ANSI/RIA

ANSI/RIA R15.
06
- an introduction to Robot and Robot System Safety
PUBLIC
PUBLIC - 5058-CO900H Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.
ANSI/RIA R15.06-2012
 Update of R15.06 – 1999
 1999 withdrawn: end of 2014
(+TR R15.106 and TR R15.206)
 R15.06 – 2012 is a national adoption of
ISO 10218-1 and ISO 10218-2
 ANSI/RIA R15.06-1999 was used as
basis for ISO 10218
• RIA (print) www.robotics.org  With an ANSI/RIA Introduction
+ “old” standards & technical reports
• ANSI (PDFs): note that Technical
Reports are NOT available from
ANSI.
PUBLIC Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.
Who is addressed by standards?
OSHA EU Machinery
WHO ANSI ISO and EN Regulations Directive
Manufacturer X X X
Integrator X X X
User X X
Could be directed to all entities X Suppliers ONLY
ANSI: guidance to Manufacturers, Integrators & Users of machinery (depends on scope).

ISO & EN standards: SUPPLIERS , NOT Users except when Users also have role of
supplier, of industrial machinery. Allows movement of like goods into and within Europe.
OSHA standards provide requirements only to Users (Employers) for occupational safety, but
can include responsibilities to Employees (ex. Lock-out).

History of ANSI/ RIA R15.06
1970 Occupational Health & Safety Act created
1982 R15.06 drafting started
1986 Publication of ANSI/RIA R15.06 – 1986 1961
1986 R15.06 update started
1992 Publication of ANSI/ RIA R15.06 – 1992
1993 R15.06 update started ANSI
1999 Publication of ANSI/ RIA R15.06 – 1999 Top Seller
over the years
~2000.. ISO 10218 started based on ANSI/ RIA R15.06 – 1999
~2004 R15.06 update started (working with draft ISO 10218-1 & -2)
2006 Publication of ISO 10218-1 AND ISO 10218 revision started 2014
2007 Publication of ANSI/ RIA ISO 10218-1 – 2007 & RIA TR to enable its use
2011 Publication of ISO 10218-1 and ISO 10218-2: 2011
2012 ANSI/ RIA R15.06 adopts ISO 10218-1 and -2:2011
2014 ANSI/ RIA Tech Reports published (TR R15.306, .406, .506)
2015 Publication of updated TR R15.306 w/minor revs & ISO TS 15066
What’s new with R15.06-2012?
 Standard structure
 Part 1: Robot (comes from robot manufacturers)
 Part 2: Integration: requirements placed on the integrator (role of
integrator – not necessarily the business purpose)
 Normative references to ISO & IEC standards
 Safety features embedded in robot systems (some optional)

R15.06 – 2012: 7 Top changes
1. Terminology (limited changes)
Severity
Frequency of
EXPOSURE
Probability of
AVOIDANCE
Risk Level
2. Risk assessment REQUIRED!
E0 prevented
3. Functional safety (quantifiable)

Negligible
A1 likely
E1 low
S1
Minor A2 or A3 not likely or not
possible
E2 high
Low
E0 prevented
4. Floor space optimization due to new features

E1 low
S2 A1 likely Medium
Moderat E2 high
e A2 or A3 not likely or not
possible High
E0 prevented
(some OPTIONAL) & changes to CLEARANCE

Low
E1 low
S3 High
A1 or A2 likely or not likely
Serious
E2 high
A3 not possible Very High
5. Detachable & wireless pendants

6. Perimeter guarding changes (min/max)
7. Collaborative operation (4 types identified)
 The issue is collaborative application – not just the robot.
This topic is GREATLY misunderstood!
Terminology changes
New Terms Explanation
Robot arm & robot control (does NOT include end effector or part)
Robot
Robot CAD files do NOT include tooling or parts.
Robot System Robot, end effector and any task equipment
Robot Cell Robot System and safeguarding (inside safeguarded space)
Reduced speed Called Slow speed in the 1999 standard
Called Safety Stop in the 1999 standard
Protective Stop
Purpose: protection of people. This is different from Estop.
reduced Often called T1, was called Teach Mode in 1999 standard.
Manual
Mode
speed (Teach is a task using manual reduced speed mode)

high speed Often called T2, but also called APV in the 1999 standard
All personnel, not simply production operators.
Operator(s)
Maintenance, troubleshooting, setup, production…
Standard “special” words
Shall Normative or mandatory requirement
Should Recommendation or good practice
May Permissive or allowed
Can Possible or capable – statement of fact
Notes are informative: used to provide additional information or explain concepts.
If you see a “shall,” “should” or “may” in a note – it is an error.
We (standards writers) try, but we still make mistakes.
ANNEXES can be NORMATIVE or INFORMATIVE

