Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.


Between Physical and Sofware: Fault Attacks, Side Channels, and Mitigations

Graz University of Technology via edX


In this course, we build upon the knowledge we built up on cache side-channel attacks and transient-execution attacks, as well as the side-channel and security mindset. We again go beyond software-based side-channel attacks and now study software-based fault attacks. Fault attacks (sometimes also called active side-channel attacks ) are an incredibly powerful means to attack a system. Instead of just leaking secrets from an application or device, fault attacks actively manipulate the application or device to induce incorrect behavior which lets the attacker again leak secrets or fully take over control and subvert the application or device. We will look at fault attacks that can be triggered from software, namely Rowhammer and Plundervolt. We will then draw the connection between these attacks and transient-execution attacks that share some similarities. You will implement some of these attacks yourself and learn how they are mitigated.


- Episode 1: Sledge Hammer!

Attackers can fault hardware from software using Rowhammer.

- Episode 2: Under Voltage

Plundervolt similarly can induce faults.

- Episode 3: Load Value Inception

Injecting false values also works in the transient domain and without any physical fault.

- Episode 4: Power Leakers

Software exposes power consumption interfaces, enabling leakage.

- Episode 5: Hardware Leaks and Software Leaks

The page cache can be used for attacks similar to hardware caches.

Taught by

Daniel Gruss


Start your review of Between Physical and Sofware: Fault Attacks, Side Channels, and Mitigations

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.