Issue #2 ·

Physical AI Safety Dispatch — May 2026

Second issue. Twelve posts deep. The regulation isn't coming — it's here. Annex III, liability maps, the recall math. One insight I won't post anywhere else.

Month two. Twelve more posts. The theme: the clock is ticking.

This is the second issue of the monthly dispatch — a digest of what I wrote, what I learned writing it, and one insight I won't post anywhere else.

Three posts that hit hardest

1. Annex III — five clauses most OEMs haven't read

I went line by line through EU Machinery Regulation 2023/1230 Annex III and pulled out the five new requirements that didn't exist in the old Directive. Testability (§1.1.2): users must be able to test safety functions, not just manufacturers. Corruption protection (§1.1.9): safety software interventions logged and retained for five years. Control system resilience (§1.2.1): must withstand cyberattacks AND faults in autonomous logic. Self-evolving behaviour (§1.1.6): the regulation now explicitly acknowledges that AI-driven machines behave differently from programmed ones. Autonomous boundaries (§3.6.3.3): if the AI decides to do something outside its designated tasks, the machine must stop itself.

Five clauses. All new. All enforceable from January 20, 2027.

Source: EUR-Lex, Regulation 2023/1230, Annex III.

Read the full post →

2. The four-way liability split

When a robot injures someone, the liability doesn't land on one desk. It splits four ways: the AI vendor (if the model's output was defective), the OEM (if the machine's design created the hazard), the integrator (if installation caused it), and the operator (if procedures were ignored). Every one of these arrows has been tested in court — Tesla, the South Korea fatality, the Ecovacs hack. The question isn't whether liability exists. It's how cleanly it can be assigned. Hardware-enforced safety boundaries make the liability map traceable. Without them, every lawsuit becomes a finger-pointing exercise.

Sources: Yale Review of International Studies (2025); George Mason Law Review (2024).

Read the full post →

3. The recall math nobody does

48% of product recalls cost between $10M and $50M each. That's from a 2025 survey of 750+ quality leaders. 75% of manufacturers had at least one recall in the past five years. Cost of a full safety certification program: $200K–$500K. One-time. That's a 20×–100× difference. Certification is priced as a cost. It's actually insurance — the cheapest insurance most OEMs will never buy until the recall happens.

Source: ETQ Pulse of Quality in Manufacturing (2025); McKinsey.

Read the full post →

What surprised me this month

The compliance officers. They reach out privately — DMs, not comments. The public conversation about Physical AI safety is still smaller than the private one. People working inside robot companies know the gap exists. They're reading. They're not yet comfortable talking about it publicly. That will change as January 2027 approaches.

What I'm reading

ISO 13849-1:2023 — the fourth edition. The updates to the standard tighten the relationship between Performance Levels and SIL. PL d ≈ SIL 2 in terms of dangerous failure probability. Anyone whose certification is in PL and whose customer is asking about SIL needs this mapping table.

The Ecovacs hack postmortem. Not the headlines — the technical analysis. Hacked robot vacuums shouting slurs is the story that went viral. The real story: consumer robots with network connectivity and no security architecture. Annex III §1.1.9 exists because of incidents like this.

A note I won't post on LinkedIn

The alignment community and the physical safety community don't talk to each other. I wrote about this in Post #16 — "Alignment ≠ Physical Safety." A misaligned AI with hard physical limits produces survivable outcomes. A perfectly aligned AI with no physical limits produces unpredictable ones when something goes wrong. Both problems matter. Solving one doesn't solve the other. But here's what I didn't write publicly: in every AI safety conference agenda I've checked, IEC 61508 doesn't appear. Not once. The physical safety standards are invisible to the people who call themselves AI safety researchers. And the functional safety engineers have never heard of RLHF. These two communities need each other. Neither knows it yet.

— Mati

Physical AI Safety Dispatch is a monthly newsletter by Mati Melchior. Published on the 1st of every month. Follow the weekly analysis on LinkedIn and X.

Read more at physical-ai-safety.com.

We use cookies

This site uses essential cookies to function and, with your consent, analytics cookies (Google Analytics) to understand how the site is used. Learn more.