All annexes can contain shalls/ shoulds/ mays and cans. If you CHOOSE to use an
informative annex, you are required to use all of it as written (including SHALLs…)
R15.06 – 2012, Part 1  Robot Mfgers!
 Part 1: Annex D describes OPTIONAL features.
Robot manufacturers are NOT required to provide any of these features, however if they are provided, they
have to meet the stated requirements in Part 1. Here are the optional features listed in Annex D
 Emergency stop output functions
 Enabling Device features (common enabling device functionality and connecting additional)
 Mode section (providing mode information as a safety related functions)
 Anti-collision sensing awareness signal (not safety-related function but helpful)
 Maintaining path accuracy across all speeds, so that using T2 is not needed
 Safety-rated soft axis and space limiting (allows smaller cell footprints)
Ex: FANUC DCS, Kuka Safe Operation, ABB SafeMove, Yaskawa FSU…
 Stopping performance measurement
 Do NOT presume that these features are provided. OPTIONS!
 Part 2 is for the integration of robots into systems and cells.

Impact to Integrators & Users
 Part 2 (ISO 10218-2 = R15.06 Part 2)
 This is the BIGGY for Integrators (and Users to know)
 Users are not specifically addressed
 User acts as integrator, then integrator requirements apply to User.
 Users need to use the information provided by the integrator.
 Users address the residual risks: typically developing procedures & training, training
personnel, adding warnings/ signs and safety management.
 Integrators/ Users: options in Part 1, Annex D needed?
 Know before buying robots.
 A robot that meets ISO 10218-1 (which is ANSI RIA R15.06 Part 1), only has these optional
features if you request them or if the manufacturer states that their robot has these options.
 Validation & verification, Clause 6, requires Annex G (p 127 Part 2)
 Then START READING the standard!
R15.06: 2012 – Part 2
 Clause 1: Scope
 Clause 2: Normative References
 ISO to be used for global (including US) compliance while some ANSI standards can be
used instead of ISO if compliance is for US only.
 Clause 3: Terms and definitions
 Clause 4: Hazard Identification & Risk Assessment (see TR R15.306)
 Clause 5: Safety Requirements and protective measures
 5.2: Functional safety (ISO 13849-1 & IEC 62061) requirements and equivalency to
“Control Reliability”
 5.10: Safeguarding (Use ISO & IEC standards or if ONLY US, TR R15.406 can be used)
 Clause 6: Verification & validation of safety requirements and protective measures
(NORMATIVE reference to ANNEX G in Part 2)
 Clause 7: Information for Use (page 101, Part 2)
Part 2: 5.2 Functional safety
 ISO 13849-1:2006 and IEC 62061 provide metrics for functional safety
 Can quantify performance, determine requirements, and validate
 “Control Reliable”: concept in 1999 standard
 PL=d with structure category 3 is equivalent to the requirements in the 1999
for “control reliability” :
 A single fault does not lead to the loss of the safety function;
 The fault shall be detected before the next safety function demand;
 When the fault occurs, the safety function is performed and a safe state shall be
maintained until the detected fault is corrected;
 Reasonably foreseeable faults shall be detected.
 Functional safety applies to all safety features which include a control
system/ logic (SRP/CS)
Optimize Your Floor Space
 Using safety-rated soft axis and space limiting feature of the robot control
(optional feature)
See Part 1: 3.19.3, Part 1: 5.12.3 and Part 1: Annex D
 This is a type of “Limiting Device” (safety function) that reduces the
“maximum space” to the restricted space.
Maximum, Restricted, and

Operating Spaces include the
robot, end-effector, & part

Optimize Your Floor Space: Clearance
 IF ONLY Manual Reduced Speed (T1) and NO T2, then clearance is required for
tasks inside the safeguarded space where there is an exposure to hazard(s) due
to lack of space (pinch, crush, trapping).
 No task no need for clearance! Be real in the risk assessment.
 If there is a lack of space for a task, then 20in (500mm) needed for trapping
(body/ chest). For other body parts, use ISO 13854.
 1999: 18-inch clearance from the operating space was required.
 2012: Silent whether distance is from the restricted or operating space.
 Case studies: up to a 30-40% reduction in footprint!
Important: If the robot has high-speed manual (T2), then 20in (500mm)
clearance is required regardless of the risk assessment (Part 2, 5.5.2)
Photo courtesy Assa Abloy
Perimeter Guard Dimension Comparison
R15.06-1999 ISO 10218 & R15.06-2012 CSA Z434
Lower Dimension 12 in. 7 in. 6 in.
Upper Dimension 60 in. 55 in. 72 in.
Upper Dimension
MINIMUM
Lower Dimension, MAXIMUM

