ISO/IEC 19086-2:2018

INTERNATIONAL ISO/IEC
STANDARD 19086-2
First edition
2018-12
Cloud computing — Service level
agreement (SLA) framework —
Part 2:
Metric model
Informatique en nuage — Cadre de travail de l'accord du niveau de
service —
Partie 2: Modèle métrique
Reference number
ISO/IEC 19086-2:2018(E)
ISO/IEC 2018
---------------------- Page: 1 ----------------------
ISO/IEC 19086-2:2018(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2018

All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may

be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting

on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address

Foreword ........................................................................................................................................................................................................................................iv

Introduction ..................................................................................................................................................................................................................................v

1 Scope ................................................................................................................................................................................................................................. 1

2 Normative references ...................................................................................................................................................................................... 1

3 Terms and definitions ..................................................................................................................................................................................... 1

4 Symbols and abbreviated terms ........................................................................................................................................................... 2

5 Conformance ............................................................................................................................................................................................................. 3

6 Metrics overview .................................................................................................................................................................................................. 3

6.1 General ........................................................................................................................................................................................................... 3

6.2 Background ................................................................................................................................................................................................ 3

6.2.1 Choosing a cloud service ........................................................................................................................................... 3

6.2.2 Convert requirements to agreement .............................................................................................................. 4

6.2.3 Ensure the agreement is being met ................................................................................................................. 5

6.3 Metrics ............................................................................................................................................................................................................ 5

6.4 Cloud service metrics (CSMs) .................................................................................................................................................... 5

6.4.1 Major stakeholders ........................................................................................................................................................ 6

6.4.2 CSM usage categories ................................................................................................................................................... 7

7 Metric model overview ...............................................................................................................................................................................10

7.1 General ........................................................................................................................................................................................................10

7.2 Basic concepts ......................................................................................................................................................................................11

7.2.1 Introduction ......................................................................................................................................................................11

7.2.2 Cloud service level objectives and cloud service qualitative objectives .......................11

7.2.3 Metric data format .......................................................................................................................................................12

8 Metric model ..........................................................................................................................................................................................................12

8.1 Metric model development .......................................................................................................................................................12

8.1.1 Metric model specification ...................................................................................................................................13

8.1.2 Use of UML class diagrams and textual descriptions ....................................................................13

8.1.3 Metric model description ......................................................................................................................................13

8.1.4 Extending the metric .................................................................................................................................................14

8.1.5 Metric model details ..................................................................................................................................................14

Annex A (informative) SO and SO evaluation ............................................................................................................................................18

Annex B (informative) Metric — Table form .............................................................................................................................................20

Annex C (informative) CSM examples ...............................................................................................................................................................23

Annex D (normative) XML schema ......................................................................................................................................................................36

Bibliography .............................................................................................................................................................................................................................39

ISO (the International Organization for Standardization) is a worldwide federation of national standards

bodies (ISO member bodies). The work of preparing International Standards is normally carried out

through ISO technical committees. Each member body interested in a subject for which a technical

committee has been established has the right to be represented on that committee. International

organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.

In the field of information technology, ISO and IEC have established a joint technical committee, ISO/

The procedures used to develop this document and those intended for its further maintenance are

described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the

different types of ISO documents should be noted. This document was drafted in accordance with the

editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/directives).

Attention is drawn to the possibility that some of the elements of this document may be the subject of

patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of

any patent rights identified during the development of the document will be in the Introduction and/or

Any trade name used in this document is information given for the convenience of users and does not

For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and

expressions related to conformity assessment, as well as information about ISO's adherence to the

World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see www .iso

This document was prepared by Technical Committee ISO/IEC JTC1, Information technology,

Any feedback or questions on this document should be directed to the user’s national standards body. A

The measurement of properties of cloud services, especially for the purpose of cloud service level

agreements (SLAs), presents many challenges, which inhibit the uptake of cloud services and inhibit

the overall effectiveness of the cloud services marketplace. Metrics in practice are usually described

using natural languages, typically in ‘plain English’, which is often difficult to understand, compare, and

implement. Such definitions of metrics lead to many problems. Typical concerns include:

— Clarity: The metric definition may be incomplete, ambiguous, illogical, self-contradictory, or not

defined at all. For example, cases exist where ‘availability’ is defined in ways which have little to do

with generally accepted definitions of ‘availability’; where the definition is such that the service can

be unavailable for the majority of the time yet the metric will show 100 % availability; where the

metric requires continuous monitoring, which is actually not possible; or where the provider is able

— Comparability: It may be impractical or effectively impossible to compare different services

in terms of their promised service levels because of the significant inconsistency in how their

— Implementation: It may be impractical or even impossible to measure the metric in practice, and

This document has been developed to help address these and similar concerns. It includes technical

content, but the high-level concepts are expected to be understandable by non-technical individuals

who understand the business context for metrics. It provides a metric model that defines the conditions

A metric complying with the model defined by this document addresses the concerns above:

— Clarity: A definition of a metric eliminates the ambiguities which currently exist in natural language

— Comparability: The structured nature of the metric facilitates the comparison of different metrics

— Implementation: The structured representation of the information needed to measure a

characteristic facilitates the process of developing measurement tools. Likewise, if the metric is

found not to be implementable, then the metric will need to be revised so that it can be implemented,

and the structure of the technical specification is expected to facilitate this revision process.

