_ _ _____ _ ___ ___ ____
| | | | ____| | |_ _/ _ \/ ___|
| |_| | _| | | | | | | \___ \
| _ | |___| |___ | | |_| |___) |
|_| |_|_____|_____|___\___/|____/
Genomics Pipeline Audit & Validation Framework for signed, reproducible compliance evidence.
Clinical genomics labs need reproducible, machine-verifiable audit trails:
- ISO 15189:2022: evidence for software validation, traceability, and reporting.
- GA4GH standards: operational alignment with interoperable genomics ecosystems.
- EU AI Act: technical documentation and data governance artifacts (Articles 10/11).
HELIOS wraps pipeline execution, captures immutable run context, performs compliance checks, and exports signed reports.
pip install helios-audithelios init
helios key generate
helios run --pipeline nextflow --work-dir ./work --output-dir ./results
helios status
helios report --run-id <run-id> --format jsonSee docs/index.md.
- Primary quality pipeline: .github/workflows/ci.yml
- Security/compliance automation:
- Dependency Review requires the GitHub Dependency graph for this repository (repository owner: Settings → Security → Code security and analysis → Dependency graph). Without it, that workflow reports that dependency review is not supported.
- Repo governance:
| Standard | Coverage |
|---|---|
| ISO 15189:2022 | Validation traceability, software controls, reportability |
| GA4GH | Reference integrity, transcript evidence, crypt4gh outputs |
| EU AI Act Art. 10/11 | Data lineage, technical documentation exports |
CLI (Typer)
|
+-- Integrations (Nextflow / Snakemake)
|
+-- Checks (reference, container pinning, MANE, VUS, crypt4gh)
|
+-- Core (audit model, signer, hasher, storage)
|
+-- Export (JSON / PDF / RO-Crate)
|
+-- Dashboard API (FastAPI)
Contributions are welcome. See CONTRIBUTING.md.
Apache 2.0. See LICENSE.
HELIOS provides technical quality and compliance evidence support. It is not, by itself, a certification decision, legal determination, or regulatory approval.