Editor’s Note: This article takes an honest, conversational, podcast-style approach between a TUV-certified safety engineer and an EHS specialist.
It’s a normal day on the shop floor.
A routine jam in a robotic cell, a worker steps in to fix it, and the light curtain trips as expected. Everything seems safe. But in a matter of seconds, the entire safety system quietly fails.
The machine is reset from the outside while the worker is still inside.
There’s no exclusive control, no visibility, and no second chances. The result? A preventable incident that leaves a worker seriously injured (or worse), the cell unsafe, and production halted with unplanned downtime.
This situation plays out more often than you might think. In today’s manufacturing environments, robotic cells are everywhere, but many systems have hidden flaws that don’t show up until it’s too late.
This article walks you through a real-life scenario where a robotic cell setup looked compliant but revealed serious gaps during everyday operation.
Through the lens of two experienced safety professionals, a certified TUV safety engineer and an EHS specialist, we’ll explore what went wrong, why it happened, and how to fix it.
Jump to a Section
Meet the Experts | It Looked Safe | Scenario | What Went Wrong? | Better Design | Build With Risk in Mind | Lessons Learned | Next Steps for EHS Managers & Engineers | Additional Resources
Watch the Scenario in Action:
MPSA’s Ryan and Dave walk through a real-world example of a robotic cell that looked compliant on the surface, but fell short where it mattered most: protecting people.
Video not loading? Watch on YouTube.
|
Ryan has over 17 years of experience in automation and controls and is a certified Functional Safety Engineer through TÜV Rheinland. He is driven to assist customers with practical solutions for mitigating machine safety hazards. He has experience in developing safety solutions for material handling, food production, and packaging systems. |
Dave has over 40 years of global EHS experience and retired as Director of Global Safety & Loss Prevention for Merck & Co., Inc. As MPSA’s EHS Program Specialist, Dave assists the MPSA Team and their clients with machine safety programs, compliance, and training needs. |
Ryan: “On paper, this robotic cell seemed safe. You had fixed perimeter guarding, properly mounted. The light curtains were installed where you'd expect. But when we walked through an everyday scenario, routine troubleshooting, gaps in the safety design became immediately apparent.”
Dave: “We see this more than you’d think. A setup passes initial inspection but falls short in real-life use. That’s where risk assessments and validation earn their keep.”
Here’s what happened in this cell:
Let’s pause there.
Dave: “This wasn’t a service or maintenance task. This was a normal part of daily operations.”
So, OSHA’s Lockout/Tagout (29 CFR 1910.147) requirements didn’t strictly apply here, but that doesn’t mean the situation was risk-free.
Ryan: “The light curtain tripped correctly when the attendant entered. That part worked. But the machine operator, relying on the observer, reset the machine without having a direct line of sight into the cell.
Dave: “And the observer? Distracted by their phone. It only took a few seconds for the entire safety system to fail.”
Here’s a breakdown of the core issues:
Light curtains worked, but weren’t enough
The operator couldn’t see inside the cell when resetting
The observer acted as a human safeguard (a risky workaround)
No exclusive control for the person inside the cell
Ryan: “A worker should never have to rely on someone else to stay safe inside a robotic cell.”
This failure wasn’t about the quality of the components. It was about their application.
Here are practical, proven solutions that would’ve prevented the failure:
Explore Presence Detection Components
| Trade-off to note: Proximity sensors can trigger false positives or require tuning for dusty environments, but they eliminate human error from “lookouts.” |
Dave: “All this reinforces why a validated risk assessment should drive safety design, not be an afterthought.”
A good risk assessment would have flagged:
Ryan: “Standards like ANSI B11.0 and ISO 12100 actually spell this out. Visibility during reset is not just a best practice, it’s part of compliance.”
Even certified components can become weak links when they’re not thoughtfully applied. Here’s what you can take away:
Never assume light curtains are a one-stop solution
Give the person inside the cell exclusive control
Design with human behavior (and error) in mind
Validate your setup against real-life usage, not just standards
If you answered “yes” to any of these, it’s time to revisit your risk assessment. That’s where we come in.
At MPSA, we understand that effective safety design starts with identifying and addressing real-world hazards, not just checking boxes. That’s why we offer three flexible hazard assessment options, designed to meet you where you are.
So whether you’re rethinking your safety protocols after a close call or proactively working to prevent one, our team is here to help. Visit the MPSA website to learn more or reach out to Ryan or Dave with your questions. No pressure, just a conversation.
Have a safe day.
MPSA Offers Three Hazard Assessment Options to Meet You Where You Are