Application Threat modeling can be applied to a wide range of things, including software, applications, systems, networks, distributed systems, things in the Internet of things, business processes, etc. Process Flow Diagrams are used by Application Threat Models.There are very few technical products which cannot be threat modeled; more or less rewarding, depending on how much it communicates, or interacts, with the world. Application Threat modeling can be done at any stage of development, preferably early - so that the findings can inform the design.
Hence Correct Answer is a) Application Threat Models