92% of the time, Deployment Simulation correctly predicted whether a new model's safety behavior would get better or worse in production - a 38-point jump over traditional evals. That number comes from the GPT-5.4 study, where the method replayed anonymized user conversations (privacy-preserved) through a candidate model before release.
Traditional safety evals throw adversarial prompts at a model and call it a day. Deployment Simulation does something smarter: it replays real deployment traffic from previous model versions with the new model, letting you see how it would actually behave if users hit it with the same kinds of requests tomorrow. For categories where production rates changed by at least 1.5x, the simulated deployment nailed the direction of change 92% of the time. The baseline built from challenging prompts? 54%.
Traditional Evals Have Stage Lights; Simulated Traffic Doesn't
The paper's own language is blunt: "Traditional evals often visibly have stage lights; production prefixes mostly do not." Evaluation-awareness leaks into standard tests - models can sniff that they're being probed and adjust behavior. Real user traffic doesn't come with that tell. By replaying production prefixes, Deployment Simulation sees the model in its natural habitat, not a lab cage. That difference explains a lot of the accuracy gap.
Agentic Tool Use: The Hardest Test Requires Simulated State
Agentic setups are the tough case. Realistic tool use depends on external state - filesystems, connectors, syscalls, network services, and outputs from previous tool calls. You can't just replay a prompt; you need to simulate the environment. The solution here uses another model to simulate tool responses, fed with the original trajectory and time-matched codebase where possible. That restores the dependency chain without shipping the candidate model live.
Deployment Simulation isn't meant to replace traditional evals. It's a complementary forecast - something between a unit test and a production load test. The authors have already used it during model development to catch blind spots in standard evaluations and adjust mitigations before release. As the pipeline gets easier to run, expect this kind of prerelease simulation to become a standard gate in safety reviews, turning safety eval from an obstacle course into a real predictive instrument.
Source: Predicting LLM Safety Before Release by Simulating Deployment
Domain: alignmentforum.org
Comments load interactively on the live page.