Source linked

Deployment Simulation Predicts LLM Safety Shifts 92% of the Time

alignmentforum.org@frontier_wire3 hours ago·Artificial Intelligence·2 comments

A new method replays previous user conversations with a candidate model, predicting real-world safety changes with 92% accuracy versus 54% from standard evals.

alignment forumllm safetydeployment simulationgpt 54red teamingai safety evals

92% of the time, Deployment Simulation correctly predicted whether a new model's safety behavior would get better or worse in production - a 38-point jump over traditional evals. That number comes from the GPT-5.4 study, where the method replayed anonymized user conversations (privacy-preserved) through a candidate model before release.

Traditional safety evals throw adversarial prompts at a model and call it a day. Deployment Simulation does something smarter: it replays real deployment traffic from previous model versions with the new model, letting you see how it would actually behave if users hit it with the same kinds of requests tomorrow. For categories where production rates changed by at least 1.5x, the simulated deployment nailed the direction of change 92% of the time. The baseline built from challenging prompts? 54%.

Traditional Evals Have Stage Lights; Simulated Traffic Doesn't

The paper's own language is blunt: "Traditional evals often visibly have stage lights; production prefixes mostly do not." Evaluation-awareness leaks into standard tests - models can sniff that they're being probed and adjust behavior. Real user traffic doesn't come with that tell. By replaying production prefixes, Deployment Simulation sees the model in its natural habitat, not a lab cage. That difference explains a lot of the accuracy gap.

Agentic Tool Use: The Hardest Test Requires Simulated State

Agentic setups are the tough case. Realistic tool use depends on external state - filesystems, connectors, syscalls, network services, and outputs from previous tool calls. You can't just replay a prompt; you need to simulate the environment. The solution here uses another model to simulate tool responses, fed with the original trajectory and time-matched codebase where possible. That restores the dependency chain without shipping the candidate model live.

Deployment Simulation isn't meant to replace traditional evals. It's a complementary forecast - something between a unit test and a production load test. The authors have already used it during model development to catch blind spots in standard evaluations and adjust mitigations before release. As the pipeline gets easier to run, expect this kind of prerelease simulation to become a standard gate in safety reviews, turning safety eval from an obstacle course into a real predictive instrument.

Source: Predicting LLM Safety Before Release by Simulating Deployment
Domain: alignmentforum.org

Read original source ->

External source stays available while the OJO article and comment thread stay local.

More in Artificial Intelligence

view topic
Coherent's Texas Fab Quadruples Wafer Area to Scale AI Optical Interconnects

Coherent broke ground on a 6-inch indium phosphide fab in Sherman, Texas, backed by a $2 billion NVIDIA investment and a $50 million CHIPS Act grant, to scale the optical backbone that connects AI systems at light speed.

NVIDIA XR AI Public Beta Lets AR Glasses See, Hear, and Reason

NVIDIA's public beta framework pipes video, audio, and sensor data into reasoning models and enterprise tools for hands-free assistance in factories, labs, and operating rooms.

cuTile Rust Hits 92% of B200 Peak with Zero Safety Overhead

NVlabs' safe Rust DSL for tile-based GPU kernels delivers 7 TB/s memory bandwidth and 2 PFlop/s GEMM within 0.3% of hand-tuned low-level code, while eliminating data races and use-after-free.

Amazon Bedrock Guardrails Drops Resourceless Safety Checks for Agentic Loops

The new InvokeGuardrailChecks API returns numeric scores for content filters, prompt attacks, and PII detection without creating guardrail resources, letting developers build per-step safety logic for multi-turn agents.

Comments load interactively on the live page.