30 n SAFETY AND SECURITY July/August 2025 www.drivesncontrols.com Cyberattacks and AI are redefining machine safety We all know the CE mark. You can see it on electrical appliances, toys or household goods, as well as on plant and machinery. It stands for Conformité Européenne. The CE mark is effectively the seal that shows that products placed on the market in the European Economic Area (EU and EFTA) meet essential health, safety and environmental requirements. By attaching the mark, the person placing the product on the market signals that they have complied with the applicable legal requirements for the safety of the product within the EU. For the past 30 years, every product that falls under an EU directive has required an EC Declaration of Conformity. These directives include the Machinery Directive, which has also been mandatory since 1995. It describes standardised health and safety requirements for interaction between humans and machines. It replaced a host of individual national regulations on machine safety that existed previously. In Brazil, for example, there has been a national law since 2010 that stipulates minimum safety requirements for machinery and work equipment. Where possible, it adopted the safety requirements from Annex I of the Machinery Directive, including individual special requirements for certain types of machinery. In Europe, this law is known as the “Brazilian Machinery Directive”. India is also adopting a legal framework for machine safety. Its Ministry of Heavy Industries has published two relevant regulations. The Omnibus Technical Regulations specify safety requirements for various types of machinery and electrical equipment. There are now mandatory certifications and a conformity mark in India. Most of the new requirements are in line with international standards. Anyone wishing to export to India must appoint an authorised representative based in India. The subject of machinery safety will certainly continue to develop in India. In future, it will not be possible to import any machinery or products into India that do not comply (in other words, that do not have the Indian CE mark). This could mean that machines or products could be held by Indian customs until the supplier has met the required specifications. Evolving security Let's go back to the mid-1990s, when Tim Berners-Lee released the technology for using the World Wide Web at the CERN research centre in Switzerland. This was a breakthrough for networking and digitisation in society and industry. Now, 30 years later, security is defined differently. As a result of this very networking and digitisation, products and machinery with digital elements are exposed to completely different risks – data manipulation, for example. European legislators have reacted. The principle of CE marking remains in place. But the requirements for obtaining it have been adapted to the current state of the art. The new Machinery Regulation was published in 2023 and will replace the Machinery Directive in 2027. Back in 1942, Isaac Asimov formulated a so-called robot law for intelligent machines in one of his science fiction stories. It stated that: “A robot may not injure a human being.”Today, 83 years later, developments in artificial intelligence mean that the rules for interaction between human and machine need to be reconsidered. Europe’s legislators have recognised this and taken the subject of AI into account in the new Machinery Regulation. It talks about machines with self-evolving behaviour. How safe can a machine be if the way it reacts in dangerous situations is determined not by humans, but by an algorithm? In an extreme case, we need to consider whether self-learning software could potentially result in a new machine. This is an extremely interesting subject, not just for manufacturers, but also for notified bodies. AI doesn't just affect the world of machinery. The EU Regulation on Artificial Intelligence – the so-called AI Act – regulates what AI systems may and may not do. It prohibits various AI practices, such as the manipulation of people. This means that AI must not lead people to make a decision that would cause significant harm to themselves or others. Certain applications – in the areas of education, critical infrastructure or law enforcement, for example – have been categorised as highrisk AI systems, which must meet special requirements. These high-risk AI systems must also be CE-marked in future. At Pilz, we see the AI Regulation as being extremely important. It means that opportunities can be exploited, while also ensuring that the risks posed by AI are reduced. Due to the rapid increase in cyberattacks and damage caused by manipulation, the new Machinery Regulation will, in future, Developments such the emergence of AI and the rise of cybercrime are challenging established concepts of machine safety. Thomas Pilz, managing partner at the safety specialist Pilz, examines some of these issues and how they are being tackled. He believes an international approach will be needed.
RkJQdWJsaXNoZXIy MjQ0NzM=