Real telemetry. Real protocols. Replayable physics.

Every analog tag is driven by a calibrated physics-honest response model; every discrete equipment state is driven by an event-driven state machine with safety interlocks. The result is telemetry that doesn't just look real on a chart; it satisfies the physical constraints your IDS or analytics expect.

Six SCADA protocols in the engine today — Modbus TCP, OPC-UA, BACnet/IP, MQTT, DNP3, IEC 61850 (MMS/GOOSE/SCL). Standard Virtual SCADA produces batch frame traces for all six (NDJSON / Parquet / pcapng records of what went on the wire). Enterprise VPLC upgrades the same six protocols to live TCP servers on real ports inside a real-time-capable Docker container on your infrastructure — IDS, operator consoles, and red-team tooling can connect as if it were a production plant.

A broad library of pre-built plant templates spanning water, power, manufacturing, oil & gas, HVAC, and more. Each template carries the response models and state machines for every loop in the plant, mapped to the right protocol surface for the vertical.

Realistic disturbances bake in: storm-surge inflow, blower failure, sensor drift, valve seize, breaker trip — all on a deterministic schedule that replays byte-equal across runs.

A Virtual SCADA run is a first-class input to the ICS Security engine. Inject MITRE ATT&CK ICS classes against a live process; the truth file labels the result; one bundle ships both telemetry and adversary ground truth.

pcapng + signals.parquet + alarms.json + commands.json + asset_inventory.json all hashed and chained with BLAKE3 into a sealed .tar.zst. Verifiable offline, replayable forever.

Per-plant dwell-time distributions (LogNormal/Weibull/Gamma/Deterministic) drive the regime timeline. Setpoints are regime-conditional — DO sags in fault, pumps cycle in high-load, valves lean in maintenance. No geometric-Markov artifacts.

Catalogued archetypes wire signal-to-signal influence (flow→pressure, DO→NH₄⁺, P→voltage-sag) through an analytic coupling graph. Target correlation converts to edge gain in closed form — no hand-tuned knobs.

Each signal declares its process class (additive, multiplicative, CIR). The integrator dispatcher picks Euler-Maruyama, log-Euler, or Milstein per signal, with Strang splitting when a block is stiff and coupled. Feller-safe CIR keeps dissolved-oxygen, reaction rates, and frequency deviations off boundary pins.

A short pre-roll measures observed utilisation per signal; one Newton correction retunes the stochastic scale to the authored target. The same 1-hour substation run reaches realistic coefficient-of-variation without human parameter-fitting.

Substation V/f/P/Q are driven by a swing equation + AVR + voltage-dependent load block at IEEE C37.010 nominals. Stochastic noise rides on the deterministic load-flow solution — not the other way round.

The same integrator feeds a per-tick SSE stream and the sealed batch bundle. Consumers subscribe at /v1/client/runs/{run_id}/stream; late joiners replay from the ring buffer. A missed frame never silently drops — the sealed transcript is the source of truth.

Bring your historian

Point at a CSV, Parquet, or PI System export; the Differentially-Private Historian Extension fits a sanitised statistical summary under an (ε, δ) budget with Rényi-DP accounting. Raw rows never leave the ingest boundary.

Federate across sites

k-site aggregation runs under MPC additive secret sharing (three-server), SGX/SEV/Nitro TEE, or trusted-aggregator mode. Each site publishes only its sanitised summary; the coordinator sees the aggregate, never the raw tuples.

Privacy evidence travels with the bundle

Every run ships a privacy_evidence.json carrying the epsilon/delta ledger, per-signal sensitivity bounds, aggregation backend, and participant receipts. Audit-ready on the first read.