Latest page content update: 15 Jun 2022

CDISC Conformance Rules are an integral part of the Foundational Standards and serve as the specific guidance to Industry for the correct implementation of the Standards in clinical studies.  An emerging Industry best practice is to use Conformance Rules on an ongoing basis, throughout the study, to keep the data as close to submission ready as possible and to ensure quality in all data exchange scenarios.

Current CDISC Conformance Rules need to be expressed in a common specification to be loaded to the CDISC Library. In addition, an executable component must be developed for every Conformance Rule.

Project Goals and Objectives

The overall goal of the CORE Project is to deliver a governed set of unambiguous and executable Conformance Rules for each Foundational Standard, and to provide a minimum viable product of an open-source execution engine for the executable Rules.

CDISC is collaborating with Microsoft and other organizations to develop the CDISC Open Rules Engine (CORE), open-source software, which will execute machine-readable CDISC Conformance Rules retrieved from the CDISC Library. The global clinical research community will be able to leverage the free and open CORE software to test study data for conformance to CDISC standards as well as to regulatory and sponsor-specific conformance rule sets.

The CORE Project objectives are to:

  • Ensure each standard has a set of unambiguous, executable Conformance Rules
  • Ensure consistency across Conformance Rule implementations
  • Expedite the availability of executable Conformance Rules for new Foundational Standards
  • Create executable Conformance Rules vetted by the CDISC standards development teams
  • Create an open-source engine that executes the Rules
  • Release the open-source engine under the CDISC Open Source Alliance (COSA)

Further Considerations

  • The CORE project includes development of:
    • Executable Conformance Rules for the CDISC standards
    • A Reference Implementation of a software engine (CORE) to execute these rules
  • CDISC has published the executable Conformance Rules in the CDISC Library
  • CDISC provides free access to CORE to CDISC members and non-members
  • CORE is published as open-source (MIT license)
  • CDISC has no plans to deploy CORE as commercial software
  • CORE features a basic UI to control rules execution
  • The CORE UI allows 'plug-in' functionality
  • Implementers may choose to develop a different engine or adapt CORE
    • The Reference Implementation can confirm that a proprietary engine achieves the correct results
  • CORE runs on Azure cloud
  • Developers have the option to prepare CORE for:
    • On-premises deployment
    • An alternative cloud-platform deployment
    • Running from command line, integrating with other systems

Project Concept Diagram

The following diagram illustrates the concept of the CORE project, including the Conformance Rules, the executable form of the Rules, and the Rules’ execution engine:

CORE Concept Diagram


The following diagram identifies the project teams:

Team Diagram


CORE Program Roadmap

CORE Program Roadmap


  • The open-source CORE Minimum Viable Product (Evaluation Release 0) will be developed during the 9 months between Q3 2021 and Q2 2022. This will include two deployments: (1) CDISC-provided public cloud evaluation environment, and (2) Private cloud evaluation environment.
  • Following the evaluation period, CDISC will continue to maintain the open-source CORE engine under COSA (CDISC Open-Source Alliance), and will assist the vendor and sponsor community as they begin to extend the CORE system.
  • It is difficult to specify a precise timeline for extensions to the CORE engine because for the most part they will be developed by third parties (vendors and sponsors); however, as a strawman timeline for consideration:
    • CDISC projects third parties to provide engine extensions during the one-year period of Q3 2022 to Q2 2023. During this period, CDISC will develop the Conformance Rules for the remaining Foundational Standards not covered during the MVP period.
    • CDISC projects third parties to then add more “ease of use” features to the CORE engine during the next one-year period from Q3 2023 to Q2 2024. During this period, CDISC will release new Conformance Rules as it releases new standards.


How to Participate

We invite your organization to participate in this exciting new project.
Please visit the CORE Project Participate tab to learn more.

