Cyber–Physical Systems (CPS) are becoming increasingly ubiquitous and serve as a platform for connecting vast majority of everyday devices to the Internet. Traditional computer-based security systems are not preferred in CPS devices due to limited storage, security issues, and computation power, thus necessitating the demand for efficient and secure computation techniques that would ensure robust CPS platforms. In this paper, we proposed a lightweight Public Key Infrastructure (PKI) scheme that can be used in CPS devices. Conventional PKI systems are characterized with three resource-intensive processes, namely, key generation, certificate validation, and certificate revoking. The proposed method uses Physical Unclonable Function (PUF) to simplify the key generation process and introduces the session key concept to address the other two limitations, viz., certificate validation and revoking. In addition to this, the proposed method addresses some crucial security needs of the PKI scheme, such as node registration, strong random number generation, defining trust relationships among the different “thing” nodes. Additionally, PUF-based trust relationships require reduced infrastructural setup, lesser power, and storage capacity while also incorporating Elliptic Curve Cryptography (ECC) for asymmetric key pair generation. The proposed method has been realized using a Dynamic Random Access Memory (DRAM)-based PUF. The experimental result proves the technique’s efficiency compared to the state-of-the-art methods with a 4–7 times, consuming 5–10 times, lesser energy.