Why this update matters

The 2025 revision of ISO 10218 is the first major overhaul of the flagship industrial robot safety standard since 2011. It tightens how we design, integrate, validate, and maintain robot cells—especially collaborative applications—so people and robots can work together safely and productively. The update also clarifies functional‑safety expectations and folds in guidance that used to live in separate documents.

At a glance: what changed

• Two‑part structure remains
  • Part 1 (for robot manufacturers): inherent safe design and information for use.
  • Part 2 (for integrators/users): system/cell integration and lifecycle safety.
• Functional safety made explicit — clearer requirements and test methods (not just “implied”).
• Collaborative operation consolidated — guidance on Power‑and‑Force Limiting (PFL) and Speed‑and‑Separation Monitoring (SSM) is integrated with explicit limits and validation methods.
• EOAT & manual handling guidance — end effectors (tools) and load/unload tasks are firmly in scope.
• New/clearer verification expectations — tied to defined safety functions and acceptance tests.
• Cybersecurity added — controls that affect safety must be protected.

Who should act now

• System integrators building or modifying industrial cells
• Robot OEMs shipping robots into regulated markets
• EHS, safety, and process engineers responsible for compliance
• Operations & maintenance teams who change tools, parts, or software

Key updates, explained

1) Collaborative operations are clearer (and stricter)

What’s new: Collaborative safety concepts (e.g., PFL and SSM) are explicitly addressed in ISO 10218, with less ambiguity around allowable contact forces/pressures and the validation of collaborative modes.

What you must do

• Choose the collaboration mode(s) intentionally (PFL, SSM, hand‑guiding) and document the intended use.
• Validate limits with calibrated methods and fixtures; do not rely on nominal robot specs alone. Where force/pressure data is required, use a calibrated measurement device such as a force & pressure measurement instrument for cobot applications.
• Engineer the workcell to eliminate trapping points and sharp edges; round or shield EOAT where possible.

Practical example
If a human shares the workspace while a gripper places small parts, set the robot speed via SSM so the combined EOAT + part kinetic energy stays within the required thresholds for the body region at risk, then verify with force/pressure measurements using a calibrated instrument (e.g., example measurement setup).

2) Functional safety: requirements and tests are spelled out

What’s new: The standard clarifies safety‑related control system expectations (e.g., stopping functions, monitored speeds, interlocks) and ties them to testable acceptance criteria.

What you must do

• Define safety functions (e.g., Emergency Stop, Protective Stop, SSM, Safe Limited Speed) and the required performance.
• Test stop categories and response times under realistic loads and motions; record evidence for acceptance.
• Verify safety distances for guards/sensors (light curtains, scanners, vision) using the specified formulas, then validate on site. When documenting PFL validations, include raw data and exports (CSV/PDF) from your measurement device; tools like CoboSafe’s report export can simplify audits.

3) Integration & EOAT: payloads and manual tasks are in scope

What’s new: Guidance on end effectors (EOAT) and manual load/unload is included in Part 2. Dropped loads, sharp tools, and pinch hazards are explicitly addressed in the integrator’s risk assessment and safeguards.

What you must do

• Design for payload retention (fail‑safe gripping, tool‑loss detection).
• Shield or guard sharp/energized tools (e.g., deburring, welding) during teach/setup and fault conditions.
• Provide two‑hand or enabling controls and local shields where manual intervention occurs inside the cell.

4) Cybersecurity is now part of safety

What’s new: Where a cyber event can compromise a safety function (e.g., disabling SSM or changing safety parameters), protection is required—unique credentials, restricted ports, and approved change control are examples.

What you must do

• Apply least‑privilege access to robot controllers and safety PLCs.
• Disable unused services/ports; segment the network; log safety‑relevant changes.

Treat firmware and safety parameter updates as controlled safety changes.

5) Documentation, training, and change management

What’s new: Stronger emphasis on lifecycle documentation (design intent, validation evidence, maintenance) and worker training so safeguards are used correctly.

What you must do

• Keep a living risk assessment; re‑validate after any change (tooling, part, path, speed, software).
• Provide clear work instructions for operators and maintenance, including lockout/tryout for robot cells.
• Schedule and track preventive inspections of safety devices; keep calibration certificates for test gear.

Step‑by‑step compliance plan (integrators)

1. Define scope & task
   Map all automatic, manual, and collaborative tasks; identify who enters the cell, when, and why.
2. Preliminary hazard analysis
   Use ISO 12100 methods; focus on crushing/shearing zones, ejection, and human‑robot concurrency.
3. Collaboration decision
   Select PFL, SSM, hand‑guiding (or combination). Derive limits and set design targets for speeds/forces.
4. Safeguard design
   Interlocks, scanners/vision, physical guards, safe speeds, and EOAT shielding.
5. Functional‑safety specification
   List safety functions, required performance, and tests (stops, response times, safety distances).
6. Build & configure
   Wire, configure, and lock safety parameters; implement cybersecurity controls that protect safety.
7. Validation & acceptance
   Perform and record all tests (stops, distances, PFL measurements with a calibrated device such as this instrument). Fix gaps and re‑test.
8. Handover & training
   Deliver documentation; train operators and maintenance on normal and fault scenarios.
9. Operate & maintain
   Inspect devices, monitor near‑misses, and re‑validate after any change (EOAT, part mass, speeds, software).

Common pitfalls (and fixes)

• Assuming cobot = safe by default
  Fix: Validate PFL/SSM per the task, EOAT, and part mass—every time the application changes.
• Ignoring manual tasks (clearing jams, loading parts)
  Fix: Add local shields/enablers; reduce speed; provide clear work instructions.
• Unprotected parameters
  Fix: Lock safety configurations, restrict access, and audit changes under cybersecurity controls.

Summary & takeaways

• ISO 10218:2025 raises the bar for clarity and verification across design and integration.
• Collaborative safety is mainstream—with explicit methods and limits for PFL and SSM.
• Safety now includes cybersecurity where it can affect protective functions.
• The fastest route to compliance is a disciplined lifecycle: specify → build → validate → train → maintain → re‑validate.