Cobots (Collaborative Robots): Safety Standards, Risk Assessment, and Certification

Cobots (Collaborative Robots): Safety Standards, Risk Assessment, and Certification

Cobots (Collaborative Robots) introduce unique safety considerations because they operate in close proximity to humans. Certification, standards compliance, and systematic risk assessment are essential to achieve legally defensible and operationally safe deployments. This article outlines the applicable standards, risk assessment methodologies, collaborative modes of operation, safety functions and measures, and practical steps for certification and workplace integration.

Key standards and normative documents

Several international standards govern the safety of industrial robots and collaborative operations.

The most relevant include:

• ISO 10218-1 and ISO 10218-2: General safety requirements for industrial robots and robot systems in the workplace. They define principles for risk assessment and safety design.

• ISO/TS 15066: Technical specification that provides guidance on collaborative robot operation, including contact-force limits, pain thresholds, and practical testing procedures for human-robot contact scenarios.

• EN standards and regional equivalents that may impose additional machine directive compliance and functional safety requirements (e.g., Machinery Directive in EU).

Collaborative operation modes

ISO/TS 15066 describes collaborative operation modes; designers and integrators must select and validate the appropriate mode for each application:

• Safe stop and restart - Robot halts securely when a safety signal is triggered and resumes operation only when conditions are safe.

• Speed and separation monitoring - The robot reduces speed as a human approaches; reliable sensing determines separation distance.

• Power and force limiting by design or control - Physical design and control limit impact forces to acceptable levels, measured through contact testing.

• Hand-guiding - Operators physically guide the robot; the system must provide intuitive, low-inertia behavior and safeguards to prevent unintended motion.

Risk assessment workflow

Systematic risk assessment is central to safety compliance.

A practical workflow includes:

• Hazard identification: List hazards related to mechanical motion, crushing, impact, entanglement, and non-contact risks such as noise and electrical faults.

• Risk estimation: Evaluate severity and probability of each hazard using qualitative or quantitative methods.

• Risk reduction: Apply technical and organizational measures to reduce risk to an acceptable level, prioritizing inherently safe design, then safeguarding, and finally administrative controls.

• Residual risk evaluation: Verify that remaining risks are acceptable and documented; if not, iterate further mitigations.

• Validation and documentation: Perform tests (including contact force measurements per ISO/TS 15066), record outcomes, and maintain traceable safety documentation for certification bodies and inspectors.

Safety functions and implementation

Implementing safety functions requires a layered approach combining hardware, firmware, and software measures:

• Physical guards where necessary to prevent access to hazardous zones.

• Safety-rated sensors (light curtains, area scanners, safety mats) and redundant proximity detection for reliable human detection.

• Safety controllers or safety PLCs that execute certified safe state transitions and monitor integrity of safety-critical signals.

• Speed and force monitoring implemented in independent chains where necessary to meet architecture constraints of functional safety standards (e.g., SIL or PL levels).

Contact force testing and human injury thresholds

ISO/TS 15066 provides guidance on permissible contact forces and pressures for different body regions. Practical contact testing involves instrumented mannequins or sensors to record impact forces and pressures during controlled contacts, assessing whether measured values stay below specified thresholds for acceptable injury risk. Engineers must account for dynamic conditions, tool geometry, and the duration of contact.

Software safety and cybersecurity

Increasing connectivity introduces cyber risks that can become safety risks if not mitigated. Best practices include secure boot, signed firmware updates, encrypted communication channels, role-based access control for programming interfaces, and intrusion detection for networked robot systems. Safety-by-design requires that critical safety functions are segregated from non-critical networks and that failure modes are fail-safe.

Human factors and workplace integration

Beyond technical safeguards, human factors engineering reduces the likelihood of unsafe interactions. Practical measures include ergonomic cell layout, operator training programs, clear visual indicators and beacons, and standardized procedures for handovers and maintenance. Collaborative applications should be designed to minimize unexpected outcomes and enable predictable robot behavior.

Certification, testing, and documentation

Certification involves producing a technical file containing the risk assessment, design calculations, test reports (including contact force tests), operating procedures, and maintenance manuals. Integrators typically work with notified bodies or third-party testing labs for formal verification and may rely on manufacturer-supplied conformity evidence for the robot hardware components.

Common pitfalls and mitigation

Typical mistakes include underestimating dynamic contact scenarios, relying solely on software limits without independent safety chains, inadequate human factors analysis, and insufficient maintenance procedures. Mitigations involve conducting realistic worst-case testing, designing redundant safety architectures, and documenting preventive maintenance and calibration schedules.

Practical example

An electronics manufacturer integrates a cobot for board insertion tasks. The integrator conducts a risk assessment, selects power-and-force limiting as the primary collaborative mode, equips the cell with a safety-rated area scanner for speed and separation monitoring, and validates contact forces using instrumented tests per ISO/TS 15066. A safety PLC manages emergency stop behavior and enforces controlled restart procedures; operator training and clear signage complete the safety case.

Conclusion

Complying with safety standards for cobots requires a structured approach combining technical safeguards, validated control strategies, ergonomic design, and thorough documentation. Early-stage risk assessment and adherence to ISO standards reduce integration time and produce safer, more reliable collaborative systems.