Securing the network interfaces of industrial control systems is critical for protecting critical infrastructure like water treatment plants and nuclear centrifuges from potential attacks. A key strategy to mitigate risks of successful attacks is to identify and close vulnerabilities exploitable through network interfaces using testing techniques such as fuzzing. While established techniques exist for graybox fuzzing, which requires access to system binaries, industrial components often require blackbox testing due to the use of third-party components and regulatory constraints. We propose Palpebratum, an approach leveraging Hidden Markov Models to approximate missing information in blackbox testing. We evaluate Palpebratum’s performance in terms of code coverage, comparing it with two baseline blackbox fuzzers and the graybox fuzzer AFLnwe. Our results indicate that Palpebratum significantly outperforms one black-box fuzzer, achieving an average of 4,379.33 basic blocks compared to 4,307.60 (p-value < 0.001). For the second blackbox fuzzer, Palpebratum achieves comparable coverage but with only half the number of test cases, demonstrating effectiveness despite the Hidden Markov Model’s overhead. These findings suggest that Palpebratum enhances blackbox test cases generation and underlines the importance of an efficient implementation to offset the added overhead.