Additional Resources

CORE Charter

CORE Press Release

Latest page content update: 15 Jun 2022

First project milestone reached: 28 April 28 2022

CORE Minimal Viable Product (MVP) v1.0 was made available April 28, 2022:

  • Deployed on CDISC’s Azure cloud subscription, free to users
  • Initially includes 200+ Rules for SDTMIG v3.4, and test data provided by CDISC
  • Visit the TRY IT NOW tab to access the MVP Release

CORE Rules Development Planning

  • Additional Rules development planned in three phases, from May 2022 through Q3 2023, as described in the following graphic:
CORE Rules Delivery Planning
  • A “CORE Volunteer Onboarding Training” webinar for this Rules development was held June 7, 2022. The webinar covered the scope of Rules, the Rule Editor for authoring and testing Rules, and how to sign up and participate. Listen to the CORE Volunteer Onboarding Training. We invite you to sign up to participate on CORE.
  • Beyond the webinar, other on-boarding activities planned for Volunteers include:

CORE Engine Planning

  • Additional planned engine development is described in the following graphic:
CORE Engine Planning
  • The Evaluation phase is planned to run from May 2022 through June 2023:
    • Continue to improve functionality and features of engine, as needed, through multiple builds
    • Engine releases will be independent from deployments
    • Two deployments are planned:
      • A private cloud deployment
        • Available via the Azure Marketplace
        • Users can test the engine using CDISC Rules and their own data
        • Estimated to be available end of June 2022
      • An on-premises desktop deployment
        • Users can test the engine using CDISC Rules and their own data
        • Estimated to be available December 2022
    • CDISC anticipates that development of commercial solutions based upon the CORE engine will begin during this period.

  • CDISC plans the CORE engine to be an open-source software application:
    • It will be registered with the CDISC Open-Source Alliance (COSA)
    • CDISC is preparing to release the CORE engine as open-source via GitHub
    • The open-source governance and development organization is currently being designed by CDISC. It will center on a CORE Roadmap Board and Technical Committee.
    • The following graphic is a high-level depiction of the open-source organization.
CORE Governance

CDISC anticipates providing further information about the composition and operation of the CORE Roadmap Board and Technical Committee during the summer of 2022.


The CORE Project seeks volunteers for our Conformance Rules Development Team

  • Mission:
    • Develop the rules specification and the executable form of the rules
  • Work Areas:
    • Specification structure and content
    • Executable rules content
  • Roles and Experience:
    • Rule Developer
      • Experience developing conformance rules and/or using conformance rules to check clinical data
      • Knowledge of SEND, SDTM, or ADaM
      • Experience with regulatory submissions

Expected Engagement

  • Time Period: 3 - 6 months, or longer, if able
  • Hours per week: 2 - 4 hours, in addition to meeting attendance
  • Weekly Meetings and Workshops: Recorded and available for review

CORE Volunteer Onboarding Training Webinar

Join us 7 June 2022 for an Onboarding Webinar where we will explain tools and processes that will prepare you serve with our very active, global team. The webinar will be followed by a Q&A session; you can submit questions for the Q&A session in advance of the webinar when you register.

Sign-up Instructions

  • If you would like participate in this exciting effort, sign up on the CDISC volunteer page and indicate CORE on the form as the Standards Development team. Please include which CORE team you would like to join in the box at the bottom of the page.

CDISC held a webinar 20 July 2021 to provide a deeper understanding of the CORE project, share the “ask” of participants and answer questions from attendees. We invite you to listen to the webinar recording to learn more.

Latest page content update: 15 Jun 2022

Library Access

How do I set up a CDISC Library Account?

Please visit the Try It Now tab to set up an account.

Will a subscription to the CDISC Library be required to develop/use CORE?
  • Before CORE is deployed, CDISC will implement a version of the Library accessible to non-members to ensure that the access needed to use CORE is available to all.
  • A CDISC Library API key, accessible through a Library account, will be required for CORE to retrieve executable rules and standards.

Data Format

What data exchange formats will CORE support?
  • CORE will ingest a variety of dataset formats, including SAS v5 XPORT, Dataset-XML, Dataset-JSON, and CSV.
  • As an open-source application, vendors can extend CORE to add support for additional dataset formats.

Executable Rules Language and Rules Editor

In what computer language will the CORE executable conformance rules be written? Will the executable rules be system agnostic?

