ISO Safety Standards for Humanoid robots: What manufacturers need to know in 2026

When a BMW production worker and a Figure AI humanoid share a body shop for a ten-hour shift, who is responsible if the robot falls? When Tesla’s Optimus deploys across 1,000 units in a Gigafactory, what safety certification did each unit receive before it powered up alongside human workers? When an autonomous warehouse robot running an agentic AI model acts on a misperception and damages equipment, is the liability with the hardware manufacturer, the software developer, the model training company, or the facility operator?

In 2026, the honest answer to all three questions is: it depends, and the legal frameworks to give a definitive answer are still being constructed. This is not a reason for paralysis — deployments are happening, workers are collaborating with humanoid robots today, and the existing standards provide meaningful guidance. But it is a reason for manufacturers, integrators, and enterprise buyers to understand the regulatory landscape precisely, because the gap between current practice and emerging requirements is real, the consequences of misunderstanding it are significant, and the August 2026 EU AI Act deadline is not moving.

This article maps the complete 2026 standards and regulatory landscape for humanoid robots — what is published, what is under development, what the EU deadlines require, and what manufacturers should have in place right now.

Why Humanoid Robots Create Safety Challenges That Existing Standards Do Not Cover

The foundational industrial robot safety standard — ISO 10218 — was developed for a specific class of machine: a robot mounted on a fixed base, operating in a defined cell, separated from human workers by physical barriers. Its risk model assumes a machine that stays where it is bolted, does what it is programmed to do, and can be made safe by stopping it. Every safety measure in the traditional industrial robot world flows from those assumptions.

Humanoid robots violate all three. They are mobile — they move through shared human spaces without fixed guidance paths. They are dynamically stable — they balance using continuous computation, meaning a power cut does not just stop them, it makes them fall. And they are AI-driven — their behaviour is not a fixed programme but an emergent property of a neural network that can produce unexpected outputs. The safety model for a fixed-base programmed robot is irrelevant to a bipedal machine that thinks.

The International Robotic Safety Conference (IRSC) 2025 identified the core technical problem: “Unlike statically stable machines, dynamically stable machines such as humanoids collapse when power is cut, creating residual risk in the event of a fall.” ASTM International has called for urgent safety standards specifically because of this: “By the time they start falling, it’s too late — they can’t recover.” The instability risk is not a software bug that can be patched — it is a physical property of dynamically balanced bipedal systems that requires dedicated engineering standards.

The IFR’s 2026 Safety and Security trend report captures the governance gap plainly: “AI-driven autonomy fundamentally changes the safety landscape, which makes testing, validation, and human oversight much more complex — but also more necessary. This becomes particularly clear in the intended use of humanoid robots. Robotic systems need to be designed and certified in line with ISO safety standards and clearly defined liability frameworks.”

• Aug 2, 2026  EU AI Act full application date for high-risk AI systems  — including industrial humanoid robots — non-compliance: up to €35M or 7% global revenue
• Dec 2026  EU Revised Product Liability Directive applies  — software formally recognised as a product — AI-induced harm triggers manufacturer liability
• Jan 2027  EU Machinery Regulation 2023/1230 applies  — replaces Machinery Directive — notified body required for highest-risk machinery including some humanoids

The Complete Standards Landscape in 2026

The table below maps every standard and regulation that applies — or will apply — to humanoid robot manufacturers and deployers as of 2026. The most important point: the specific humanoid standard is not yet published.

Sources: ISO, IEC, European Commission, IRSC 2025, A3 Association for Advancing Automation, Tech Briefs, EVST. Status as of May 2026.

ISO 25785-1: The Humanoid Standard That Does Not Exist Yet

The single most important fact for any manufacturer deploying humanoid robots in 2026 is that ISO 25785-1 — the dedicated safety standard for dynamically stable industrial mobile robots — is still under development. The standard was approved by ISO’s Technical Committee 299 (TC299) for development and is currently at Working Draft (WD) stage. It has no published date for completion.

