Observability and ISO/IEC 22123-2:2023

Standards discussed:

• ISO/IEC 22123-2:2023 Information technology — Cloud computing Part 2: Concepts

ISO/IEC 22123 part 2 describes the concepts relevant to cloud computing. Parts 1 and 3 cover vocabulary and the reference architecture respectively. Whilst many of the standards do not call out observability explicitly they do include reference to the concepts. This discussion is provided to briefly show how observability plays a crucial role in ensuring that cloud services are performing as expected and meeting the needs of both the Cloud Service Consumer (CSC) and the Cloud Service Provider (CSP). Observability encompasses the monitoring, analyzing, and interpreting of system behaviors and performance indicators, which are critical for maintaining service quality, security, and operational efficiency. 

1. Monitor Service Quality

The activity of monitoring the service involves tracking the performance and quality of the cloud services provided by the CSP to the CSC. This activity ensures that the service is meeting the agreed-upon levels in the Service Level Agreement (SLA) between the CSC and CSP. Observability is integral to this process, as the process requires:

• Tracking usage: Monitoring how much the service is being used, and by which users, ensures that resource consumption aligns with expectations and avoids misuse.
• Service Integration Monitoring: Observing how well the cloud services integrate with the CSC’s existing ICT systems helps ensure business objectives are being met, identifying any disconnects between the cloud service and on-premise systems.
• Defining and measuring performance indicators: Key indicators such as service availability, outage frequency, mean time to repair, and provider responsiveness are established, and observability tools ensure these metrics are continuously measured and analyzed.
• Archiving indicator data: Storing performance data for historical analysis is crucial for future troubleshooting and auditing.
• Service comparison: Comparing actual service performance with the agreed-upon service levels allows for the identification of gaps or issues in service delivery.

2. Service Trial and Testing

Before full-scale deployment, CSC can engage in a service trial to test the suitability of the CSP’s services for their business needs. During this phase, observability can help monitor how well the cloud service performs in real-world scenarios. Key activities include:

• Provisioning and authentication: Ensuring secure access through user credentials and authenticating the CSC before they begin using the trial service.
• Testing the service: Observability during the trial ensures the service meets performance and business requirements, providing valuable data to assess if the service is fit for use.

3. Administering Service Security

Observability is essential for the CSC to ensure that their data is protected within the cloud. This includes monitoring security policies, ensuring compliance with backup and recovery plans, and defining encryption methods. Observability tools can:

• Monitor encryption technologies applied to data at rest and in motion to prevent unauthorized access or tampering.
• Track the execution of backup and failover plans to ensure data integrity and availability, particularly in disaster recovery scenarios.

4. Handling Problem Reports

If issues arise during the use of cloud services, observability plays a significant role in the CSC’s ability to handle problem reports. The process includes:

• Impact assessment and troubleshooting: Observability tools help assess the scale and impact of the problem, identifying the root cause and enabling quick troubleshooting.
• Tracking problems with the CSP: Problem resolution is tracked, with observability tools ensuring that each issue is addressed within the agreed-upon timescales, and escalated if necessary.

5. Provide Billing and Usage Reports

Observability is not only about monitoring service performance but also about tracking the usage and billing aspects of cloud services. By integrating observability into the cloud system, CSC can:

• Continuously monitor resource consumption and service usage, which informs billing and invoicing processes. This ensures that usage data is accurately reflected in the reports provided to the CSC business manager.
• Ensure that the billing aligns with actual service consumption, avoiding overbilling or underbilling, and providing transparency into how cloud resources are utilized.

Conclusion

In cloud computing, observability is essential for maintaining a seamless, secure, and efficient relationship between the CSC and CSP. By providing detailed insights into service performance, security, and usage, observability ensures that cloud services meet business requirements, remain secure, and deliver the expected outcomes. Whether it's monitoring service quality, administering security, handling problems, or managing billing, observability helps ensure that cloud computing environments are reliable and perform optimally for all stakeholders involved. ISO/IEC 22123 part 2 describes these cloud computing concepts but the application of observability can provide a strong contribution to the enhancement of quality.