All executable rules for CORE (“Rules”) are expressed in YAML. YAML is a non-proprietary data interchange language. Rules are authored in the Rule Editor, which is an on-line web application. Prior knowledge of any programming languages is not required to author Rules in the Rule Editor. All Rules are based on one data model, from which we deduce a schema. This schema is the backbone of the Rule Editor, providing syntax hints and validations.

CDISC maintains rule sets along with publication of foundational standards. Many conformance rules in these rule sets can easily be transcribed into metadata and rule logic, whose structure is bound to the schema. Schema validated Rules are sent to the CORE Rule Engine (“Engine”) for execution.

The Engine provides a framework to plug-in new rule types developed by the CORE team or by other implementers that have the need for additional types of rules.

CDISC plans to only test and validate the Rules with the Engine; however, vendors and sponsors will have the option to develop their own applications to work with the Rules, under an open-source arrangement.

Format Reports

In what output formats will the CORE reports be available?
  • CORE reports will initially be produced in Excel to facilitate day-to-day operations by CORE users.
  • CORE plans to support SDRG-XML so that the output of the rule execution will be available in a reviewer’s guide format.
  • More technical outputs such as XML, JSON, and CSV are planned for later CORE versions or update release.
  • Vendors and sponsors will have the ability to extend the open-source CORE engine to provide reports in additional output formats.


How can these rules and open-source technology be integrated with current operational clinical data systems?
  • The executable Conformance Rules will be available in the CDISC Library, and a rich set of APIs will be provided for the CORE engine to access these rules.
  • The open-source CORE engine can be integrated into or run by existing clinical data systems to add a standards conformance capability.
  • The CORE system will also provide an API to enable integration with existing clinical data systems.
  • In other words, users can create hard endpoint integrations or API endpoints for the CORE engine with their existing systems.

Relationship to Commercial Systems

How does CORE relate to open-source and commercial systems available today?
  • The CORE engine will be open-source, available to all. It will not be offered by CDISC as a commercial product.
  • The CORE engine will be designed execute the CDISC Conformance Rule sets.
  • The CDISC Conformance Rules will be an integral part of the CDISC Standards; they will be developed by CDISC with the Community and will be governed by CDISC standards development processes.
  • The CDISC Conformance Rules will be an unambiguous, executable set of rules for CDISC Standards.
  • The Conformance Rules for new CDISC Standards will be developed and released in a timely manner (i.e., as the new standards are released).
  • The CDISC Conformance Rules will be a single source of truth, open-source and available to all in the CDISC Library.
  • The CDISC Library will provide a rich set of APIs to access the CDISC Conformance Rules.
  • The CDISC Conformance Rules will be expressed in a common/layman language.
  • Vendors and sponsors will be able to integrate the open-source CORE engine into their operational systems.

Regulatory Agency

How do you see the involvement of Regulatory Agencies?
  • We would expect the Regulatory Agencies to be involved in this project to ensure that their requirements are met.
  • CDISC will work closely with the Regulatory Agencies to ensure the necessary guidance and input for the conformance rules to be compliant with published requirements for each agency
When the Regulatory Agencies do use CORE, will that use replace their current use of any other Conformance Rules systems?

At the time this response is being written (July 2021), the CORE project is just launching and the Regulatory Agencies have not yet determined their participation in the project or their future use of CORE vis-à-vis their use of any other Conformance Rules systems.

Will the CDISC Conformance Rules account for the Regulatory Agency-specific rules from Technical Conformance Guides and/or technical rejection criteria?
  • Yes, CDISC expects to include Regulatory Agency-specific rules within its full set of rules in CORE.
  • It is expected that the user can run this specific rule set on the data.
  • It is expected that these rule sets will be based on the relevant agency requirement documents.
When Regulatory Agency-specific conformance rules conflict with CDISC Conformance Rules, will the Regulatory Agency rules supersede the CDISC Rules?
  • There are small but important implementation differences between the CDISC standards and the regulatory agencies implementation.
  • Even-though CDISC will continue to work with the Agencies to minimize the difference in implementations, it is expected that differences will continue to exist.
  • It is expected that the user will have the option to check the conformance of the data against multiple rulesets, and the user will be able to configure the rule sets to meet their needs, such as disabling a conflicting rule.
Will technical support be provided to Regulatory Agencies for their use of the CORE engine?

