Industrial　control　systems　(ICSs)　have　many　vulnerabilities　owing　to　the　lack　of　protective　measures.　Once　exploited,　such　vulnerabilities　can　result　in　significant　economic　loss　and　security　concerns　because　an　ICS　controls　the　entire　production　process.　Although　fuzzing　is　a　prevalent　technique　for　finding　potential　vulnerabilities,　current　approaches　have　the　disadvantages　of　blind　mutations　and　low　efficiency　in　vulnerability　mining.　In　this　study,　we　propose　a　personalized　fuzzing　method　for　ICS　protocols　based　on　non-critical　field　mutations　and　test　case　combinations.　In　our　approach,　we　select　appropriate　protocol　fields　for　personalized　mutations　based　on　the　information　entropy　of　each　output,　which　can　increase　the　diversity　of　test　cases　while　preserving　their　availability.　We　developed　a　novel　test　case　sending　method　that　improves　the　efficiency　of　finding　specific　vulnerabilities　by　grouping　related　test　cases.　Our　approach　also　introduces　a　detection　method　based　on　expected　message　validation　to　locate　triggered　vulnerabilities　quickly.　Compared　to　Peach　and　Boofuzz,　our　method　improved　the　test　target　anomaly　rate　by　63.53%　and　34.95%,　respectively,　and　found　one　0-day　vulnerability　and　five　n-day　vulnerabilities.　©　2024　Elsevier　Ltd