Safety for Collaborative Robots


In recent times there has been a strong growth in the use of robots in Australian manufacturing, thus why collaborative robots is currently a hot topic. These robots are designed to operate in cooperation with humans, which presents some new safety considerations compared to traditional robots that operate behind a safety fence. There is a new Australian Standard, AS 4024.3303:2017, which provides guidance on the process involved to ensure your collaborative robot doesn't pose a threat to its human work colleagues.

A risk assessment must be carried out to determine if a collaborative robot is suitable for the application. This should also include determining the collaborative workspace of the robot and estimating the risk of the hazards so the appropriate risk reduction measures can be applied.

The collaborative workspace is the area where the robot and human co-inhabit during normal operation, see Figure 1 below.
Fig. 1 - The Collaborative Workspace
To reduce the risk associated with robots and humans working in this collaborative workspace one or more of the following methods can be utilised.


Safety-rated Monitored Stop

This method may be used to provide access for the operator to perform tasks, such as loading a part into the end effector. In this method, the robot will move to the collaborative workspace and perform a safety stop. This allows the operator to enter the collaborative workspace and perform their task. Once the operator is out of the collaborative area, the robot can resume normal operation. If the operator enters the collaborative workspace, when the robot is moving in the collaborative workspace, the robot will perform a safety stop and need to be manually reset.

The robot system must be able to detect the presence of an operator inside the collaborative workspace. The size of the collaborative workspace must be determined to take into consideration the speed of the robot, the reaction time of the robot, stopping time of the robot, speed of human movement and resolution of the system used to detect the presence of the operator.


Hand Guiding

This method works similar to the "Safety-rated monitored stop" however, once the operator is inside the collaborative workspace, they can operate the robot with a hand guiding device. This allows the operator to manually control the robot in close proximity for detailed tasks. When the robot is manually controlled, it will perform its movements at a controlled speed deemed acceptable from a risk assessment. If the operator releases the hand guiding device, the robot will stop and when the operator has left the collaborative workspace, the robot can resume normal operation.


Speed and Separation

In this method, the robot and operator can work at the same time in the collaborative workspace. The robot maintains a protective separation distance from the operator. If the distance between the operator and robot becomes less than the protective separation distance the robot will stop.

The speed of the robot must be monitored because the protective separation distance is reliant on the speed of the robot. The protective separation distance is also reliant on the on the robot’s reaction time and the accuracy/resolution of the system used to detect the distance of the operator.

The robot may change its speed depending on the position of the operator to reduce the protective separation distance or the robot may use alternative paths that ensure the protective separation distance is maintained.


Power and Force Limiting

In this method, the robot and operator can work at the same time in the collaborative workspace and contact between the operator and robot can occur. The energy and force of these collisions are limited below an established threshold limit. A risk assessment process is used in conjunction with data from Annex A of the standard, to determine the suitable energy and force thresholds for the tasks to be performed.

The robot keeps energy and force of contact below the threshold by:

  • Increasing contact surface areas; rounded edges, smoothed edges, etc.
  • Absorbing energy; using padding/cushioning, deformable components, etc.
  • Limiting forces, speed
  • Using sensors to anticipate collisions 

When considering a collaborative robot, it is essential that a risk assessment process is conducted to understand the risks associated with the application. With the use of the new standard, AS 4024.3303:2017, the appropriate collaborative methods can be selected. The standard also provides guidance, on what safety features the robot requires for each collaborative method.


Posted by No comments:
Labels: , , , , , , , , ,
Location: Australia

Published: 25 July 2017

How do I validate my Safety System?


The most common step that is not performed or performed incorrectly when implementing a safety system is validation. This step is essential to confirm the specification and conformity of the safety system, however many people are unsure how to validate or don't even consider performing a validation.

Here are some common mistakes made with validation:

No Specification

You can’t validate an unspecified safety system, thus if there is no specification document then what are you validating?

The specification document has two purposes:
  1. It provides a framework for the system to be designed
  2. It provides a specification to validate

The specification should explain the following:
  1. The functional behaviour of the safety system - For example if the system is an E-Stop the specification should explain; how the E-Stop is initiated, what hazardous movements are inhibited by the E-Stop, what Stop Category is performed, how quickly are these movements inhibited, how is the system reset to allow machine operation to continue, etc.
  2. Operational and environmental conditions
  3. Integrity Requirements - What is the level of risk reduction required by the safety system? This can be measured by a required Safety Category (CAT), Performance Level (PL) or Safety Integrity Level (SIL)
Once the Specification exists then the system can be validated according to its functional, environmental and integrity requirements.

