Virginia Tech® home

Robotics Safety

Robotic Arm
Large robotic arm at the Research and Design Facility at Virginia Tech.

Robotics Safety Quick Links

OSHA Guidance
ANSI/RIA R15.06-2012
OSHA Technical Manual
VT Lockout/Tagout Program

Virginia Tech Environmental Health & Safety can assist with reviews of large robots/robotic arms installations for location issues, hazard/risk assessments, and provide recommendations for hazard controls.

Robotics Safety Program

Robots are reprogrammable, multifunctional, mechanical manipulators that typically employ one or more means of power: electromechanical, hydraulic, or pneumatic. Industrial robots have been used chiefly for spray painting, spot-welding, and transfer and assembly tasks; however, robots on campus are used in research applications. 

A robot can have one or more arms which are interconnected sets of links and powered joints. Arms are comprised of manipulators which support or move wrists and end-effectors.  Examples of end-effectors include grippers, spot-weld guns, and spray paint guns. The ANSI R15.O6-1986 Standard defines an industrial robot system as that which includes industrial robots, end-effectors, and any equipment, devices and sensors required for the entire robot system to perform its tasks.

The following characteristics are essential for control devices:

  1. The main control panel is located outside the robot system work envelope in sight of the robot.
  2. Readily accessible emergency stops (palm buttons, pull cords, etc.) area located in all zones where needed. These are clearly situated in easily located positions and the position identifications are a prominent part of personnel training. Emergency stops override all other controls.
  3. The portable programming control device contains an emergency stop.
  4. Automatic stop capabilities are provided for abnormal robot component speeds and robot traverses beyond the operating envelope.
  5. All control devices are clearly marked and labeled as to device purpose. Actuating controls are designed to indicate the robot's operating status.
  6. Contols that initiate power or motion are constructed and guarded against accidental operation.
  7. Each robot is equpped with a separate circuit breaker that can be locked only in the "off" position.
  8. User-prompt displays are used to minimuze human errors.
  9. The control system for a robot with lengthy start-up time is designed to allow for the isolation of power to components having mechanical motion from the power required to energize the complete robot system.
  10. Control systems are selected and designed so that they prevent a robot from automatically restarting upon restoration of power after electrical power failure. The systems also prevent hazardous conditions in case of hydraulic, pneumatic, or vacuum loss or change.
  11. A robot system is designed so that it could be moved manually on any of its axes without using the system drive power.
  12. All control systems meet OSHA 29 CFR 1910, Subpart S standards for electrical grounding, wiring, hazardous locations, and related requirements.

Good installation, maintenance, and programming practices include the following:

  1. The robot is installed in accordance with the manufacturer's guidelines and applicable codes. 
  2. Robots are compatible with environmental conditions.
  3. Power to the robot conforms to the manufacturer's specifications.
  4. The robot is secured to prevent vibration movement and tip over.
  5. Installation is such that no additional hazards are created, such as pinch points with fixed objects and robot components or energized conductor contact with robot components.
  6. Signs and markings indicating the zones of movement of th robot are displayed prominently on the robot itself and, if possible, on floors and walls.
  7. Stops are placed on the robot systems's axes to limit its motions under rated load and maximum speed conditions.
  8. A lockout-procedure is established and enforced for preventative maintenance or repair operations.
  9. The robot manufacturer's preventative maintenance schedule is followed rigourously.
  10. A periodic check of all safety-critical equipment and connections is established.
  11. Stored energy devices, such as springs and accumulators, are neutralized before robot servicing.
  12. Only programmers have access to the work envelope and full control of the robot when it's in the teach mode.
  13. All robot motion initiated from a teach pendant used by a programmer located within the robot work envelope is subject to the current ANSI slow speed recommendation of 10 in/sec (250 mm/sec).

Effective accident prevention programs include training. Robot operators must receive adequate training in hazard recognition and the control of robots, and in the proper operating procedure of the robot and associated equipment. This is typically provided by the Principle Investigator for the department/lab overseeing the robot.

Environmental, Health and Safety does not currently provide specific training on robotics; but there are recommended trainings that are applicable:

  • Hazard Assessment
  • Lockout/Tagout Authorized Person
  • Electrical Qualified Person (if performing servicing/maintenance)
  • Other trainings as appropriate for associated hazards

 

Special consideration must be give to the teacher or person who is programming the robot. During the teach mode of the operation, the person performing the teaching has control of the robot and associated equipoment, and should be familiar with the operations to be programmed, system interfacing, and control functions of the robot and other equipment.

When systems are large and complex, it can be easy to activate improper functions or sequence functions improperly. Since the person doing the training (of the robot) can be within the robot's restricted envelope, such mistakes can result in accidents. Mistakes in programming can result in unintened movement or actions with similar results. For this reason, a restricted speed of 250 mm/sec or 10 in/sec should be placed on any part of the robot during training to minimize potential injuries to teaching personnel.

The system operator should be protectied from all hazards during operations performed by the robot. When the robot is operating automatically, all safeguarding devices should be activated, and at no time should any poart of the operator's body be within the robot's safeguarded area. For additional operator safeguarding suggestions, see ANSI/RIA R15.06-1992 standard, Section 6.6.

When a person is permitted to be in or near the robots restricted envelope to evaluate or check the robots motion or other operations, all continuous operation safeguards must be in forece. During this operation, the robot should be at slow speed, and the operation would have the robot in teach mode and be fully in control of all operations. For other safeguarding suggestions, see ANSI/RIA R15.06-1992 standard, Section 6.7.

