This morning during one class of mine, I discussed about Software Security. The main topic was Software-Engineering-Security, that is the art of building secure applications. After some hours I understood that students didn’t understand what I was talking about. That was shocking. Suddenly I remembered that are available plenty ontology dictionary around the world so I started a little web research on that topic which produced:
2) Security Ontology
I think that these are great results but are they complete ? Can you really map everything is necessary to explain security issues ? For instance a vulnerability is a particular kind of bug, can you explain that using the previous ontologies ?