Guest Column | January 25, 2021

When Pharmaceutical Automation Projects Fail: Averting Disaster Through Risk Assessment

By Tim Sandle, Ph.D.

Digital transformation concerns the successful blending of technology, business processes, and changes to workplace culture. One of the pillars of digital transformation is automation, and this applies as equally to pharmaceutical processing as to other economic sectors. Automation can be defined in different ways; in the context of this article, the International Society of Automation definition fits well, namely: “The creation and application of technology to monitor and control the production and delivery of products and services.”1 The term “business process automation” is in common use for delivering these aims.

The advantages of introducing automated operations include higher productivity, improved reliability, greater availability, improved performance, and reduced operating costs. When undertaken correctly, automating operations yields will lead to a return on investment in the short term. However, automation does not always result in success, and poor automation can be as damaging to the pharmaceutical organization as no automation at all. This article addresses what happens when automation goes wrong and how mistakes can be avoided by adopting a risk-centric approach.

When Automaton Goes Wrong

While there are many texts and case studies for when automaton goes right, there are fewer examples of cases when automation fails to deliver. This article sets out some situations when automation goes awry. Automation may deliver some short-term gains, but in the long-term it can be a counterproductive force. Some reasons for this are:2

  1. Automation locks in a technology cycle everyone knows all too well. Current-generation tech is replaced by more advanced tech. On the scale of the introduction of automation, that is likely to be an overly complex and expensive cycle.
  2. Current automation will be truly obsolete by the time artificial intelligence (AI) becomes the working machinery of business. There is no specific time frame involved, but it stands that AI-based automation will be far more efficient. Current advantages will, therefore, become future short-term advantages or actual liabilities. The competitive edge of the present forms of automation will evaporate, and this now old tech will become a liability. That could leave businesses holding expensive, uncompetitive equipment and a supply chain that cannot compete.
  3. Simply replacing automation systems will definitely not be the whole story, either. The likelihood is that like so many forms of technology, automated systems will evolve and diversify, probably pretty quickly. That gives businesses more opportunities, perhaps, but it also creates a much longer shopping list. There will be casualties from this cycle. Many of the gung-ho tech companies of the past and the present have hit this stage and simply not survived. They took the top-tech approach and missed the market realities completely.
  4. The kind of capital required for maintaining an automation advantage is huge. New technologies are always more expensive, often bug-ridden, and require some time to come onstream. Some simply do not deliver, while others turn out to be much less valuable than their costs.

In other words, while automation is an obvious asset, it is also an instantly predictable liability and risk from the moment it is introduced. A further issue relates to technological and organizational barriers between information, communication, and automation technology functions.3

Some company executives distrust automation, connection to employment, professions, customer satisfaction, and other rather basic issues. This can be summarized according to two broad reasons, which are:

  1. While most senior executives have claimed that automation would free people from mundane repetitive tasks, exactly how (and even why) that happens is very unclear. If a robot takes a person’s job, does that instantly qualify them for a fabulous new job? Of course not.
  2. Automated systems are machines. They break down. They do not work properly. They have software bugs. They can cause real problems in many different scenarios, from infrastructure to basic business systems operations. Everybody has experienced these problems in some form.

Nonetheless, the drivers for automation appear to be outweighing the counterpoints. It is often the case with marketing that people will accept things they distrust or even hate intensely if there is a clear value to them. Thus, a company wishing to sell an idea or a product that buyers dislike will have to prove its value.

Avoiding Automation Failures With Risk Assessment

Like all other aspects of pharmaceuticals, quality risk assessments should be performed and the principles of quality risk management adopted. This is not least because some forms of failure could well emerge from the interactions of independently designed and implemented components. Specifically, with automation, the following risks should be accounted for within each automation project:4

  • Human intervention should be built into the process for high-risk activities.
  • Complexity increases when automation involves multiple systems.
  • Risks may increase where automation seeks to deliver faster speeds.
  • Appropriate testing and validation must be in place to verify they can execute processes within boundary conditions.
  • A detection system, in the form of alerts, needs to be in place to signal to human operators that a parameter is out of range or out of tolerance.
  • Adequate controls must be established around data sent into the system to detect any outliers.
  • Stress testing should be undertaken as part of system qualification to establish controls that support intended outcomes.

For each stage of an automation project, the risk analysis process should:

  • Identify the known or foreseeable factors or hazards that could pose risk to the project; that is, any risk factors that can impact a project can be organizational, financial, or technological.
  • Estimate the risks associated with each factor. For example, what could happen if the factor occurred and what would be the impact on the project?
  • Estimate the probability of the risk occurring.

This leads to risk evaluation. The evaluation process need not be complex; instead the aim is to answer the question at each stage: Does the risk need to be mitigated or not? Once the high-risk tasks have been highlighted, then it is possible to prepare plans and countermeasures to overcome the risk. Risk analysis is not a static process; as an automation project progresses, a body of information is collected. This will document how a project risk has been managed and how effective the approaches have been thus far.5

Risk also needs to be considered across the system life cycle, considering:

  • project definition and start-up
  • evaluation and selection of the proposed system
  • implementation of the system.

