Eight Steps to Safe Autonomous Robots · Eight Steps to Safe Autonomous Robots 09.11.19 - ROSCon JP...
Transcript of Eight Steps to Safe Autonomous Robots · Eight Steps to Safe Autonomous Robots 09.11.19 - ROSCon JP...
![Page 1: Eight Steps to Safe Autonomous Robots · Eight Steps to Safe Autonomous Robots 09.11.19 - ROSCon JP Ryan Gariepy, CTO Clearpath Robotics](https://reader034.fdocuments.net/reader034/viewer/2022052003/60162a7934a2e2750e26ae14/html5/thumbnails/1.jpg)
Eight Steps toSafe AutonomousRobots
09.11.19 - ROSCon JP
Ryan Gariepy, CTO Clearpath Robotics
![Page 2: Eight Steps to Safe Autonomous Robots · Eight Steps to Safe Autonomous Robots 09.11.19 - ROSCon JP Ryan Gariepy, CTO Clearpath Robotics](https://reader034.fdocuments.net/reader034/viewer/2022052003/60162a7934a2e2750e26ae14/html5/thumbnails/2.jpg)
My History
![Page 3: Eight Steps to Safe Autonomous Robots · Eight Steps to Safe Autonomous Robots 09.11.19 - ROSCon JP Ryan Gariepy, CTO Clearpath Robotics](https://reader034.fdocuments.net/reader034/viewer/2022052003/60162a7934a2e2750e26ae14/html5/thumbnails/3.jpg)
My History
2005 2007 2008 2009
Kiva Systems(Intern)
Clearpath Robotics(Founder)
Honda of Canada (Intern)
Aeryon Labs(Intern)
![Page 4: Eight Steps to Safe Autonomous Robots · Eight Steps to Safe Autonomous Robots 09.11.19 - ROSCon JP Ryan Gariepy, CTO Clearpath Robotics](https://reader034.fdocuments.net/reader034/viewer/2022052003/60162a7934a2e2750e26ae14/html5/thumbnails/4.jpg)
My History (Continued)
2010 2012 2014 2019
OTTO Motors division started
OTTO International Expansion
First for-profit company to support ROS
First ROSCon, OSRF founded
![Page 5: Eight Steps to Safe Autonomous Robots · Eight Steps to Safe Autonomous Robots 09.11.19 - ROSCon JP Ryan Gariepy, CTO Clearpath Robotics](https://reader034.fdocuments.net/reader034/viewer/2022052003/60162a7934a2e2750e26ae14/html5/thumbnails/5.jpg)
8 Steps to SaferAutonomous Vehicles
![Page 6: Eight Steps to Safe Autonomous Robots · Eight Steps to Safe Autonomous Robots 09.11.19 - ROSCon JP Ryan Gariepy, CTO Clearpath Robotics](https://reader034.fdocuments.net/reader034/viewer/2022052003/60162a7934a2e2750e26ae14/html5/thumbnails/6.jpg)
8 Steps
1.What Is Safety?
2.What Is The Environment?
3.Know The Rules & Regulations
4.Know Your Risks
5. Use Good Mitigations
6. Safety By Design
7. Safety Architecture & Use of Predictable Code
8. Use Statistics
![Page 7: Eight Steps to Safe Autonomous Robots · Eight Steps to Safe Autonomous Robots 09.11.19 - ROSCon JP Ryan Gariepy, CTO Clearpath Robotics](https://reader034.fdocuments.net/reader034/viewer/2022052003/60162a7934a2e2750e26ae14/html5/thumbnails/7.jpg)
What is Safety?
Safety does not mean ‘perfectly polite’ vehicles.
Zero risk is impossible.
![Page 8: Eight Steps to Safe Autonomous Robots · Eight Steps to Safe Autonomous Robots 09.11.19 - ROSCon JP Ryan Gariepy, CTO Clearpath Robotics](https://reader034.fdocuments.net/reader034/viewer/2022052003/60162a7934a2e2750e26ae14/html5/thumbnails/8.jpg)
Safety is about keeping people free from harm.
FIRST-ORDER RISKS
What is Safety?
![Page 9: Eight Steps to Safe Autonomous Robots · Eight Steps to Safe Autonomous Robots 09.11.19 - ROSCon JP Ryan Gariepy, CTO Clearpath Robotics](https://reader034.fdocuments.net/reader034/viewer/2022052003/60162a7934a2e2750e26ae14/html5/thumbnails/9.jpg)
Safety is about keeping people free from harm.
