Back when I was doing crypto at the algorithm implementation level, I found the proceedings of the CHES[1] conference had a lot of good information on where the public state of the art was regarding side channel attack and defence.
Keep in mind that side channels are very much a moving target - an implementation that isn't vulnerable to a known attack today could fall to an attack discovered tomorrow. Unless you take extradinary measures to prevent physical measurements of your implementation and detect and respond to physical tamper events, some kind of attack (practical or not) will probably turn up during the useful life of an implementation, in my experience.
With small and/or low-cost devices, such physical countermeasures are usually impractical, so you have to take extra care on the HW/SW algorithm implementation side to avoid vulnerabilities.
Keep in mind that side channels are very much a moving target - an implementation that isn't vulnerable to a known attack today could fall to an attack discovered tomorrow. Unless you take extradinary measures to prevent physical measurements of your implementation and detect and respond to physical tamper events, some kind of attack (practical or not) will probably turn up during the useful life of an implementation, in my experience.
With small and/or low-cost devices, such physical countermeasures are usually impractical, so you have to take extra care on the HW/SW algorithm implementation side to avoid vulnerabilities.
[1] https://www.cryptoexperts.com/ches2015/index.html