There's a revolution happening around us and all over the world. Smart, connected machines, or robotics and autonomous systems (RAS), are acting as tools to support us, working alongside us or alone, making independent decisions and even learning. They act and sense in the real world, connected and collaborating in the internet of things, generating and enabled by large quantities of data, using artificial intelligence to reason, classify, control and interact. They have emerged from research prototypes into practical applications. Autonomous and semiautonomous cars on our streets are one very public example. Other RAS include manufacturing systems that can personalise bespoke designs and reconfigure during normal operations; robotic fulfilment centres that assemble, package and dispatch goods ordered online; drones that deliver packages, or map, inspect and repair in our offshore oilfields and nuclear facilities; assistive exoskeletons to help us move and lift; and interactive companions for the elderly and isolated. In the same way the information and communications technology (ICT) revolution affected everything that uses data, the RAS revolution is changing everything that moves.
The drivers for this revolution are primarily economic – these systems make us more productive, mobile and connected, able to compete in a globalised world economy. However, they also remove operators from hazardous environments and tedious jobs, taking on the dull, dirty and dangerous tasks. There is therefore an important impact on the safety of people and of their environments. There is also an important need to build RAS systems safely, so they act dependably and appropriately in all situations, including when they fail. This review looks at RAS through this safety lens, and on the opportunities for improvement they present.
There are multiple ways RAS are being used to improve safety. As well as removing people from hazardous situations, they may be an integral part of a system in partial control such as an aircraft autopilot. As tools that physically collaborate with people, they can act as assistants to prevent injury, for example as a body exoskeleton during lifting. They can perform inspection of assets such as structures or pressure vessels more frequently, with greater access, more sensors and less down time than people, leading to earlier defect detection and greater reliability. They can operate in environments where humans cannot go, for example undersea mining and drilling or entering collapsed buildings. Finally they can be used in safety critical situations to detect and reduce errors, for example in robotic surgery tracking adjacency to obscured critical blood vessels and providing warnings through an appropriate interface.
RAS can have an enhancing role in the safety certification and assurance of assets. However, they themselves must be similarly certified and assured, or they will become the limiting assurance factor of the complete system. The way they generate and have their actions driven by data is at the heart of their utility bringing issues and opportunities in data curation, sharing, ownership, aggregation and standards. A potentially disruptive development is in systems with embedded RAS that can self-certify to some assurance level during operation, impacting safety but also insurance and assurance business models.
Many RAS operate in environments that are unstructured and unpredictable to some level. Designing predictable safety into the behaviour of RAS where unknown events can take place requires a different approach. The way RAS can learn presents further assurance challenges. Beyond recording events, RAS may infer derived knowledge such as predicting the behaviour of others. Learning may also extend to the underlying logic of the decision making process on how the RAS should act next. In both cases, this learning should be assured to be correct by some means and to some level of acceptable risk.
Linked to this is the nature of the RAS interaction with the human operator and where decision responsibility lies. Operators make poor decisions when a RAS unexpectedly hands over control, unless they have maintained a thorough situational awareness. Operators with poor situational awareness who do not trust a RAS may override it leading to catastrophic failure.
Safe operation of connected RAS requires they cannot be accessed illicitly. Embedding cybersecurity into RAS is a topic in its infancy, alongside use of distributed ledger methods for guaranteed records of RAS transactions. Similarly, safe and correct decision making is based on a code of human, ethical and moral factors – should RAS be allowed to practice deception, or override a human? For RAS to behave appropriately these have to be captured and condensed into guidelines that are coded in to the RAS design. Monitoring and developing these ethical guidelines as RAS capabilities evolve is an important activity.
The public must trust their RAS if they are to be adopted. Apart from observing them reliably performing tasks always, this also requires public support and contribution in developing the ethical frameworks that underpin RAS behaviour. People already anthropomorphise their robots, indicating public trust is possible. Fears about the nature of disruption in the jobs market should also be addressed. RAS will be deliberately designed as assistants rather than replacements for people, freeing professionals to spend time on creative and human-facing tasks. Skills development starts with supporting teachers in schools with STEM resources, the training of RAS technicians, engineers and scientists, development of business skills to create value that increases safety in disrupting markets, and up-skilling for those no longer doing the dull, dirty and dangerous tasks.
Living laboratories in existing infrastructure can have a key role to play. Capability based demonstrations in realistic environments provide a sharp focus to aim developments from basic RAS scientific research into first prototype demonstrators. Thereafter the same living laboratories provide the playground where commercial prototypes are de-risked and certified though long hours of operation and modification in the spiral of requirements and technology development.
This report finishes by recommending areas of further work that will help ensure the safety benefits from RAS are realised. These include issues of: openness and sharing; assurance and certification; security and resilience; and of public trust, understanding and skills.