This work addresses the lack of systematic analysis and evaluation of fault injection attack techniques. We propose a hierarchical, beginner-oriented taxonomy covering major injection dimensions—including timing, power, electromagnetic, and laser—and unify their attack models and implementation constraints. Through reproducible experiments and multidimensional cost-benefit analysis—assessing hardware overhead, success rate, repeatability, and stealth—we conduct the first cross-tool evaluation of 12 state-of-the-art fault injection methods and platforms. Our findings reveal critical bottlenecks in controllability and automation across existing tools. To address these, we introduce two practical innovations: a lightweight trigger mechanism and a cross-platform validation framework. The study delivers an actionable learning pathway for security practitioners and identifies high-fidelity modeling and AI-driven injection as pivotal research directions for the academic community.

Fault Injection is the study of observing how systems behave under unusual stress, environmental or otherwise. In practice, fault injection involves testing the limits of computer systems and finding novel ways to potentially break cyber-physical security. The contributions of this paper are three-fold. First, we provide a beginner-friendly introduction to this research topic and an in-depth taxonomy of fault injection techniques. Second, we highlight the current state-of-the-art and provide a cost-benefit analysis of each attack method. Third, for those interested in doing fault injection research, we provide a replication analysis of an existing vulnerability detection tool and identify a research focus for future work.