The focus of this document is on metrics for cloud SLAs, but it is also usable for cloud service metrics

(CSMs) that are not included in cloud SLAs [such as ones used by cloud service providers (CSPs) for their

This document establishes common terminology, defines a model for specifying metrics for cloud

SLAs, and includes applications of the model with examples. This document establishes a common

This document is for the benefit of and use for both cloud service providers (CSPs) and cloud service

customers (CSCs). This document is intended to complement ISO/IEC 19086-1, ISO/IEC 19086-3 and

This document does not mandate the use of a specific set of metrics for cloud SLAs.

The following documents are referred to in the text in such a way that some or all of their content

constitutes requirements of this document. For dated references, only the edition cited applies. For

undated references, the latest edition of the referenced document (including any amendments) applies.

ISO/IEC 17788, | ITU-T Y.3500, Information technology — Cloud computing — Overview and vocabulary

ISO/IEC 19086-1, Information technology — Cloud computing — Service level agreement (SLA)

W3C Recommendation 28 October 2004. XML Schema Part 1: Structures Second Edition . ht t p: //w w w .w3

W3C Recommendation 28 October 2004. XML Schema Part 2: Datatypes Second Edition. ht t p: //w w w .w3

For the purposes of this document, the terms and definitions given in ISO/IEC 17788 and the following

ISO and IEC maintain terminological databases for use in standardization at the following addresses:

commitment a cloud service provider (CSP) makes for a specific characteristic of a cloud service

Note 1 to entry: The set of SOs is the union of the set of cloud service level objectives (SLOs) and the set of cloud

Note 1 to entry: Based on the definition of measurement in ISO/IEC/IEEE 15939:2017. Also used here to describe

an actual instance of execution of these operations leading to the production of a measurement result instance.

value that expresses a qualitative or quantitative assessment of a cloud service characteristic (3.1)

standard of measurement that defines the conditions and the rules for performing the measurement

Note 1 to entry: The metric describes what the result of the measurement means, but not how the measurement

Note 2 to entry: A metric is to be applied in practice within a given context that requires specific properties to be

Note 3 to entry: The metrics model proposed in this document supports the definition of composite metrics,

[SOURCE: ISO/IEC 19086-1:2016, 3.10, modified — Notes to entry have been modified.]

real scalar quantity, defined and adopted by convention, with which any other quantity of the same

kind can be compared to express the ratio of the second quantity to the first one as a number

A metric specification is in conformance with this document when the specification of the metric uses

the data-types and relationships described in Clause 8. If the XML namespace at http: //standards .iso

.org/iso -iec/19086/ -2/ed -1/en is used for an XML document representing a metric, that document shall

This document describes metrics, metrics usage, and defines a model for the consistent specification of

metrics for cloud SLAs. The underlying model and template is important for those defining metrics and

Cloud computing is an integral part of IT, yet it is still difficult to define the properties and performance

of a cloud service. A CSC purchases cloud services for one overarching reason – to achieve organization

goals. To this end, it is important for a CSC to understand the properties of a cloud service, to understand

the service capabilities for these properties, and to understand if it will meet the CSC’s requirements

necessary to achieve the CSC’s organization goals. Likewise it is important to a CSP to be able to

communicate the properties and performance of a cloud service so CSCs will be able to determine

Typical categories of cloud service characteristics that the CSC might be interested in include:

performance, availability, information security, accessibility, cloud service support, termination of

service, governance, service changes, service reliability, attestations/certifications, data management,

and PII protection. A description of each along with associated SLOs/SQOs is included in ISO/IEC 19086-

b) agreement (CSA, which includes the cloud SLA) between the CSP and the CSC on the properties and

c) operational management, where the operation of the cloud service is monitored to ensure the service

Currently, CSPs create their own methods to define the representation of a cloud service characteristic,

and therefore influence the understanding of the characteristic itself. This makes comparing cloud

service characteristics across CSPs (and sometimes within a CSP) difficult or impossible. The cloud

service characteristics are often described using ambiguous text descriptions and are not only

difficult to compare, but difficult to understand. This makes transferring a set of requirements into an

agreement between the CSC and CSP difficult; resulting in an agreement that might not meet the needs

As described in ISO/IEC 19086-1, a commitment written into a cloud SLA takes the form of either an

SLO or an SQO. SLOs are quantitative commitments for representations of cloud service characteristics,

while SQOs are qualitative commitments for representations of cloud service characteristics.

The cloud service will be available 99,9 % of the time in a given billing cycle. If we fail to meet this

Unavailability means: a) The cloud service provides no response, or b) the cloud service returns a

server error response to a valid user request during two or more consecutive one minute intervals,

or c) the cloud service fails to deliver an average download time for a reference document of one

second or less as measured by a third party. Unavailability due to scheduled maintenance is

excluded from these conditions and does not contribute towards unavailability calculations.