Only Normal Operation of Safety System is Tested

It is common for validation to be performed on a safety system with no fault simulation testing.

For example, if validating an E-Stop the machine is started under its maximum expected operational load and the E-Stop hit. The safety function is validated by confirming the hazardous movements have been ceased in the required time according to the specification and the machine can’t be restarted until the E-Stop operator is manually reset.

The above validation may prove the functional behaviour of the E-Stop but many safety systems also require fault simulation to validate their integrity requirement. If the above E-Stop had a requirement of CAT 3, then all single fault modes would need to be simulated to confirm that the system will not lose safety function due to a single fault.

No Documentation

As like any activity performed during the implementation of a safety system, validation does not exist if it is not documented. All relevant analysis, tests reports, calculations, data sheets, etc. must be recorded to prove the process undertaken.

For help with validation plans, register for the NHP Safety Reference Guide, in the 'Safety Function Document' section there are numerous examples of pre-engineered Safety Functions with validation plans at the back of each document.

For more information on the process of validation, activities to be performed and the documentation required reference AS 4024.1502-2006.




Posted by 2 comments:
Labels: , , , , , , , , , ,
Location: Australia

Published: 18 May 2017

What makes a contactor a safety contactor?


A common question is; Do I need to use safety contactors in safety-related control systems?

So, what makes a contactor a safety contactor? These devices are purpose built for safety applications with many design principles built into the product. Like most safety devices, third-party certification provides a good reassurance that the product is appropriate for safety applications. NHP safety contactors are independently certified by Suva Accredited Certification Body.

As required in AS/NZS 4024.1501/1502/1503 the use of basic and well-tried safety principles must be considered for any safety control system for Category 1-4. The design and construction of safety contactors incorporate many of these safety principles. Some of these principles include:

Pictured: 37KW 3P 110V AC COIL 4NC
AUXILIARY Safety Contactor

True auxiliary indication

The auxiliary contacts that provide feedback to the safety system should use proven techniques such as positive guided/mechanically linked or mirror contacts to ensure a true indication of the contactor's state. In AS/NZS 4024.1502 the use of these techniques is defined as a well-tried safety principle and is required for Category 1-4.

No manual operation

Unlike standard contactors that can be easily operated from the front of the device, safety contactors do not allow for manual operation from the front of the contactor. This design feature avoids the possibility of personnel creating an unsafe state due to unexpected start-up. In AS/NZS 4024.1502 the prevention of unexpected start-up is defined as a basic safety principle required for Category B-4.

Securely fixed auxiliary contact block

The auxiliary contacts on safety contactors are permanently or securely fixed to the device, this avoids the possibility of the auxiliary contacts becoming separated from the contactor due to environmental causes (eg. Vibration) and makes intentional tampering more difficult. In AS/NZS 4024.1502 the secure fixing of these contacts is defined as a basic safety principle, required for Category B-4.

Reliability data

When designing safety systems to the standards AS/NZS 4024.1503 or AS 62061, reliability data needs to be obtained for the safety devices. Safety contactors have reliability data in the form of a B10d value.

Easily identifiable

To reduce the chances of unintended misuse of the safety system, safety contactors may be easily identifiable compared to standard contactors, i.e.: The safety contactor may be a different colour. This feature reduces the chances of accidental tampering with the safety system.

Other design considerations when selecting contactors in a safety-related control system include:

  • Consider environmental influences of the application such as temperature, vibration, existence of dust or other contaminants, this is a basic safety principle from AS/NZS 4024.1502
  • Consider over-dimensioning the contactor to reduce dangerous failure modes, this is a well-tried safety principle from AS/NZS 4024.1502
  • Where available use contactor coils with built in surge suppression, this is a basic safety principle out of AS/NZS 4024.1502
  • Ensure all circuits have relevant protection devices


Posted by 1 comment:
Labels: , , , , , , , , ,
Location: Australia

Published: 17 January 2017

Subscribe to: Posts (Atom)