Robots are being increasingly used in conjunction with human beings, e.g. in combined research projects, in the medical sector and in the entertainment field, in which robots are provided with means for receiving people in order to move them around in the air. In all these cases increased robot operational safety is required.
Numerous methods and devices are known for monitoring a robot. However, what is problematical in the known methods is that it is not possible to detect certain faults and errors based on physical changes to the robot system. These changes are e.g. caused by ageing phenomena, the bending or breaking of structural elements, transmissions or drive shafts. It is also not possible for the measurement system of the robot to detect whether the tools or passenger gondolas flanged to the robot are still correctly connected to the latter.
It is also problematical that a robot system cannot readily detect whether changes have been made to a program section in an unauthorized or negligent manner. Safety-critical installations must be stopped if a software change has not been accepted by a competent employee of a test laboratory, i.e. in particular if such changes have been made in an unauthorized manner. An operating file level-based protection is not adequate, because in certain circumstances it is easy for employees to get round this protection.
Path planning errors which can occur during operation can also not be detected with existing methods. Generally only the position determination is redundantly designed, but this does not apply to the path planning. A machine or robot system which only reliably monitors the adjacent positions can consequently not know whether the adjacent positions have been correctly planned by the control system.
Thus, it must be safely possible to put into operation (again) installations comprising several robots and starting from a randomly assumed stop state. A random, not program-controlled installation state can e.g. be caused by an emergency stop or a power failure. As it cannot be excluded that persons can be endangered in a random installation state, particularly when this state is maintained for a long time, special measures must be taken in order to as quickly as possible eliminate this undesired installation state. It is known to prevent a power failure by interruption-free power supplies.
The problem of the invention is to increase the safety of the movable elements of a machine, particularly a robot, such as an industrial robot.