Only if hazards cannot be accessed by reach over, under and through.
Example, if there is a hazard within 43” of the bottom, then the guard must
have a lower dimension smaller than 7”. (see ISO 13855 or RIA TR15.406)
Collaborative Operation
 4 types of collaborative operation (Part 1, 5.10; Part 2, 5.11) for collaborative applications
(can be a mix of the following) – all while in AUTOMATIC:
 Safety-rated monitored stop: Operator may interact with robot system when it is stopped
(drive power may be ON). Automatic operation resumes when the human leaves the
collaborative workspace.
 Hand-guiding operation: Operator in direct contact with the robot system, using hand controls.
 Speed and separation monitoring: Robot/hazard speed is reduced the closer an operator is
to the hazard. Protective stop is issued before contact.
 Power and force limiting: Incidental contact between robot and person will not result in harm
to person. Reference ISO TS 15066. Requires a risk assessment per each body region.
Applications where WORSE CASE is ONLY SLIGHT INJURY!
A collaborative application could include 1 or more of the above capabilities.
NOTE: Additional guidance for collaborative operations can be found in ISO TS 15066, with
the most attention to Power & Force Limited and Speed & Separation Monitoring.
TS 15066 is available by the end of Feb 2016 from ISO and ANSI.
RIA Technical Reports…
 R15.306, R15.406, and R15.506 were developed for the US because the
1999 standard included these details and the 2012 edition does not.
 TR R15.306 update of 1999 risk assessment methodology and matrix
(from 2x2x2 to 3x3x3) to required protective measures.
 TR R15.406 Safeguarding, pulls many (but NOT all)
requirements from various ISO safety standards.
For EU or global compliance, use ISO standards.
 TR R15.506 Applicability of R15.06-2012 for existing robot
applications. Needed because ISO standards only look forward (new).

TR R15.306 Risk assessment (task-based)
Excerpt from ISO 12100, figure 1
 Conduct a risk assessment (required now, option in 1999).
risk assessment Consider task locations & access requirements.
risk analysis
See Part 2, clause 4.3
 Identify tasks & hazards & the needed protective
measures for all phases of operation
 Include the need for access to tasks and providing
Risk evaluation (see 5.6) space to perform tasks, including clearance if
Adequate risk reduction – see 5.6.2
needed.
Has the risk been
adequately reduced?
 3 x 3 x 3 Matrix
Clause 6 Risk reduction
Severity, Exposure, and Possibility of Avoidance:
If no, repeat
See TR R15. 306, Table 1
RIA TR R15.306 – 2014
Factor Rating Criteria (Examples) – choose most credible
Normally non-reversible:
– fatality Read criteria from
– limb amputation
Serious the top and down,
– long term disability for each factor
S3 – chronic illness
– permanent health change
If any of the above are applicable, the rating is SERIOUS
Normally reversible:
– broken bones
– severe laceration
Injury
Moderate – short hospitalization
Severity
S2 – short term disability
– lost time (multi-day)
– fingertip amputation (not thumb)
If any of the above are applicable, the rating is MODERATE
First aid:
– bruising
Minor – small cuts
S1 – no loss time (multi-day)
– does not require attention by a medical doctor
If any of the above are applicable, the rating is MINOR
RIA TR R15.306 with E0
FACTOR
with E0
Rating Criteria (Examples) – choose most credible Read criteria from the top for each factor
– Exposure to hazard(s) is eliminated/ controlled/ limited by inherently safe design measures.

