ADR-036: Simulation and Replay Architecture

Status

Accepted

Context

SEA-Forge™ requires deterministic “what-if” scenario execution capabilities to:

1. Validate policy changes before production rollout
2. Test semantic model changes against historical data
3. Generate evidence for governance audit trails
4. Train Pattern Oracle on simulated outcomes

Current state:

• No dedicated simulation infrastructure exists
• Replay depends on observability envelope (SDS-030)
• Evidence collection requires GovernedSpeed™ integration (SDS-047)
• Temporal memory stores historical patterns (SDS-015)

Decision

Adopt a Deterministic Simulation Kernel architecture with:

1. Snapshot Isolation — Simulations operate on immutable snapshots of semantic state
2. Manifest-Driven Execution — All simulation inputs derive from canonical manifests
3. Evidence-First Results — Every simulation run produces structured evidence artifacts
4. Pattern Oracle Integration — Results feed temporal memory for pattern learning

Core Invariants

• INV-SIM-001: Simulation outputs MUST be deterministic given identical inputs (manifest + snapshot + scenario)
• INV-SIM-002: Simulations MUST NOT mutate production state
• INV-SIM-003: All simulation evidence MUST be hashable and tamper-evident (ifl:hash)
• INV-SIM-004: Replay comparisons MUST use normalized event schemas

Architecture Pattern

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
┌─────────────────────────────────────────────────────────────┐
│                    Simulation Kernel                         │
├─────────────────────────────────────────────────────────────┤
│  ┌─────────────┐  ┌─────────────┐  ┌─────────────────────┐  │
│  │ Snapshot    │  │ Scenario    │  │ Execution           │  │
│  │ Manager     │→ │ Parser      │→ │ Engine              │  │
│  └─────────────┘  └─────────────┘  └─────────────────────┘  │
│         │               │                    │               │
│         ▼               ▼                    ▼               │
│  ┌─────────────────────────────────────────────────────────┐│
│  │              Evidence Collector                          ││
│  └─────────────────────────────────────────────────────────┘│
│         │               │                    │               │
│         ▼               ▼                    ▼               │
│  ┌─────────────┐  ┌─────────────┐  ┌─────────────────────┐  │
│  │ SDS-047     │  │ SDS-015     │  │ SDS-030             │  │
│  │ GovernedSpd │  │ Pattern     │  │ Observability       │  │
│  └─────────────┘  │ Oracle      │  └─────────────────────┘  │
│                    └─────────────┘                           │
└─────────────────────────────────────────────────────────────┘

Constraints

1. MUST use existing manifest schema (REF-011) for simulation inputs
2. MUST produce evidence compatible with SDS-047 Risk & Evidence
3. MUST support comparison against production traces from SDS-030
4. SHOULD leverage NATS JetStream for event replay when applicable (ADR-032)

Consequences

Positive

• Policy changes can be validated before deployment
• Governance teams gain pre-emptive risk visibility
• Pattern Oracle learns from both real and simulated scenarios
• Reduces production incidents from untested changes

Negative

• Adds complexity to the manifest schema
• Requires snapshot storage management
• Simulation results may not perfectly predict production behavior

Risks

Related Documents

References

• SDS-050: Semantic Identity Provenance