GUI portal

This Graphical User Interface portal enables users to draw and annotate network topologies and workflows through intuitive visual tools, designed for accessibility by novice users.

GUI portal

This Graphical User Interface portal enables users to draw and annotate network topologies and workflows through intuitive visual tools, designed for accessibility by novice users.

MAN portal

The Manual portal provides advanced SSH-based access for expert users to directly control experimental nodes and conduct exploratory research with maximum flexibility in testbed resource manipulation.

MAN portal

The Manual portal provides advanced SSH-based access for expert users to directly control experimental nodes and conduct exploratory research with maximum flexibility in testbed resource manipulation.

JUP portal

Through the Jupyter portal, mature experimental workflows are documented and automated using notebook interfaces, ensuring research reproducibility and systematic execution.

JUP portal

Through the Jupyter portal, mature experimental workflows are documented and automated using notebook interfaces, ensuring research reproducibility and systematic execution.

HUM portal

Operating as a Human Study portal, this platform facilitates researcher deployment of innovations and systematic collection of participant feedback through structured interaction pathways on the SPHERE platform.

HUM portal

Operating as a Human Study portal, this platform facilitates researcher deployment of innovations and systematic collection of participant feedback through structured interaction pathways on the SPHERE platform.

AEC portal

Functioning as the Artifact Evaluation Committee portal, this system connects paper authors with reviewers on shared infrastructure, supporting the submission, assessment, and archival of research artifacts for community reuse.

AEC portal

Functioning as the Artifact Evaluation Committee portal, this system connects paper authors with reviewers on shared infrastructure, supporting the submission, assessment, and archival of research artifacts for community reuse.

EDU portal

Serving as an Education portal, this platform empowers teachers to create student accounts, upload materials, and design cybersecurity assignments featuring attack-defense scenarios in contained network environments.

EDU portal

Serving as an Education portal, this platform empowers teachers to create student accounts, upload materials, and design cybersecurity assignments featuring attack-defense scenarios in contained network environments.

REE library

The Representative Experimentation Environment library serves as a crowdsourced collection of standardized evaluation environments for cybersecurity and privacy research, built through annual funding programs where artifact authors port mature research as virtual interns to create field-specific benchmarks.

REE library

The Representative Experimentation Environment library serves as a crowdsourced collection of standardized evaluation environments for cybersecurity and privacy research, built through annual funding programs where artifact authors port mature research as virtual interns to create field-specific benchmarks.

REE library

The Representative Experimentation Environment library serves as a crowdsourced collection of standardized evaluation environments for cybersecurity and privacy research, built through annual funding programs where artifact authors port mature research as virtual interns to create field-specific benchmarks.

Research artifact library

A comprehensive archive system that enables users to package, store, and share their research artifacts, featuring built-in support for experimental workflows and automatic recording of exploratory research actions, while maintaining verified reproducibility badges from evaluation committees.

Research artifact library

A comprehensive archive system that enables users to package, store, and share their research artifacts, featuring built-in support for experimental workflows and automatic recording of exploratory research actions, while maintaining verified reproducibility badges from evaluation committees.

Merge Portal

Kubernetes-based frontend implementation delivers core API services for experiment compilation and realization, alongside XDC (Experiment Development Container) pods that enable secure user access through SSH/Jupyter interfaces and connect to backend facilities via VPN tunnels. This microservice architecture supports flexible integration and scalable testbed operations.

Merge Facilities

Distributed backend resources combine infrastructure services and podman-containerized core API components with Qemu/KVM virtualization for user experiments, leveraging Cumulus Linux switches for VXLAN-based network segmentation. The system maintains strictly separated networks for infrastructure control and experiment traffic, while supporting multi-facility integration through the Merge Facility API.

Machine learning nodes

Ten powerful GPU-equipped servers are crucial in developing cybersecurity systems incorporating real-time machine learning detection and response capabilities.

Embedded compute nodes

The embedded-compute infrastructure, featuring 400 diverse nodes with CPUs and GPUs, forms a robust backbone for exploring edge security paradigms and advancing federated learning protocols in secure environments.

General compute nodes

Empowering privacy-centric experimentation, the 200 general-compute nodes integrate specialized processor architectures like Intel TDX and AMD SEV, enabling researchers to conduct large-scale security measurements and trustworthy computing investigations.

Embedded CPS

Critical infrastructure protection research finds its home in the cyber-physical systems setup, where complete architectures emulate industrial control systems, allowing security researchers to test and validate defensive measures for vital facilities.

Software-defined networking nodes

A network of 40 nodes equipped with NetFPGAs provide a programmable foundation for investigating SDN security improvements and implementing flexible network defense mechanisms.

FABRIC

FABRIC, a distributed research infrastructure spanning 29 sites with high-speed optical connections, enables SPHERE to link its IoT enclave at Northeastern University with USC-ISI and USC facilities. This connectivity, combined with Merge software, allows SPHERE to create unified experimental topologies across geographically distributed enclaves.

IoT (smart) nodes

The expansive collection of 500 IoT nodes, spanning various smart devices and appliances, serves as a comprehensive testbed for exploring IoT security vulnerabilities and developing privacy-preserving solutions for connected environments.

Security policies

The portal's security policies define three tiers of experiment access: (1) standard policies allow basic Internet connectivity (HTTP, HTTPS, SSH) for common research needs, (2) expanded policies permit broader Internet access with automated monitoring for riskier research like Internet-wide measurements, and (3) containment policies enforce complete isolation for maximum-risk experiments requiring strict security controls.

Security policies

The portal's security policies define three tiers of experiment access: (1) standard policies allow basic Internet connectivity (HTTP, HTTPS, SSH) for common research needs, (2) expanded policies permit broader Internet access with automated monitoring for riskier research like Internet-wide measurements, and (3) containment policies enforce complete isolation for maximum-risk experiments requiring strict security controls.