The US delegation leadership for ISO 25785-1 includes Federico Vicentini from Boston Dynamics, Kevin Reese (Project Leader) from Agility Robotics, and Carole Franklin from the Association for Advancing Automation (A3). The people writing this standard are the same people deploying the robots it will govern — which ensures practical relevance but also means the standard’s timeline is subject to the competing priorities of the organisations involved.

What is known about ISO 25785-1’s intended scope, based on IRSC 2025 reporting and ISO TC299 working papers:

• A dedicated Type C safety standard — meaning it provides robot-type-specific requirements, not general guidance
• Coverage of mobile multi-mode robots (MMRs) with actively controlled stability — including bipedal, quadrupedal, and wheeled dynamically stable platforms
• Stability metrics: performance-based measures of how much force is required to topple the robot, and behaviour-based standards governing how the robot responds to instability
• Fall hazard assessment and requirements — specific to the scenario where power interruption causes uncontrolled collapse
• Human-robot collaboration protocols for dynamically stable machines operating in shared workspaces

Deployment reality:  With ISO 25785-1 unpublished, manufacturers deploying humanoid robots must demonstrate safety compliance using existing standards — ISO 10218:2025, ISO 13849-1, and IEC 62061 — applied as far as they reach, supplemented by documented risk assessments addressing the specific hazards (dynamic instability, AI unpredictability, fall risk) that these standards do not fully cover.

ISO 10218:2025: The Published Standard That Applies Now

While ISO 25785-1 remains in development, ISO 10218-1:2025 and ISO 10218-2:2025 — the revised industrial robot safety standards published in 2025 after nearly eight years of development — represent the current authoritative framework for robot safety compliance. They are the standards against which humanoid robot deployments will be assessed until ISO 25785-1 arrives, and several of their 2025 revisions are directly relevant to humanoid applications.

Key Changes in ISO 10218-1:2025 (Robot Manufacturers)

The most significant structural change is the formal introduction of a Class I / Class II robot classification. Class I robots are lower-risk; Class II robots are higher-risk by design, capability, or intended environment. For manufacturers, the classification determines the stringency of conformity assessment required. Humanoid robots will typically be Class II, triggering the most demanding requirements in the standard.

Functional safety requirements — previously implied — are now explicit and quantified. ISO 10218-1:2025 is harmonised with IEC 62061:2021 (Safety Integrity Levels) and ISO 13849-1:2023 (Performance Levels), meaning manufacturers must demonstrate that safety-related control system functions meet specific SIL or PL requirements — not just describe them in qualitative terms. For AI-controlled humanoids, where the safety function is often embedded in a neural network rather than a dedicated safety controller, this requirement is architecturally challenging.

Cybersecurity requirements have been added explicitly. ISO 10218-1:2025 now includes basic cybersecurity requirements pertaining to industrial robot safety — the first time the foundational industrial robot standard has addressed the cyber-physical attack surface. For cloud-connected humanoids that receive model updates, training data, and operational commands over networks, this is not a peripheral concern. The IFR has cited a rise in hacking attempts targeting robot controllers and cloud platforms as a primary safety concern for 2026.

Key Changes in ISO 10218-2:2025 (Integrators and Applications)

The most consequential change for collaborative applications is the absorption of ISO/TS 15066 into ISO 10218-2:2025. The former collaborative robot technical specification — which defined biomechanical injury thresholds, speed and separation monitoring, power and force limiting parameters, and hand-guiding requirements — is now incorporated directly into Part 2. For integrators deploying humanoid robots in collaborative workspaces, this consolidation means a single reference document rather than two, but the requirements themselves are unchanged and apply with equal force.