– Use of guards prevents exposure or access to the hazard(s)
E0 Prevented (see Part 2, 5.10). If an interlocked guard is selected, the following bullet must also be met.
added E0 – If functional safety is used as a risk reduction measure, the functional safety performance (PL)
meets or exceeds the required functional safety performance (PLr). See Part 2, 5.2.
If any of the above are applicable, the rating is PREVENTED
Exposure – Typically more than once per day or shift
High – Frequent or multiple short duration
E2 – Durations/situations which could lead to task creep and does not include teach
If any of the above are applicable, the rating is HIGH
– Typically less than or once per day or shift
Low
– Occasional short durations
E1
If either of the above are applicable, the rating is LOW
NOTE: E0 is used during validation as E0 is only available as a selection
AFTER the 1st round as it requires risk reduction (which happens after the initial assessment)
RIA TR R15.306
Factor Rating Criteria (Examples) – choose most credible Read criteria from the top for each factor
• Insufficient clearance to move out of the way and safety-rated reduced speed control is not used
Not
• The robot system or cell layout causes the operator to be trapped, with the escape route toward the hazard
Tweaking of Possible • Safeguarding is not expected to offer protection from the process hazard (e.g. explosion or eruption hazard)
A2 and A3 A3
If any of the above are applicable, the rating is NOT POSSIBLE
examples
• Insufficient clearance to move out of the way and safety-rated reduced speed control is used
• Obstructed path to move to safe area
Not Likely • Hazard is moving faster than reduced speed (250 mm/sec)
Avoidance A2 • Inadequate warning/reaction time
• The hazard is imperceptible
If any of the above are applicable, the rating is NOT LIKELY
• Sufficient clearance to move out of the way
• Hazard incapable of moving greater than reduced speed (250mm/sec)
Likely
A1
• Adequate warning/reaction time
• Positioned in a safe location away from the hazard
If any of the above are applicable, the rating is LIKELY

TR R15.306:
PLe not typically applicable to robot system
RISK REDUCTION – Table 2 without E0 RISK REDUCTION – Table 2
If applicable If applicable
Severity
Severity Probability of Probability of
EXPOSURE Risk Level Min PL & Cat EXPOSURE Risk Level Min PL & Cat
AVOIDANCE AVOIDANCE
of SRPCS of SRPCS
E0 prevented
A1 likely Negligible b A1 likely Negligible b
E1 low
S1 Minor
E1 low
S1 Minor
A2 or A3 A2 or A3
not likely or not possible not likely or not possible
E2 high E2 high
Low c2 Low c2
E0 prevented
E1 low E1 low
S2 Moderate
S2 Moderate
A1 likely
A1 likely Medium d2 Medium d2
E2 high E2 high
A2 or A3 A2 or A3
not likely or not possible not likely or not possible High d3
E0 prevented
High d3 Low c2
E1 low
S3 Serious
S3 Serious
E1 low
A1 or A2
likely or not likely
A1 or A2
likely or not likely
High d3
E2 high E2 high
A3 not possible Very High e4 A3 not possible Very High e4
Risk reduction measures – 3 Step Method
Inherently safe design measures
1 by the designer/ supplier risk
Safeguarding*
* designer & user
Guards
2 Complementary
Protective Measures
Protective
Devices
See Supplier 3 Step Method
Warnings & Awareness Means
3
developed from Administrative Controls
Information for Use
residual risk
Training & supervision
Personal protective equipment (PPE)

Hierarchy of risk reduction measures
Most
Elimination
Inherently Safe
Designer Impact
Substitution
Design Measures
Integrator (Supplier) Impact

Limit interaction (by inherently safe design)
Safeguarding Safeguards & if applicable, Safety-Related

Parts of the Control System (SRP/CS)
and Complementary Protective Measures
• Emergency stop devices and functions
Complementary • Platforms and guard railing (fall prevention) & safe
Protective access – building codes & standards can apply
Measures • Measures for escape & rescue of people, isolation
& energy dissipation, handling heavy parts
User Impact
Warnings & Awareness Means

Information for
Administrative Controls
Use
Least Personal Protective Equipment
Effective
See TR R15.306 for a detailed Hierarchy of Risk Reduction Measures
RIA TR R15.306
Table 4 – Min risk reduction as a function of the risk level
Risk Reduction Risk Level
Measure VERY HIGH HIGH MEDIUM LOW NEGLIGIBLE
Most Elimination
Preferred Substitution Use of one or a combination of these
Limit Interaction risk reduction measures are required
as a primary means to reduce risks. Use of one or a
Safeguarding/
combination of any of
SRP/CS
the risk reduction
Complementary measures that would
Protective Measures
Use of one or a combination of these
risk reduction measures may be used reduce risks to an
Warnings and in conjunction with the above risk acceptable level may be
Awareness Means reduction measures but shall not be used.
Administrative
used as the primary risk reduction
Least Controls
Preferred measure.
PPE
Assess residual risk (6.6). Will acceptable risk be achieved (6.7). If not achieved, repeat.
If residual risks are low or negligible, this is sufficient. Perform verification and validation (6.8).
Document (7.9). And be aware of Updates (7)
TR R15.306, table 5
Minimum functional safety performance
Risk Level
PL r Structure Category
NEGLIGIBLE
b --
(see 5.6.1)
LOW c 2
MEDIUM d 2
HIGH d 3
VERY HIGH (see 5.6.2)
e 4
did not exist in R15.06-1999
Robot safety standards require PLd, Cat 3 unless a risk assessment determines another PL and Cat is needed.
Functional safety could be lower or higher, based on application – with end-effector and part(s). A higher requirement
is not expected due to hazards associated with a robot system but could be required for other application risks.
PLd, Cat 3 is equivalent to Control Reliable & can be validated!
TR R15.406-2014
 TR R15.406 Safeguarding, pulls many