This is a good example to consider since it is fundamental to all cloud services (CSCs want the service

to be available for their use). Although a number (percentage) is given for availability it is not clear how

this number is calculated. A definition of unavailability is provided, but it is not clear how the availability

percentage is calculated from unavailability. Another provider could use the concept of availability and

calculate it differently, making comparison of an SO or measured service levels impossible.

Figure 1 — Side by side comparison of availability commitment from two different providers

Figure 1 shows a CSC comparing availability for two services. While the characteristic (availability)

and commitment level (99,99 %) seem identical; the text defining uptime for the two services is

fundamentally different. Cloud service A uses a time based description for availability while cloud

service B uses a transaction based description for availability. The CSC is therefore unable to evaluate

Once a CSC has chosen a service that meets their requirements, the CSP will work with the CSC to come

to an agreement on what exactly will be provided and at what level. The requirements will be codified

into a set of SLOs and SQOs written in a cloud SLA. As with the service capability descriptions used

during the decision making process, the SLOs/SQOs are currently described using natural language

and take different forms depending on the CSP. This not only adds ambiguity to the process, it adds

additional time and complexity to the process as each SO must be thoroughly reviewed and assessed in

Once an agreement is in place and the cloud service is provisioned for the CSC, the CSC users will start

using the service or services. During operation, both the CSP and the CSC will monitor the services

to ensure that it is operating as expected. The CSP will provide tools to measure the cloud service

characteristics of the service and/or provide the data to the CSC. The CSC will compare these service level

measurement results to the SO specified in the agreement. Due to the ambiguous and inconsistent nature

of how SLOs/SQOs and metrics are currently described, it is difficult for the CSC to have confidence that

these measurement results are calculated in the same manner as defined in the cloud SLA.

A metric, or standard of measurement, helps to clarify cloud service characteristics by providing details

about how a cloud service characteristic is measured. A metric provides a definition (e.g. expression,

unit, rules, parameters) of the measurement of the characteristic, and therefore, provides knowledge

about the characteristic itself. It provides the necessary information for repeatability, reproducibility,

The metric describes a cloud service characteristic and the details (parameters, data, rules,

expressions, additional details) necessary to use it. For example, an “availability” metric will define

the practical aspects of how to perform the measurement necessary to calculate availability, how to

measure downtime, exclusion rules, etc. The measurement result is a value that results from making

a measurement that follows a given metric. The measurement result is an estimate of a characteristic

that is being observed. As shown in Figure 2, metric defines the rules so a measurement can be made

in a repeatable, comparable manner. A measurement produces a measurement result that, combined

with the information in the metric, provides knowledge about the characteristic. Characteristics

of cloud services are almost never exactly known. Instead, an approximation of the characteristic is

estimated (based on one or more measurements) with some understanding of the uncertainty between

the approximation and the actual value of the characteristic. This uncertainty is directly tied to the

measurement process used. In other words, a metric is a standard set of rules that allow a measurement

process that follows the rules to generate repeatable, comparable estimates of a characteristic.

Since the metric provides both understanding of the characteristic and the information necessary to

make repeatable and comparable measurements, it can be used not only for the measurement process,

What level of detail is included in a metric is up to the stakeholders. A metric may be only the basic

equations needed to calculate a measurement result or it may include the detailed measurement

Example scenarios for cloud services include the application of an availability metric for a SLO

commitment of 99 % in a cloud SLA or the application of an accessibility metric for a service quality

objective of “high” in a decision process scenario. In this manner CSMs help CSPs communicate the

properties of their cloud services, help CSCs and CSPs agree on what will be provided, and allow cloud

Cloud services can use metrics in many different ways. Metrics can be used at different layers of a

cloud service (e.g. hardware layers, logic layers, governance layers or service layers). They can also be

used at different stages of the cloud service life cycle (e.g. selection, procurement, operation, audit and

Although the metric model described in Clause 8 is designed for general use, in this document the focus

The definition and usage of appropriate metrics with their underlying measures are essential

components of the cloud SLA and the SLOs/SQOs, which are constituents of the cloud SLA. Within a

cloud SLA, the metrics are used to set the boundaries and margins of errors the provider of the service

commits to deliver, and their limitations. Standardized metrics and metric templates for cloud SLAs

makes it easier and quicker to develop cloud SLAs and the included SLOs/SQOs. Once the cloud SLA is

in place, metrics could be used at runtime to measure the services levels and determine if the service is

Metrics for cloud services have several uses for CSCs and CSPs including but not limited to:

— Metrics help CSCs to compare offerings from different CSPs (when CSPs uses the same metrics to

— Metrics can be used by CSCs to determine if the CSP is meeting their commitments as described in

This subclause describes stakeholder types that have an interest in cloud SLA metrics. Each stakeholder

type represents a different set of interests and related concerns. Each stakeholder type uses metrics in

Negotiates agreements for cloud services between CSP and CSC. Uses this document as reference for

Evaluate cloud services for performance against a set of requirements and commitments. Use ISO/

IEC 19086-2 based metrics to define and measure cloud service characteristics that relate to the

requirements. A specific type of auditor may also use this document to evaluate the measurement

system itself. Needs to understand the metric used to measure a cloud service characteristic.