Notably, the 2025 revision eliminates the terms “collaborative robot” and “collaborative operation” entirely. The standard now speaks of “collaborative applications” — reflecting the position that safety is a property of the application design and operating environment, not an intrinsic characteristic of a specific robot type. A humanoid robot can be configured for a safe collaborative application; the same robot in a different application with different parameters is not inherently safe because of its hardware. Collaboration is defined by how the system is designed and operated, not by what is bolted to the floor.

“The terms ‘collaborative robot’ and ‘collaborative operation’ will not be found in the revised ISO 10218. Instead, the standard discusses collaborative applications — reflecting that safety depends on how the robot is used, not the robot itself.” — A3 / Association for Advancing Automation, 2025

The EU AI Act: What August 2026 Means for Humanoid Robot Manufacturers

The EU AI Act (Regulation 2024/1689) enters full application on 2 August 2026 — the date by which all high-risk AI systems placed on the EU market must meet the Act’s requirements. Industrial humanoid robots almost certainly qualify as high-risk AI systems under Annex III of the Act, based on their use in safety-critical environments where they interact directly with human workers. Manufacturers have been on notice since August 2024; the compliance window is now measured in weeks, not months.

The Act creates a provider / deployer distinction with fundamentally different obligations. The provider — the entity that develops the AI system and places it on the market — bears the primary compliance burden. The deployer — the factory or logistics operation that uses the robot — has secondary obligations but faces its own requirements around monitoring, human oversight, and incident reporting. For humanoid robots, the provider is typically the robot manufacturer; the deployer is the enterprise operating the robot.

What Providers Must Have in Place by August 2026

1. Risk management system: A documented, systematic process for identifying, evaluating, and mitigating risks throughout the system lifecycle — not a one-time assessment, but an ongoing process updated as the system evolves.
2. Data governance: Documentation of training data, validation datasets, and bias mitigation measures. For humanoid robots trained on human demonstration data, this means recording the data sources, the cleaning and labelling processes, and the steps taken to identify and address representational bias.
3. Technical documentation: A comprehensive technical file covering system architecture, design choices, capability limits, known failure modes, test results, and instructions for use — retained for a minimum of ten years after the system is placed on the market.
4. Transparency and instructions for use: Clear documentation of intended purpose, operational constraints, maintenance requirements, and foreseeable misuse scenarios — provided to deployers in language that enables informed operation.
5. Human oversight mechanisms: Technical measures ensuring human operators can understand, monitor, and intervene in the AI system’s operation — including emergency stop procedures that function reliably in all operating modes.
6. Conformity assessment: For high-risk systems, a conformity assessment — either self-assessment or through a notified body — before placing the system on the market. The European standardisation bodies CEN and CENELEC were mandated to develop harmonised standards for the high-risk requirements, but have not completed them. In their absence, manufacturers must demonstrate compliance directly against the Act’s requirements.
7. Post-market monitoring and incident reporting: Serious incidents — defined as death, serious injury, or significant impact on fundamental rights — must be reported to national competent authorities within strict timelines.

Penalty exposure:  Non-compliance with the EU AI Act for high-risk systems carries penalties of up to €35 million or 7% of global annual turnover, whichever is higher. The Act applies based on where the AI system is used, not where it is manufactured — meaning non-EU manufacturers selling into the European market face identical obligations to EU-based manufacturers.

The Liability Gap: Who Is Responsible When a Humanoid Robot Causes Harm

The liability question for humanoid robots in 2026 is genuinely unresolved — not because lawmakers have not thought about it, but because the “problem of many hands” that characterises AI systems makes traditional product liability doctrine difficult to apply.

A humanoid robot accident involves multiple potential parties: the hardware manufacturer (who designed the physical platform), the VLA model developer (who trained the AI), the system integrator (who configured the deployment), and the enterprise operator (who made the operational decisions). The Centre for International Governance Innovation describes this as a “diffusion of responsibility” — where the opacity of AI decision-making makes “it more difficult for individual persons to satisfy the traditional conditions for moral and legal culpability: intention, foreseeability, and control.”