While maintenance and repair is being performed, the robot should be placed in the manual or teach mode, and the maintenance personnel perform their work within the safeguarded area and within the robots restricted envelope. For other safeguarding techniques and procedures, see ANSI/RIA R15.06-1992 standard, Section 6.8.

Robot accidents typically do not occur under normal operating conditions, but instead during programming, program touch-up, maintenance, repair, testing, setup, or adjustment. During these tasks, personnel may be within the robot's working envelope where unintended operations could result in injuries from impact/collision, crushing and trapping, moving/mechanical part failure, or other accidents such as electrial energy, pressurized fluids, metal spatter, dust, electromagnetic or radio-frequency interference, and tripping hazards from equipment and cables on the floor.

Proper selection of an effective robitocs safety system must be based on hazard analysis of the operation involving a particlar robot. Safeguarding means and methods must be implemented in order to control and reduce the likelihood of incidents. Sources of potential robot hazards that should be considered include:

  • Human errors, such as the incorrect activation of the "teach pendant" or control panel, or over familiarity with the robots redundant motions and putting ones self in a hazardous position;
  • Control errors, such as intrinsic faults withing the control system, software errors, electromagnetic or radio-frequency interference, or faults in the hydraulic, pneumatic, or electrical subcontrols.
  • Unauthorized access by individuals who are not familiar with the safeguards in place or the activation status;
  • Mechanical hazards or failures, or faulty or unexpected operation;
  • Environmental hazards such as electromagnetic or radio frequency interference; 
  • Power sources (i.e. electric, hydraulic, and pneumatic) - exposure to, or results of malfunctioning or disrupted signals;
  • Fire risks associated with electrical overloads or by flammable hydraulic oil; and
  • Improper installation of the robot or robot system.

An effective safety system protects operators, engineers, programmers, maintenance personnel, and others who could be exposed to hazards associated with operation. A combination of methods may be used to develop an effective safety system. Redundancy and backup systems are recommended, particularly if a robot can create serious hazardous conditions.

 

Guarding Methods

This is a physical barrier around a robot work envrlope incorporating gates equipped with interlocks. These interlocks are designed so that all automatic operations of the robot and associated machinery will stop when any gate is opened. Restarting the operation requires closing the gate and reactivating a control switch located outside the barrier. A typical practical barrier is an interlocked fence designed so that access through, over, under, or around the fence is not possible when the gate is closed.

A fixed barrier guard is a fence that requires tools for removal. Like the interlocked barrier guard, it prevents access through, over, under, or around the fence. It provices sufficient clearance for a worker between the guard and any robot reach, including parts held by an end-effector, to perform a specific task under controlled conditions.

This is a device that defines a safety perimeter and is intended to prevent inadvertent entry into the work envelope, but can be climbed over, crawled under, or stepped around. Examples include a low railing or suspended chain. Such a device is acceptable only in situations where a hazard analysis indicates that the hazard is minimal and interlocked or fixed barrier guards are not feasible.

Pressure sensitive mats and light curtains are common examples of presence sensing devices which can be used to detect a person stepping into a hazardous area near a robot. Effective presence sensing devices stop all motion of the robot if any part of a person's body enters the protected zone. Also, they are designed to be fail-safe so that the occurrence of a failure within the device will leave it unaffected or convert it into a mode in which its failed state would not result in an accident.

Proximity detectors using ultrasonics, radio frequency, laser, and television principles are undergoing reliability testing due to limitations and may not be appropriate or sufficient for insuring adequate safety of personnel and should be avoided unless a specific analysis confirms their acceptability for the intended use.

Dangerous robot movement is arrested by dynamic braking systems rather than simple power cut-off. Such brakes will counteract the effects or robot arm inertia. Cutting off all power could create hazards such as a suden dropping of a robot's arm or flinging of a workpiece.

Audible and visible warning systems are not acceptable safeguarding methods, but may be used to enhance the effectiveness of positive safeguards. The purpose of such signals needs to be easily recognizable. 

End-effector: an accessory tool specifically designed for attachment to a robot wrist to enable the robot to perform its intended task. Examples include grippers, spot-weld guns, and spray paint guns.

Envelope (space), Maximum: The volume of space encompassing the maximum designed movements of all robot parts including the end-effector, workpiece, and attachments.

Envelope, Operating: That portion of the restricted envelope (space) that is actually used by the robot while performing its programmed motions.

Envelope, Restricted: That portion of the maximum envelope to which a robot is restricted by limiting devices. The maximum distance that the robot can travel after the limiting device is actuated defines the boundaries of the restricted envelope (space) of the robot.

Limiting devices: A device that restricts the maximum envelope (space) by stopping or causing to stop all robot motion and is independent of the control program and the application programs.

Operating envelope: The physical area where a robot performs its tasks. This envelope is the volume swept by all possible programmable robot movements. This includes the area where work is performed by robot tooling.

Programming: Individual command steps which state either the position or function to be performed by the robot, along with other informational data such as speed, dwell or delay times, sample input device, activate output device, execute, etc.

Robot components: Industrial robots have four major components: the mechanical unit (i.e. the manipulative arm), the power source(s), the control system, and tooling.

Teach Mode: The control state that allows sthe generation and storage of positional data points effected by moving the robot arm through a path of intended motions.

Contact Information

Robin McCall-Miller, Occupational Safety Program Manager

Phone: 540-231-2341
Email: rmmiller@vt.edu

Tags