A structured approach for assessing the risks of automation includes the use of event tree analysis, which considers the consequences of potential hazardous situations and develops countermeasures to reduce such consequences. Event tree analysis is a top-down, logical modeling technique for both success and failure that explores responses through a single initiating event and lays a path for assessing probabilities of the outcomes and overall system analysis. The process steps are:6

  • Define the system: Define what needs to be involved or where to draw the boundaries.
  • Identify the accident scenarios: Perform a system assessment to find hazards or accident scenarios within the system design.
  • Identify the initiating events: Use a hazard analysis to define initiating events.
  • Identify intermediate events: Identify countermeasures associated with the specific scenario.
  • Build the event tree diagram.
  • Obtain event failure probabilities: If the failure probability cannot be obtained, use fault tree analysis to calculate it.
  • Identify the outcome risk: Calculate the overall probability of the event paths and determine the risk.
  • Evaluate the outcome risk: Evaluate the risk of each path and determine its acceptability.
  • Recommend corrective action: If the outcome risk of a path is not acceptable, develop design changes that change the risk.
  • Document the event tree analysis: Document the entire process on the event tree diagrams and update for new information as needed.

In a sense, it is an iterative process, as Figure 1 displays.

Figure 1: Simplified event tree analysis diagram (some more sophisticated variants have the branches of the events from one single event using Boolean logic - the branch of algebra in which the values of the variables are the truth values true and false, usually denoted 1 and 0, respectively).

A limitation of event tree analysis is that it addresses only one initiating event at a time; in addition, partial successes/failures may not be distinguishable.

There is also failure mode and effect analysis (FMEA), which checks that the potential failures of the control and automation system are not overlooked. Furthermore, reliability assessment can be used with analysis methods to study the bottlenecks in the design and to prioritize the countermeasures whereby the risk can be reduced to attain an acceptable level. A variety of risk assessment tools suitable for pharmaceutical and healthcare organizations are outlined by Sandle.7 It is also important to assess health and safety concerns by deploying HAZOP (HAZard and Operability) studies. This methodology can be used to study the causes of potential accidents and to examine the control actions suitable for providing protection against them, thereby reducing the probability of accidents. As well as targeting accident reduction, this tool can contribute to an improvement in production efficiency.

The optimal way to manage risks is through placing all automation tasks within the change control framework, from the point of project initiation.


Although automation can herald many business advantages, as this article has pointed out, simply automating something does not create a process. Furthermore, if automation does not fit the context of the operation, it can sometimes prove to be a detriment. To ensure that the correct functions are targeted for automation and to avoid pitfalls when undertaking automation, using the guidelines and tools applicable to quality risk management provides a considerable advantage.

This article has been adapted from chapter 2 of the book Digital Transformation and Regulatory Considerations for Biopharmaceutical and Healthcare Manufacturers, Volume 1, written by Tim Sandle and co-published by PDA and DHI. Copyright 2021. All rights reserved.


  1. ISA (2020) What is Automation?, International Society of Automation, at:
  2. Wallis, P. (2019) Automation – CEOs love it, but there’s a Catch 22 and 23, Digital Journal, 11th July 2019, at:
  3. Jämsä-Jounela, S-L. (2007) Future trends is process automation, IFAC Proceedings Volumes, 40 (1): 1-10
  4. Arntz, M., Gregory, T. Zierahna, U. (2017) Revisiting the risk of automation, Economics Letters, 159: 157-160
  5. Ahmed, A., Kayis, B. and Amornsawadwatana, S. (2007) A review of techniques for risk management in projects, Benchmarking: An International Journal, 14 (1): 22-36
  6. Hong, E-S; In-Mo L.; Hee-Soon, S.; Seok-Woo N.; Jung-Sik K. (2009). Quantitative risk evaluation based on event tree analysis technique: Application to the design of shield TBM. Tunneling and Underground Space Technology. 24 (3): 269–277. doi:10.1016/j.tust.2008.09.004.
  7. Sandle, T. (2016) Risk Assessment and Management for Healthcare Manufacturing: Practical Tips and Case Studies, DHI/PDA Books, River Grove, IL., USA

About The Author:

Tim SandleTim Sandle, Ph.D., is a pharmaceutical professional with wide experience in microbiology and quality assurance. He is the author of over 30 books relating to pharmaceuticals, healthcare, and life sciences, as well as over 170 peer-reviewed papers and some 500 technical articles. Sandle has presented at over 200 events and he currently works at Bio Products Laboratory Ltd. (BPL), and he is a visiting professor at the University of Manchester and University College London, as well as a consultant to the pharmaceutical industry. Visit his microbiology website at