. Subjects and problems of robot safety technology. In Occupational Safety and Health in Automation and Robotics, edited by K Noto. London: Taylor & Francis. 175.

Sulowski, AC (ed.). 1991. Fundamentals of Fall Protection. Toronto, Canada: International Society for Fall Protection.

Wehner, T. 1992. Sicherheit als Fehlerfreundlichkeit. Opladen: Westdeutscher Verlag.

Zimolong, B, and L Duda. 1992. Human error reduction strategies in advanced manufacturing systems. In Human-robot Interaction, edited by M Rahimi and W Karwowski. London: Taylor & Francis.