2.6 Handling change during operation

Authors: Giuseppe Fogliazza, Luigi Calegari, Adriano Scibilia, Nicola Pedrocchi  (RECOLL demonstrator project)

The core of the approach consists of measuring and tracking the Points-of-Interest (POIs) during the operation of the manufacturing robot. The RECOLL demonstrator has shown that, once the safety rules are correctly embedded in the system, the safety is guaranteed in all working conditions including conditions that were not taken into account during the time of analysis. However, when the safety measures are activated in conditions that were not considered in the assessment phase, they result in a reduced efficiency of the system.

The most dangerous situations and hazards have been observed during and after an emergency state of the robot. These emergency states resulted from using conservative safety rules. Most of these came after non-dangerous interactions and accesses to the shared workspace.

The measuring setup in RECOLL allowed for a quantitative evaluation of the occurrence probability of hazards which were not included in the task model. The safety rules were defined using a traditional and conservative approach, but despite that not all hazards were completely avoided. However, since the embedded safety-rules were so restrictive, the hazards cannot produce harm to a human operator.

In other words, the core of the proposed approach is the identification of the misses during execution. When an unexpected action occurs, the robot goes into an error state and suspends the execution of any movement. This can lead to huge differences in time execution from one repetition to another. Depending on when this happens, there can be a considerable difference in the time required to restore the correct state of the manufacturing cell.

In general, an error state can be managed in two different ways:

• The error state can be restored by the operator without affecting the following tasks to be executed. In this case, the robot waits for the human to confirm that the situation has been managed and then continues with the following actions.
• The error state inhibits the robot and/or the operator from performing any further sub-task. The whole cell must be reset and the cycle must be restarted.

The experimental outcomes from the RECOLL project seem to confirm that the second type of error state is the most dangerous in terms of safety of the operator (i.e. the robot could be stopped while carrying a load in an area potentially occupied by the human) and also for affecting the productivity of the whole plant.

The RECOLL approach demonstrates that the standard design of the safety rules embedded on the robot controller responds safely to changes that occur during operation, even if they are too restrictive. A further outcome is that most of these unexpected dangerous conditions occurred during robot autonomous tasks, but not in actions which were supposed to be collaborative. In other words, the access limitation is probably the most important measure that can be taken in order to avoid the mismatch between the expected usage and the unforeseen one.