SECOND-ORDER RISKS
What is Safety?
![Page 10: Eight Steps to Safe Autonomous Robots · Eight Steps to Safe Autonomous Robots 09.11.19 - ROSCon JP Ryan Gariepy, CTO Clearpath Robotics](https://reader034.fdocuments.net/reader034/viewer/2022052003/60162a7934a2e2750e26ae14/html5/thumbnails/10.jpg)
As safety increases, speeds decrease AND/OR space required increases
Robots must be safer than people performing the same task
What is Safety?
![Page 11: Eight Steps to Safe Autonomous Robots · Eight Steps to Safe Autonomous Robots 09.11.19 - ROSCon JP Ryan Gariepy, CTO Clearpath Robotics](https://reader034.fdocuments.net/reader034/viewer/2022052003/60162a7934a2e2750e26ae14/html5/thumbnails/11.jpg)
No More Machine Operators
Machines have operators Robots have bystanders
![Page 12: Eight Steps to Safe Autonomous Robots · Eight Steps to Safe Autonomous Robots 09.11.19 - ROSCon JP Ryan Gariepy, CTO Clearpath Robotics](https://reader034.fdocuments.net/reader034/viewer/2022052003/60162a7934a2e2750e26ae14/html5/thumbnails/12.jpg)
Environment/ Bystanders
1.Who are your bystanders?
2.How big are they?
3.What clothing are they
wearing?
4.How foolish are they?
![Page 13: Eight Steps to Safe Autonomous Robots · Eight Steps to Safe Autonomous Robots 09.11.19 - ROSCon JP Ryan Gariepy, CTO Clearpath Robotics](https://reader034.fdocuments.net/reader034/viewer/2022052003/60162a7934a2e2750e26ae14/html5/thumbnails/13.jpg)
Standards
Principles of Design
Generic Safety StandardsSafeguards, Aspects of Safety
Specific Machinery Safety Standards
Type “A”
Type “B”
Type “C”
Nat
iona
l Sta
ndar
ds
![Page 14: Eight Steps to Safe Autonomous Robots · Eight Steps to Safe Autonomous Robots 09.11.19 - ROSCon JP Ryan Gariepy, CTO Clearpath Robotics](https://reader034.fdocuments.net/reader034/viewer/2022052003/60162a7934a2e2750e26ae14/html5/thumbnails/14.jpg)
Standards
ISO 12100 (Risk
assessment)
ISO 13849 (Safety Control Systems)IEC 61508 (Functional Safety)
ANSI B56.5 (AGVs)RIA R15.08 (AMRs)
ISO 13482 (Personal Care Robots)
Type “A”
Type “B”
Type “C”
CE,
JIS
, CSA
![Page 15: Eight Steps to Safe Autonomous Robots · Eight Steps to Safe Autonomous Robots 09.11.19 - ROSCon JP Ryan Gariepy, CTO Clearpath Robotics](https://reader034.fdocuments.net/reader034/viewer/2022052003/60162a7934a2e2750e26ae14/html5/thumbnails/15.jpg)
New Industry - Type C Standards Still In Progress!
Principles of Design
Generic Safety StandardsSafeguards, Aspects of Safety
Specific Machinery Safety Standards
Type C standards should have specific advice on:
- Moving object detection- 3D object detection- Vehicle dynamic testing and restrictions
- Proper use of machine learning
“A”
“B”
“C”But they usually don’t!
