The interconnection of measurement devices in the paradigm of the Internet of Things has led to a significant increase in the amount of shared data but, at the same time, has increased system’s vulnerability to cyber-attacks aimed at stealing confidential information and/or damaging the system. Countermeasures have been proposed to mitigate these security risks, such as authentication procedures and cryptographic algorithms. In both cases, however, passwords and cryptographic keys are stored in a non-volatile memory (NVM), that can be hacked to disclose the confidential information.

Physical unclonable functions (PUFs) can be adopted as an alternative to NVMs for the generation of secure codes, exploiting the device parameters variations induced by the production process. Among the different PUF architectures, ring oscillator (RO) PUFs are very popular, since they feature a simple structure and can be easily implemented on FPGAs. In their standard implementation, RO PUFs output code is generated by comparing the oscillation frequencies of the periodic signals of different ROs. However, alternate solutions have been proposed in the literature, such as those comparing the duty-cycle of the periodic signals of different ROs. This solution improves the PUF reliability, but the number of generated output codes remains the same.

In this paper, the feasibility of using both the oscillation frequency and the duty-cycle of the periodic signals of different ROs to generate the PUF output code is demonstrated. The correlation between the oscillation frequency and the duty-cycle of a RO PUF is evaluated by means of Spice simulations, as well as by experimental measurements. The results have shown that the oscillation frequency and the duty-cycle of a RO PUF feature a weak correlation and, therefore, can be used to increase the number of output codes of the PUF device, with benefits in terms of increased security.