Hidden Challenges of Deploying Robots in the Real World
Part 2: Ensuring Safety
Deploying robots in real-world environments requires a commitment to safety , both physical safety of people near the robot and cyber safety of any network the robot may be connected to. Hospitals, where our robots operate, are critical environments with strict safety requirements. In this post, I’ll share some of the key considerations to ensure the safety of our robots, staff, and the environments where they operate.
Physical safety: Formal risk analysis
To ensure a robot is can be deployed safely, it’s necessary to undertake a detailed risk analysis. This is an essential part of the CE marking evaluation, which is required by law for products in Europe. This process, reviewed by an independent standards agency, requires assessing all potential risks associated with the robot’s operations. Each risk needs to be evaluated for its likelihood of occurrence and potential harm it could cause, and appropriate mitigation strategies need to be implement to address whatever risks are identified. For our UV disinfection robot, some of the risk mitigation steps included:
Comprehensive Documentation: We created detailed records covering every aspect of the robot’s design and manufacturing process. This included a complete bill of materials, verifying that all components were RoHS compliant and met the necessary standards.
Upgraded Power and Electrical Control Systems. Numerous components, which may have previously been appropriate for research environments, were swapped out for industrial-grade parts with specific safety ratings. Additionally, the robot’s wiring and control logic were redesigned to meet these more rigorous standards.
Design Adjustments for RF Compliance: To ensure the robot stayed within allowable RF emission limits, significant revisions were made to its design. This was particularly challenging due to the large number of RF-producing components, such as motors, DC-DC converters, and AC lamp drivers, making the process more complex and time-intensive than anticipated.
Navigation safety: ISO-compliance testing
Navigating hospital environments presents unique challenges, from traversing tight corridors to detecting ceiling mounted equipment. Any failure in navigation could pose risks to both people and property. To address this, we tested our robot in line with ISO 18646–2:2019, a global standard for testing the navigation performance of service robots. These tests ensured our robots could navigate reliably while avoiding collisions and operating safely alongside staff. This was a time consuming process owing to:
Construction of Testing Infrastructure: We developed specialized testing apparatus to complete the evaluation. This included implementing a motion tracking system capable of accurately monitoring the robot’s movements and building an actuated mechanism to move objects at controllable speeds, replicating conditions stipulated in the standard.
Refinement of Obstacle Avoidance Behaviors: Our software was optimized to reliably detect obstacles specified by the standard. This included implementing robust fallback behaviors to handle scenarios where the robot encountered moving objects, ensuring safe and predictable responses.
Occupational safety: Mitigating risks of UV radiation exposure
Hospitals are time critical environments and it is operationally problematic if people cannot work alongside any robots that may be present. For our UV robots, which emit radiation for disinfection, this posed a specific challenge: how do we ensure the safety of staff who may need to work in the same room as the robot?
To address this, we developed several hardware solutions that have subsequently been implemented within the standard operating procedures for using the robot:
Wearable UV sensors: These devices actively monitor background UV levels and can either turn off the robot or notify staff if safe thresholds are exceeded. Further information on these sensors can be found in a scientific article we published in the journal Sensors, available here.
Door sensors: These sensors are placed on entrance ways along with a sign requesting unauthorized staff not to enter the room. If the door is unexpectedly opened, the sensor sends a shutdown command which automatically turns off the robot’s UV lamps.
Room monitoring sensors: These sensors are installed in the rooms where the robot operates, much like CCTV cameras. Like the sensors onboard the robot, they can detect the presence of people in the environment. Connected to the robot via a wireless network, they serve as an additional layer of safety, alerting the robot if someone is about to enter the area. This provides a critical fallback: even if the robot’s own sensors fail to detect a person, it will still automatically shut off its UV lamps.
Additionally, we conducted clinical studies in multiple hospitals to demonstrate that staff could work safely alongside the robot. These studies were critical in verifying that our robots could meet occupational safety limits for UV exposure, providing hospitals with the confidence to deploy our systems in active environments.
Cyber safety: Securing the device
Cybersecurity is just as vital as physical safety, particularly in hospitals where cyber attacks have caused severe disruptions in recent years — such as the ransomware attack on Ireland’s healthcare system. A compromised robot could endanger patient safety if hijacked, and it also poses a broader threat to the hospital’s IT infrastructure. As an entry point to the network, a compromised robot could grant attackers access to sensitive medical data and the potential to disrupt critical hospital systems. To mitigate these risks, robust cybersecurity measures must be implemented, including:
Whitelisting access: Ensuring only authorized computers controlled by Akara personnel can remotely interact with the robot’s systems.
Internal and External Firewalls: Protecting against both incoming and outgoing threats. Internal firewalls restrict communication between the robot and external systems on the hospitals IT network, while external firewalls prevent unauthorized access to the robot itself.
Containerized Software: Each software container operates on the principle of least privilege, ensuring it has only the minimal permissions needed to perform its function. By isolating tasks and running without root access, containers limit the potential impact of a security breach, safeguarding both the robot and the hospital’s IT network.
Summary
Ensuring safety , whether physical, navigational, operational, or cyber, is a critical aspect of deploying robots in real-world environments. The complexity of robotics, combined with the nascent nature of the service robotics industry, often leads to an underestimation of what it truly takes to develop a robot that meets safety standards for commercial use and deployment.
In the next post, I’ll delve into the what’s required to be meet the IT requirements necessary to secure access to hospital client Wi-Fi networks.