Must use Type B or Type A
![Page 16: Eight Steps to Safe Autonomous Robots · Eight Steps to Safe Autonomous Robots 09.11.19 - ROSCon JP Ryan Gariepy, CTO Clearpath Robotics](https://reader034.fdocuments.net/reader034/viewer/2022052003/60162a7934a2e2750e26ae14/html5/thumbnails/16.jpg)
Risk Assessment Formats
ISO 12100 Format
![Page 17: Eight Steps to Safe Autonomous Robots · Eight Steps to Safe Autonomous Robots 09.11.19 - ROSCon JP Ryan Gariepy, CTO Clearpath Robotics](https://reader034.fdocuments.net/reader034/viewer/2022052003/60162a7934a2e2750e26ae14/html5/thumbnails/17.jpg)
Risk Assessment Formats
ISO 12100 Format
![Page 18: Eight Steps to Safe Autonomous Robots · Eight Steps to Safe Autonomous Robots 09.11.19 - ROSCon JP Ryan Gariepy, CTO Clearpath Robotics](https://reader034.fdocuments.net/reader034/viewer/2022052003/60162a7934a2e2750e26ae14/html5/thumbnails/18.jpg)
Low Probability High Probability
Low Impact
Result: Improvement opportunity, not safety issue
Prioritized: Via kaizen initiatives after release
Result: Product quality issue, not safety issue
Prioritized: Via customer feedback before release
High Impact
Result: Major safety risk, difficult to know
Prioritized: Needs active investigation
Result: Major safety risk
Prioritized: Via safety culture in development team
Types of Risk
![Page 19: Eight Steps to Safe Autonomous Robots · Eight Steps to Safe Autonomous Robots 09.11.19 - ROSCon JP Ryan Gariepy, CTO Clearpath Robotics](https://reader034.fdocuments.net/reader034/viewer/2022052003/60162a7934a2e2750e26ae14/html5/thumbnails/19.jpg)
Low Probability High Probability
Low Impact
Result: Improvement opportunity, not safety issue
Prioritized: Via kaizen initiatives after release
Result: Product quality issue, not safety issue
Prioritized: Via customer feedback before release
High Impact
Result: Major safety risk, difficult to know
Prioritized: Needs active investigation
Result: Major safety risk
Prioritized: Via safety culture in development team
Types of Risk
![Page 20: Eight Steps to Safe Autonomous Robots · Eight Steps to Safe Autonomous Robots 09.11.19 - ROSCon JP Ryan Gariepy, CTO Clearpath Robotics](https://reader034.fdocuments.net/reader034/viewer/2022052003/60162a7934a2e2750e26ae14/html5/thumbnails/20.jpg)
Mitigations
Functional Safety: Standard
Protective Equipment Undesired
Training & Awareness: Sometimes OK
Intrinsic Safety: Best
![Page 21: Eight Steps to Safe Autonomous Robots · Eight Steps to Safe Autonomous Robots 09.11.19 - ROSCon JP Ryan Gariepy, CTO Clearpath Robotics](https://reader034.fdocuments.net/reader034/viewer/2022052003/60162a7934a2e2750e26ae14/html5/thumbnails/21.jpg)
Intrinsic Safety
Remember the bystanders?
![Page 22: Eight Steps to Safe Autonomous Robots · Eight Steps to Safe Autonomous Robots 09.11.19 - ROSCon JP Ryan Gariepy, CTO Clearpath Robotics](https://reader034.fdocuments.net/reader034/viewer/2022052003/60162a7934a2e2750e26ae14/html5/thumbnails/22.jpg)
Intrinsic Safety
“Can the bystanders beat the robot in a fight?”
Speed <0.3 m/s or total mass <100 kg?
![Page 23: Eight Steps to Safe Autonomous Robots · Eight Steps to Safe Autonomous Robots 09.11.19 - ROSCon JP Ryan Gariepy, CTO Clearpath Robotics](https://reader034.fdocuments.net/reader034/viewer/2022052003/60162a7934a2e2750e26ae14/html5/thumbnails/23.jpg)
Other Safety Basics
Emergency Stops Wireless Emergency Stops
Safety Lasers Lockouts
![Page 24: Eight Steps to Safe Autonomous Robots · Eight Steps to Safe Autonomous Robots 09.11.19 - ROSCon JP Ryan Gariepy, CTO Clearpath Robotics](https://reader034.fdocuments.net/reader034/viewer/2022052003/60162a7934a2e2750e26ae14/html5/thumbnails/24.jpg)
Architecture: ISO13849 Levels
Category “B”Category “1”
Image: iRobot
Output(fault contactor)
Input(range sensor)
Logic(IF range < thresholdTHEN trigger fault)
