Integrated and Distributed Safety for Motion Control
| By: Nick Cravotta, A3 Contributing Editor
With emerging robotic and mobile industrial automation technology, maintaining operator safety has become increasingly more challenging. Traditional approaches to safety fall short of protecting operators from autonomous equipment that share the factory floor with them. To keep workers free from injury and harm, safety requires an integrated and distributed approach.
Rather than centralize safety functionality in a controller, safety features need to be distributed throughout the system, such as out to individual drives. Cell safety functionality must also be able to adapt when mobile systems such as automated guided vehicles (AGVs) and autonomous mobile robots (AMRs) enter and leave a cell. When implemented in an integrated way, safety systems can also supply non-safety systems with data that improves overall production reliability and efficiency.
The Rise of Mobile Automation
While some companies have delayed large capital expenses over the last few years, many have accelerated their investment in automation. For example, there was substantial growth in the mobile robot industry in 2021 (see Figure 1). Interact Analysis predicts that by 2025, close to two million robots will be installed globally and that revenue for mobile robots will surpass $30 billion by 2030. And with VC funding for mobile robots reaching $1 billion in 2021, the positive impact robots can deliver on the factory floor will increase as well.
One consequence of having more robots on the factory floor is that they are sharing workspaces with people more frequently. This means the industry needs to rethink how safety is implemented.
“Machines have traditionally been individually addressed, and safety has been addressed individually as well,” said Chris Woller, safety product manager at Beckhoff Automation. “The problem is machines are getting more complex. Look at mobile robots. When they move into a workspace, they become part of it.
“At Beckhoff Automation, we’re focused on integrated safety. The idea is that when a machine has more than a few safety functions, it makes sense to integrate them into the control system from a financial and engineering efficiency perspective. For example, a machine with coordinated e-stops, safe motion functions, muting, light barriers, etc. becomes almost unmanageable with relay logic.”
Working together only gets more complicated with mobile robots. “When a robot enters a workspace, it needs to connect on-the-fly through the network to the other machines so they can coordinate their safety functions,” Woller said.
“A bottling line might have filler, capper, labeler, and packaging machines, each working in different cells. Each poses different safety concerns based on its function, and a person walking into that cell will trigger a specific safety response. However, these cells are not independent. If the speed of the labeler is suddenly reduced as a safety response, this may could cause a backup on the line.”
By providing non-safety systems with access to safety information, it becomes possible to improve overall production. For example, the line can be rerouted to compensate for safety events that have slowed particular cells. In this way, the delay from a safety event can be ‘absorbed’ across the line through load balancing.
“Safety can also be more flexible with an integrated approach,” Woller said. “Say we have a 6-axis robot. It might have several end effectors with onboard controls, one for milling, another for cutting, and so on. As the robot changes functionality, it needs to implement and manage different safety requirements. This can be complex for a controller to track. By integrating safety into the tool itself and distributing the logic, it can coordinate its own safe functions with the robot before and during operation.”
“Centralizing safety means having to create a large, complex program that can be confusing to understand and modify. By distributing safety logic to all I/O terminals and drives, functions can be implemented in small, simple chunks that are much easier to maintain.”
The advantages of integrated safety goes beyond just increasing safety. Woller said, “When safety and non-safety systems are connected, we can improve efficiency as well. Tracking safety will enable you to identify that a particular machine has experienced a higher number of safety events. This could mean operators are facing challenges during their jobs or the workspace needs a new risk assessment.”
Putting safety information in the cloud also makes this data available for offline analysis. Woller said, “Imagine being able to review a year’s worth of safety events to determine how you might change your machine design to reduce safety issues. You’d not only be improving safety but increasing efficiency at the same time.”
Another aspect of improving mobile robot safety is to take a distributed approach.
“Traditionally, industrial safety requirements are at the machine-builder level,” said Andy Sklierenko, vice president at Moons’ Industries (MOONS’), an expert in motion control and safety, manufacturing over 30 million motors a year. “Typical safety devices include light curtains, interlocks, and safety fences. However, with the increase in robots, cobots, AGVs, and AMRs sharing workspaces with humans, there is an increasing need for distributed safety.”
“Consider a safety scenario where a person walks into a cobot’s work cell,” Sklierenko said. “When the person disrupts a light curtain, the cell control system directs the robot to slow or stop in response. Unfortunately, this sequence of responses might not be fast enough to prevent injury. Taking a distributed approach to safety enables the robot itself to interpret the scenario and execute an emergency response when required. Now the robot is able to independently prevent accidents in the quickest possible way. With cobots, this is even more critical as the interaction with humans gets physically closer and more interwoven in process.”
There are several advantages to a distributed approach to safety. Perhaps the most important is real-time responsiveness. The cobot doesn’t have to wait for detailed instructions from the controller, which might be occupied with several other systems simultaneously. Another advantage is the flexibility of the system to take appropriate action based on real-world circumstances. For example, if the cobot is moving, it can reduce its speed when another object begins to get close. For safety critical situations, such as an operator stepping within a meter of the cobot, the cobot can even cut the power to the phases of all the motors, leaving no chance of powering any additional movement.
Safety Torque Off (STO), a hardware-based estop capability, is implemented in many of MOONS’ drives. When triggered, STO physically removes power from the motor.
With software-based estop, power is still being delivered to the motor phases even though the motor is stopped. If an error occurs, this power could drive the motor, potentially putting an operator at risk. Because power is physically removed with STO, there is no way the motor can continue to operate once it is stopped.
“In addition to providing higher reliability, utilizing STO simplifies safety certification,” Sklierenko said. “For systems using either firmware-based estop or external safety circuits, all of the systems involved in stopping the motor and keeping it stopped must be safety-certified. Depending upon how complex the system is architecture, this could involve a great deal of time, effort, and cost. With STO distributed amongst all the axes, power removal means much less effort in safety-certification and implementation.”
Building distributed safety like STO into each axis also simplifies system design. “Rather than implement every safety feature in the controller, STO can be offloaded to the drive itself,” Sklierenko said. “Consider a cobot with four functions/axes, each with a motor and drive. With STO built into each axis or function block, the controller no longer needs to manage every safety response detail. Each axis can be responsible for itself in regards to being ‘safe.’”
OEMs save time and money by not having to design and implement their own circuits. The reduction in software complexity, wiring, and system certification add to these savings, resulting in lower total cost of ownership (TCO).
Knowledge is Safety
One of the most important aspects of integrating and distributing safety is improving clarity in diagnostics for operators. According to Woller, “Sometimes a safety response is hard to diagnosis and operators are left wondering, ‘Why won’t my machine run?’ If they can’t figure it out, there’s a real temptation to override safety mechanisms to keep production moving. With integrated safety, equipment can more clearly tell the operator why the safety event occurred. Then the operator can address the problem, ensuring safety requirements are met without sacrificing uptime.”
The flexibility of mobile robots promises greater efficiency on the factory floor. At the same time, this flexibility increases the complexity of keeping the workspace safe. By taking an integrated and distributed approach to safety, OEMs can leverage the many benefits of robotic automation while improving operator safety, system reliability, and even production efficiency.
Want more of this content? Register FREE for A3 TechCon, a one-day virtual event on Wednesday, December 14.