(but NOT all) requirements from various
ISO safety standards.
 For EU or global compliance,

use the EN/ ISO standards.

TR R15.506 Scope
 ANSI/RIA R15.06-2012 provides
forward-looking guidance for industrial
robots and industrial robot systems/cells
effective at the time of its publication
and contains no requirements for
change or retrofit.
 This TR provides guidance as about

what applies to existing equipment built
to an earlier version of the standard.
TR R15.506
Figure 1 –
Flowchart outlining various requirements

TR R15.506
Table 2 – Risk assessment and standard requirements for each scenario

Challenges moving ahead…
 Change is difficult. We have a new standard (and TRs) to learn.
 Risk assessment is now required. Some people are not yet comfortable with risk assessment. But also many have
become quite comfortable.
 Drive for new TR15.306 to have 3 levels of severity: slight, moderate, serious.
 ISO 13849-1 and IEC 62061 are relatively new to the US.
 Functional safety can seem scary because it includes equations.
 Math can be easily done by free software (Sistema for ISO 13849-1).
 Combines reliability with diagnostics coverage (to detect a failure), rather than simply relying on an architecture
(categories).
 Functional safety requires understanding components (machine and safety-related), then integrating properly and
lastly validating. More expected … progress
 This design, integration and use needs to reflect the entire lifecycle of the robot system and application. It
requires a discipline – the discipline of functional safety management, akin to quality management.
 We have PLe which didn’t exist in EN954 plus “Control Reliable” was the “best”.
What’s Next?
 Collaborative Operations / Applications: ISO TS 15066 approved!
(expected to become an ANSI registered Technical Report by RIA -> TR R15.606)
 Manual load station (ISO TR)
 when is a load station a “hindrance device” that prevents entry
 End-effectors (ISO TR) for collaborative applications
 New Projects: R15.08 How do we write a
safety standard for this sort of
 Robot/AGV combination mobile robot and not conflict
with other standards?
 Other…
 UL1740 revision to go to ballot in 2016
Intro to Robot / Robot System Safety
PUBLIC
www.rockwellautomation.com
Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.

ANSI/RIA

Enviado por

Dados do documento

Direitos autorais

Formatos disponíveis

Compartilhar este documento

Compartilhar ou incorporar documento

Opções de compartilhamento

Você considera este documento útil?

Este conteúdo é inapropriado?

Direitos autorais:

Formatos disponíveis

ANSI/RIA

Enviado por

Direitos autorais:

Formatos disponíveis

ANSI/RIA R15.

ANSI: guidance to Manufacturers, Integrators & Users of machinery (depends on scope).

PUBLIC Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.

PUBLIC Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.

3. Functional safety (quantifiable)

4. Floor space optimization due to new features

(some OPTIONAL) & changes to CLEARANCE

5. Detachable & wireless pendants

speed (Teach is a task using manual reduced speed mode)

ANNEXES can be NORMATIVE or INFORMATIVE

 Part 2 is for the integration of robots into systems and cells.

PUBLIC Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.

Maximum, Restricted, and

PUBLIC Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.

Lower Dimension, MAXIMUM

PUBLIC Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.

– Exposure to hazard(s) is eliminated/ controlled/ limited by inherently safe design measures.

PUBLIC Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.

Warnings & Awareness Means

Personal protective equipment (PPE)

PUBLIC Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.

Integrator (Supplier) Impact

Safeguarding Safeguards & if applicable, Safety-Related

Warnings & Awareness Means

 TR R15.406 Safeguarding, pulls many

 For EU or global compliance,

PUBLIC Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.

 This TR provides guidance as about

PUBLIC Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.

Table 2 – Risk assessment and standard requirements for each scenario

PUBLIC Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.

Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.

Você também pode gostar