![Page 25: Eight Steps to Safe Autonomous Robots · Eight Steps to Safe Autonomous Robots 09.11.19 - ROSCon JP Ryan Gariepy, CTO Clearpath Robotics](https://reader034.fdocuments.net/reader034/viewer/2022052003/60162a7934a2e2750e26ae14/html5/thumbnails/25.jpg)
Architecture: ISO13849 Levels
Category “2”
Output(fault contactor)
Input(range sensor)
Logic(IF range < thresholdTHEN trigger fault)
Test Logic(IF range not change THEN trigger fault)
Test Output(motor control
enable)
Image: iRobot
![Page 26: Eight Steps to Safe Autonomous Robots · Eight Steps to Safe Autonomous Robots 09.11.19 - ROSCon JP Ryan Gariepy, CTO Clearpath Robotics](https://reader034.fdocuments.net/reader034/viewer/2022052003/60162a7934a2e2750e26ae14/html5/thumbnails/26.jpg)
Architecture: ISO13849 Levels
Category “3”Category “4”
Output(fault contactor)
Input(range sensor 1)
Logic(IF range < thresholdTHEN trigger fault)
Test Logic(IF range not change THEN trigger fault)
Test Output(motor control
enable)Input
(range sensor 2)
Image: iRobot
![Page 27: Eight Steps to Safe Autonomous Robots · Eight Steps to Safe Autonomous Robots 09.11.19 - ROSCon JP Ryan Gariepy, CTO Clearpath Robotics](https://reader034.fdocuments.net/reader034/viewer/2022052003/60162a7934a2e2750e26ae14/html5/thumbnails/27.jpg)
Architecture: Navigational Safety Layering
LIDARs & Fieldsets
Vehicle Dynamics Management
Base Footprint Checker
Path Projection
Dynamic Object Tracking
Multi-Vehicle Communications
White Box/Introspectable Code
Safety-Ratable Code
Safety-Rated Subsystems
Black Box CodeTemplate Docking
Neural Network Docking
![Page 28: Eight Steps to Safe Autonomous Robots · Eight Steps to Safe Autonomous Robots 09.11.19 - ROSCon JP Ryan Gariepy, CTO Clearpath Robotics](https://reader034.fdocuments.net/reader034/viewer/2022052003/60162a7934a2e2750e26ae14/html5/thumbnails/28.jpg)
Statistics
MTTFd: Mean Time to Dangerous Failure.
MTTF, except only for failures which create hazards
IEC 62061ISO 13849
Risk Assessment
ItemPLr
System Architecture
MTTFd
PL
PL: Performance level of safety system/subsystem
PLr: Required performance level given risks
![Page 29: Eight Steps to Safe Autonomous Robots · Eight Steps to Safe Autonomous Robots 09.11.19 - ROSCon JP Ryan Gariepy, CTO Clearpath Robotics](https://reader034.fdocuments.net/reader034/viewer/2022052003/60162a7934a2e2750e26ae14/html5/thumbnails/29.jpg)
Software Testing
Unit Testing Real World TestingSimulationsV-ModelDevelopment
Requirements
Architecture
Design Unit Tests
System Tests
Acceptance Tests
Development
![Page 30: Eight Steps to Safe Autonomous Robots · Eight Steps to Safe Autonomous Robots 09.11.19 - ROSCon JP Ryan Gariepy, CTO Clearpath Robotics](https://reader034.fdocuments.net/reader034/viewer/2022052003/60162a7934a2e2750e26ae14/html5/thumbnails/30.jpg)
Conclusions
![Page 31: Eight Steps to Safe Autonomous Robots · Eight Steps to Safe Autonomous Robots 09.11.19 - ROSCon JP Ryan Gariepy, CTO Clearpath Robotics](https://reader034.fdocuments.net/reader034/viewer/2022052003/60162a7934a2e2750e26ae14/html5/thumbnails/31.jpg)
Conclusions
1. What Is Safety?
2. What Is The Environment?
3. Know The Rules & Regulations
4. Know Your Risks
5. Use Good Mitigations
6. Safety By Design
7. Safety Architecture
8. Use Statistics
More cautious than people, but not ‘perfectly polite’
How foolish are your bystanders?
You will probably need first principles
Look for low-likelihood/high-impact
Intrinsic safety best, functional safety OK
Keep it slow and light, have stopping methods
Build for redundancy and determinism
Don’t trust your eyes, trust the statistics
![Page 32: Eight Steps to Safe Autonomous Robots · Eight Steps to Safe Autonomous Robots 09.11.19 - ROSCon JP Ryan Gariepy, CTO Clearpath Robotics](https://reader034.fdocuments.net/reader034/viewer/2022052003/60162a7934a2e2750e26ae14/html5/thumbnails/32.jpg)
Questions
Ryan GariepyCTO, Clearpath
Join us on our mission to change the way materials move in factories worldwide.
Together, We Can Start a Self-Driving Revolution.