Making Cloud SLAs readily usable in the EU private sector
Standards & the Common Reference Model
In order to maximize the impact and facilitate the adoption of the contributed Common Reference Model (CRM) by industrial stakeholders, and in particular by small-medium enterprises (SMEs), it is necessary to ensure its alignment with relevant standards and best practices.
This task will also benefit SMEs, who are typically not cloud experts, and often with very limited understanding of cloud service level agreements (SLAs) and especially the role of relevant related standards/best practices. Consequently, we started the alignment process by conducting a gap analysis of the CRM from the standardisation perspective by using as input the work done by SLAReady’s WP3 (International cooperation, consensus and standardisation), in particular D3.2 (Standardisation and international cooperation report) which reports relevant standards/best practices in this field.
Our goal is to ascertain the degree of standardisation related coverage of the CRM, such that the SMEs using it have assurance that the provided SLA guidance is aligned with the relevant standards and best practices. Furthermore, the results of the gap-analysis performed can be used by the SLA-Ready marketplace in order to create interactive guides that, based on the SMEs requirements, can realise both the
- CRM elements to consider for their own use cases;
- outline standards/best practices that could be taken into consideration either as development guidelines or references.
Initiatives being analysed Based on the outcomes from Deliverable 3.2:
|Organisation||Initiative acronym||Initiative||Relevance to the CRM|
|CSCC||CSCC SLA||Practical Guide to Cloud Service Level Agreements – v2||The 10 recommended CSCC SLA steps are state of practice.|
|EC||C-SIG SLA||Cloud SLA Standardisation Guidelines||These guidelines became part of the EC contribution to ISO/IEC 19086-1, and represent one of the main results from the respective C-SIG group.|
|EC||SMART||Standards terms and performance criteria in service level agreements for Cloud computing services||The proposed Model SLA is the most current EC-sponsored study in this field.|
|ETSI||TR 103 125||SLAs for Cloud services||The defined SLA template is relevant to the industry.|
|ISO||19086-1/-4||Cloud SLAs terminology, and security and privacy||Both standards are generating high expectations with the industry, so CRM alignment with them will also maximize its chances for industrial adoption.|
For each analysed standard/best practice, we assess if the corresponding CRM element is being referenced or not.
The primary conclusions from our analysis are the following:
- The analysis of the CRM with respect to surveyed standards and best practices shows that there is good coverage related to the CRM’s SLOs elements. However, general-purpose SLOs (e.g., related to existing certifications, and SLA governance) are only discussed in ISO/IEC 19086-1 and the Cloud Standards Consumer Council’s (CSCC) “Practical guide to Cloud SLAs version 2“.
- None of the analysed works utilized any standardized or consistent formats to specify the actual SLO metrics to use (please refer to Deliverable 2.2 for examples), although in many cases they provided selective high-level metrics as examples.
- Unfortunately, relevant standards such as the upcoming ISO/IEC 19086-1/-4 do not contain any reference related to essential CRM’s elements that SLA-Ready has identified as significant means to empower/guide SMEs in their transition to the Cloud. For example, the advocated elements such as SLA findability, update/validity period, available languages, are still not addressed by the standards. The same situation occurs with known best practices such as the “Cloud SLA checklist” contained in the SMART EC report.
- From the analysed-standards/best-practices, only the CSCC report provided the highest CRM coverage. However, we note that the CSCC report still has conspicuous gaps related to CRM’s elements such as choice of law and others as reported in ISO/IEC 19086-1/-4.
- It is also worth mentioning that, despite not being cloud-specific, the SLA template defined by ETSI in their “ETSI EG 202 009-3” report also shown a good coverage of the CRM elements. This was expected due to the fact that such template was referenced in ETSI’s “SLAs for Cloud Services” technical report.
From the performed analyses it may be noted that the contributed D2.3 CRM has the potential to improve cloud customers’ understanding related to SLAs, while at the same time providing good coverage of the elements included in these relevant standards/best practices. The most evident benefit of the CRM with respect to surveyed works is in the following groups:
General | Freshness | Readability | Credits
The table below summarizes the results of the performed gap analysis.
|CRM coverage to relevant standards (Yes/No)|
(Part 1 and Part 4)
|Cloud SLA checklist||Guide for Evaluating Cloud SLAs||C-SIG SLA Guidelines||ETSI’s cloud SLA template|
|Choice of law||No||No||No||No||No|
|Roles and responsibilities||Yes||Yes||Yes||No||Yes|
|Cloud SLA definitions||Yes||No||No||Yes||Yes|
|Previous versions and revisions||No||No||Yes||No||Yes|
|Nr. of pages||No||No||No||No||No|
|Service credits assignment||No||No||No||No||No|
|Maximum service credits (Euro amount) provided by the CSP||No||No||No||No||No|
|SLA change notifications||Yes||Yes||Yes||Yes||Yes|
|Service Levels reporting||Yes||Yes||Yes||Yes||Yes|
|Service Levels continuous reporting||No||Yes||Yes||No||Yes|
|Feasibility of specials & customizations||No||No||Yes||No||No|
|Specified SLO metrics||Yes||No||Yes||Yes||Yes|
|Cloud Service Performance SLOs||Yes||Yes||Yes||Yes||No|
|Service Reliability SLOs||Yes||Yes||Yes||Yes||Yes|
|Data Management SLOs||Yes||Yes||Yes||Yes||Yes|
|Personal Data Protection SLOs||Yes||Yes||Yes||Yes||No|