The EU’s Revised Product Liability Directive, applicable from December 2026, takes a significant step toward clarity by formally recognising software as a product and AI systems as products subject to product liability law. This means that a defect in the AI model that causes harm can, in principle, trigger the same product liability exposure as a defect in the physical hardware. The manufacturer of a humanoid robot cannot separate the liability for the hardware from the liability for the software — they are a single product.

A consensus is emerging that liability for AI-driven robots will be proportional to autonomy. The more the robot acts independently of human control, the more liability shifts toward the manufacturer and software provider rather than the operator. A robot executing a precisely defined, human-approved motion sequence is different in liability terms from a robot making autonomous decisions based on an AI model that the operator did not train and cannot inspect. This principle is not yet codified in most jurisdictions, but it is the direction of travel.

The Bird & Bird analysis of dual AI Act and Machinery Regulation compliance raises a question that manufacturers deploying AI models at scale must take seriously: if a deployer retrains or fine-tunes the robot’s AI model for their specific application, do they become a provider under the AI Act? If the retrained model behaves differently in safety-critical scenarios, does the original CE marking still hold? These are live questions without settled answers — and they are occurring in real deployments right now.

The Cybersecurity Dimension: A Safety Standard in Its Own Right

The IFR’s 2026 cybersecurity trend report describes the attack surface expansion in stark terms: “The rapid expansion of robotics systems into cloud-connected and AI-driven environments is exposing industrial production to a growing array of cybersecurity threats. Experts cite a rise in hacking attempts targeting robot controllers and cloud platforms, enabling unauthorized access and potential system manipulation.”

For humanoid robots, the cybersecurity and safety domains are not separate. A compromised robot controller is not just a data breach — it is a physical safety hazard. A humanoid robot whose motion planning system is accessed by an attacker, whose model weights are manipulated, or whose command pipeline is intercepted is a 50-kilogram bipedal machine that can cause serious injury. The convergence of IT and OT (operational technology) in connected robot systems means the cyber-physical attack surface is now the safety perimeter.

ISO 10218-1:2025 introduces basic cybersecurity requirements for the first time. IEC 62443 (Industrial Cybersecurity) provides the broader framework for securing connected industrial systems. For humanoid robots receiving model updates over network connections, the software update pipeline itself must be part of the security architecture — updates must be authenticated, integrity-verified, and deployed through change management processes that include safety validation before production deployment.

The Canadian law firm MLT Aikins advises that “organizations that bring in experienced partners early to build compliance, robust safety governance and cybersecurity-by-design into their robotics roadmap will better position themselves to capture value while reducing preventable liability exposure.” Cybersecurity-by-design is not retrofittable to a system designed without it. It is an architecture decision that must be made before the first line of robot software is written.

The 2026 Compliance Checklist for Humanoid Robot Manufacturers

The following actions represent the minimum responsible compliance posture for manufacturers deploying humanoid robots in 2026 — before ISO 25785-1 is published and while EU regulatory requirements are actively phasing in.

8. Classify your system under EU AI Act Annex III and determine whether your robot is high-risk. If it operates alongside humans in industrial environments, the answer is almost certainly yes. Do not wait for regulatory guidance to confirm this — begin compliance preparation immediately.
9. Conduct a comprehensive risk assessment under ISO 10218-1:2025 and ISO 13849-1:2023 / IEC 62061:2021. Document all identified hazards including dynamic instability, AI unpredictability, fall risk, and cyber-physical attack scenarios. The risk assessment must address hazards that ISO 10218 was not designed to cover — those require documented engineering judgement, not omission.
10. Build the EU AI Act technical documentation file now. Training data provenance, validation methodology, known failure modes, performance limits, and instructions for use. If you do not have complete documentation of your training data, the time to address this is before August 2026, not after.
11. Define your human oversight architecture. The EU AI Act requires technical measures enabling human operators to understand, monitor, and intervene. For a humanoid robot with an AI decision-making layer, this means emergency stop systems that work reliably across all operating modes, real-time monitoring dashboards, and defined intervention protocols.
12. Implement cybersecurity-by-design across the full system stack. Authenticated model update pipelines, network segmentation between robot controllers and enterprise IT systems, audit logging of robot actions, and incident response procedures for cyber-physical events.
13. Clarify liability boundaries contractually before deployment. Until statutory liability frameworks settle, manufacturers and deployers must allocate responsibility through contract. Define which party is responsible for model retraining, software updates, operational monitoring, incident reporting, and post-incident investigation. The contract cannot resolve ambiguous law, but it can ensure both parties understand their obligations before an incident occurs.
14. Monitor ISO 25785-1 development and participate where possible. The standard that will govern your industry is being written now. Manufacturers who engage with TC299 working groups — through national standards bodies or industry associations — have the opportunity to shape requirements that are technically achievable. Those who do not engage will implement requirements they had no input into.