Yes, CDISC would ensure appropriate technical support is provided for future use of CORE by the Regulatory Agencies.

Access to CORE Source Code via GitHub

How can I access the CORE source code to implement my own conformance checking tool?

CDISC will provide details when the CORE source code is released as open-source on GitHub.

Will CDISC provide GitHub training when CORE is released as open-source as GitHub?

Yes, CDISC will provide GitHub training when CORE is released as open-source on GitHub.


Is the CORE API based upon the REST standard?

Yes, CORE has a REST API.

Validation of a CORE Implementation

How can I confirm that my implementation of the CORE engines works correctly?

CORE will include a suite of automated tests that can be used to help confirm that a CORE implementation is functioning correctly. CDISC also plans to implement a certification program to verify that software that executes the Conformance Rules functions correctly and consistent with the CORE Reference Implementation.

If companies/organizations develop their own engine, how is it guaranteed that this implementation obeys (i.e. gives the same results) as the reference implementation?

CDISC plans to implement a certification program to verify that any software that executes the Conformance Rules functions correctly and consistent with the CORE Reference Implementation. All CORE Certified software engines will demonstrate that they yield the same results given the same set of rules and CDISC datasets.

Data Security

How does CORE handle data security?

CORE has undergone a security review and comprehensive threat assessment to identify and address vulnerabilities. The CORE architecture addresses stringent data and application security requirements to ensure that CORE can be deployed in a highly-secured and validated environment. Since CDISC will not provide a production deployment of CORE, each implementation should be evaluated to ensure the environment meets all identified security requirements. Given the detailed nature of software and data security, CDISC plans to publish a white paper to provide a comprehensive response to address CORE security questions.


I would expect that the implementation of the rules will identify gaps/errata in the SDTMIG 3.4. Is there a planned feedback and development cycle for the ruleset to progress hand-in-hand with the CORE initiative?

Going forward, the development cycle for the Conformance Rules will become a normal part of the standards development.

Can the tool be available as desktop tool also?
  • CORE will be developed for the cloud and will ingest locally maintained data. Initial deployments include public and virtual private cloud-based solutions.
  • A range of future cloud and on-premises deployments are planned, including a virtual machine-based laptop deployment.
The CDISC Conformance Rules will be metadata that resides in the CDISC Library. Will the sponsor-specific rules also reside in the CDISC Library?
  • The CORE engine will be designed to run conformance rules from the CDISC Library, as well as sponsor-defined rules. Sponsor-defined rules will not be maintained in the CDISC Library.
  • CORE plans to include Conformance Rule authoring tools that support the development and testing of both CDISC and sponsor-defined rules.
How to build the sustainability of this open-source project?

CORE will be released as an open-source project under the MIT license, and we will continue to grow the community of volunteer developers, rule authors, and testers that have contributed to CORE's development thus far. As we transition to open-source development and governance models, additional roles and opportunities will emerge for CORE contributors. Over 80 volunteers from over 50 companies have contributed to CORE development to date. If you're interested in joining us, please check out the CORE page.

CDISC has initiated the CDISC Open Source Alliance (COSA) to support and promote open-source software developed for the CDISC standards, including the CORE project. COSA will plan community building activities such as hackathons, workshops, conference sessions, and webinars to help build the CORE open-source community.

CORE Minimal Viable Product (MVP)

Run conformance checks on sample CDISC datasets to explore the CORE MVP's features and functionality. CORE MVP is freely available to employees of CDISC members and non-members.

Access: You will need a CDISC Library account to log into CORE. If you already have a Library account, please use that to log into CORE. If you do not have a CDISC Library account, you can create one using the Sign Up link at the CORE Log In screen.


Questions and Feedback: Please complete our contact form to share feedback or ask questions.

View the CORE Tutorial