How to Calculate Performance Levels for Robot Cells: A Step-by-Step Guide

Written By Jon Anna

Calculating Performance Level (PL) for safety systems in robot cells is a critical part of ensuring the safety and reliability of automated systems. Performance Level (PL) determines the risk reduction capability of a safety system, ensuring that the likelihood of a dangerous failure is minimized. Accurate PL calculations are necessary to ensure that robot cells are compliant with safety standards such as ISO 13849-1 and IEC 62061 while also protecting workers from potential hazards.

This article provides a step-by-step guide on how to calculate the Performance Level of a safety system, focusing specifically on robot cells. It will outline the factors influencing PL, how to conduct a proper risk assessment, and the methodology used for the calculation. Additionally, the article will explore the importance of PL in robot cell safety, and its role in meeting regulatory requirements.

What is Performance Level (PL) in Robot Cells?

Performance Level (PL) is a measure of the safety performance of a safety-related control system. It defines the probability of failure of the safety system during operation, with the aim of achieving a certain level of risk reduction. The Performance Level is typically rated on a scale from PL a (the lowest level) to PL e (the highest level).

For robot cells, the PL rating is calculated by considering several key factors, including:

  • The reliability of the safety devices (e.g., sensors, emergency stops, light curtains).

  • The architecture of the safety system (e.g., single or redundant circuits).

  • The probability of failure of the safety components under normal operating conditions.

  • Diagnostic coverage (i.e., the ability of the system to detect failures in safety components).

Step 1: Risk Assessment and Determining Safety Requirements

Before you begin the process of calculating the PL, the first step is to conduct a risk assessment of the robot cell. This will provide the basis for determining the safety requirements and the level of risk reduction needed. A risk assessment is a systematic process that involves evaluating the hazards, the severity of harm, and the likelihood of the hazard occurring.

Factors to Consider in the Risk Assessment:

  1. Severity of Harm: What is the potential consequence if the safety system fails? For instance, will it result in a minor injury or a fatal accident? The severity is categorized as:

    • Minor: Temporary injury or damage.

    • Serious: Long-term injury or significant damage.

    • Catastrophic: Fatalities or catastrophic damage.

  2. Likelihood of Occurrence: How likely is the hazard to occur during operation? This could be influenced by factors such as the type of robot being used, the environment, and the proximity of workers to the robot cell. The likelihood is classified as:

    • Frequent: Occurs often during normal operation.

    • Occasional: Happens occasionally during operation.

    • Unlikely: Rarely occurs.

  3. Exposure Frequency: How often will workers be exposed to the hazard? Are they in close proximity to the robot arm during operation or are they located in a safe area away from moving parts?

Outcome of Risk Assessment:

Based on this evaluation, you can determine the performance requirements of the robot cell’s safety system. This includes the required level of risk reduction and, ultimately, the Performance Level (PL) needed to protect workers from the identified risks.

Step 2: Choosing the Right Safety Devices and Architecture

Once the risk assessment has been completed, the next step is to choose the appropriate safety devices and architectures for the robot cell. The architecture of the safety system plays a significant role in determining the overall Performance Level (PL) because different architectures provide varying levels of redundancy and fault tolerance.

Types of Safety Devices:

  1. Safety Sensors: These devices detect the presence of a person or object near the robot cell, such as safety light curtains and proximity sensors.

  2. Emergency Stop Systems: These include emergency stop buttons or pull cords that allow operators to stop the robot’s movement in case of an emergency.

  3. Safety Interlocks: These devices ensure that the robot cannot operate if a safety door or guard is open.

  4. Guarding Systems: These include physical barriers like safety gates, fences, and robot cell enclosures that protect workers from hazardous robot movements.

Safety Architecture:

The architecture of the safety system refers to how the devices are arranged and connected to provide the necessary risk reduction. The architecture can be categorized into several ISO 13849-1 categories:

  • Category B: No redundancy; single-channel system.

  • Category 1: Single-channel system with improved reliability.

  • Category 2: Dual-channel system, requiring manual intervention.

  • Category 3: Dual-channel system with safe failure detection.

  • Category 4: Redundant, fault-tolerant system with diagnostic coverage.

A higher category typically provides a higher PL because it offers greater fault tolerance and reliability in the event of a failure.

Step 3: Calculating the Performance Level (PL)

With the safety devices and architecture in place, the next step is to calculate the Performance Level (PL) of the robot cell’s safety system. This calculation is influenced by several key factors, including the mean time to dangerous failure (MTTFd) of the components, diagnostic coverage (DC), and common cause failures (CCF).

Key Elements in PL Calculation:

  1. Mean Time to Dangerous Failure (MTTFd):

    • MTTFd refers to the average time it takes for a safety component to fail in a dangerous state (i.e., when it fails to perform its safety function).

    • Higher MTTFd means that the system is more reliable, reducing the likelihood of dangerous failure.

    • MTTFd values are typically categorized as:

      • Low: < 100 years.

      • Medium: 100 to 1,000 years.

      • High: > 1,000 years.

  2. Diagnostic Coverage (DC):

    • DC refers to the ability of the system to detect faults in safety components before they result in a failure.

    • A high DC improves the system’s overall performance by identifying problems early, leading to a lower risk of hazardous failures.

  3. Common Cause Failures (CCF):

    • This refers to the possibility that a failure in one component could trigger failures in other components of the system.

    • Minimizing CCF through the use of redundant systems or separation of critical components helps ensure the reliability of the overall system.

Calculation Process:

To calculate the Performance Level (PL), the following formula is applied, which combines the values of MTTFd, DC, and CCF:

  • PL = f(MTTFd, DC, CCF)

Each of these factors is assigned a value based on the risk assessment, the chosen devices, and the architecture. The resulting PL is typically classified as PL a, PL b, PL c, PL d, or PL e, depending on the calculated probability of failure.

Step 4: Verifying and Validating the Safety System

After calculating the Performance Level (PL), it is essential to verify and validate the safety system to ensure that it meets the required safety standards. This verification process typically involves:

  • Testing: To confirm that all safety functions work as intended.

  • Documentation: Detailed records of the design, calculation, and testing process.

  • Periodic Inspections: Ongoing checks to ensure that the system remains compliant and functional over time.

Verification and validation ensure that the system performs as expected in real-world conditions, and that it can achieve the desired risk reduction consistently.

Conclusion: The Importance of Accurate PL Calculations

Calculating Performance Levels (PL) for robot cells is a critical process in ensuring the safety and reliability of automated systems. By following the proper steps—conducting a risk assessment, selecting the right safety devices, calculating the PL, and verifying the system—companies can reduce the risk of harm to workers and ensure compliance with industry standards.

Accurate PL calculations also improve the reliability and efficiency of the system, ultimately contributing to safer, more productive workplaces. Ensuring that safety systems meet the required PL standards is not just a regulatory necessity—it’s a key factor in creating a safety-conscious culture that protects both workers and assets.

Citations:

  • ISO 13849-1: Safety of machinery—Safety-related parts of control systems—Part 1: General principles for design.

  • IEC 62061: Safety of machinery—Functional safety of safety-related electrical, electronic, and programmable electronic control systems.

  • ANSI/RIA R15.06: Industrial Robots and Robot Systems – Safety Requirements.

Jon Anna
Previous

Safety Devices for Robot Cells: Key Components and Their Role in Achieving Performance Levels (PL)
Next

Box-Checking Safety Is a Lie: It’s Time for a Reality Check