The Bottom Line

The regulatory framework for humanoid robots in 2026 is incomplete by design — not through negligence, but because the technology is moving faster than the standards process can follow. ISO 25785-1, the standard that will eventually provide the clearest guidance, is still in working draft. The EU AI Act is fully in force in August 2026 but its harmonised standards are not yet published. The revised Product Liability Directive applies in December 2026. The Machinery Regulation in January 2027.

For manufacturers, this regulatory gap is both a challenge and a responsibility. The challenge: demonstrating compliance with requirements that are still being codified requires engineering judgement, documented risk assessment, and legal expertise that cannot wait for the final text of ISO 25785-1. The responsibility: robots that operate in shared human workspaces before adequate safety standards exist create real hazards for real workers. The companies deploying responsibly in 2026 are building safety governance into their systems as if the most demanding version of ISO 25785-1 were already published — because the workers those systems operate alongside cannot wait for the standard either.

Key Sources

• ISO — ISO/WD 25785-1: Safety requirements for dynamically stable industrial mobile robots
• Tech Briefs — Safety in Motion: Setting the Standard for Humanoid Robots (May 2025)
• ASTM / Tech Journal UK — Calls for Urgent Humanoid Robot Safety Standards (Sep 2025)
• RoboticsTomorrow — IRSC 2025: Key Takeaways on Humanoid Robot Safety (Jan 2026)
• A3 / Automate.org — Updated ISO 10218 FAQ (2025)
• IDEC — ISO 10218 Updates: Background Part 2 (Mar 2026)
• EVST — Industrial Robot Safety Standards: ISO 10218, CE Marking (Apr 2026)
• ScienceDirect — Evolution of Safety Requirements in Industrial Robotics: ISO 10218-1/2 2011 vs 2025 (Apr 2026)
• Standard Bots — Collaborative Robot Safety Standards 2025
• IFR — Top 5 Global Robotics Trends 2026: Safety and Security
• The Robot Report — IFR Top 5 Global Robotics Trends 2026 (Jan 2026)
• Legal Nodes — EU AI Act 2026 Updates: Compliance Requirements (Apr 2026)
• Bird & Bird — Smart Robots, Dual Regulations: AI Act and Machinery Compliance (Mar 2026)
• European Commission — Navigating the AI Act: Harmonised Standards Status
• Secure Privacy — EU AI Act 2026 Key Compliance Requirements
• Timelex — Navigating the Legal Maze: AI, Autonomous Robots, and the EU Regulatory Overhaul
• MLT Aikins — Connected Robots, Connected Risk: Robotics Liability Considerations (Mar 2026)
• CIGI — Who Is Liable for AI-Driven Accidents? The Law Is Still Emerging
• MixFlow.ai — Humanoid Robot Liability Insurance in 2026
• Rocking Robots — Global Initiative Plans ISO Safety Standards for Humanoid Robots (Oct 2025)
• HI AI Design — August 2026 EU AI Act Deadline: Robotics Company Compliance Guide