Industrial control systems (ICSs) are distributed complex cyber physical systems (CPSs). The core parts of ICSs are usually ultimate targets of attackers but being protected strictly and difficult to attack directly. Attackers tend to take cyber-physical attacks via multiple attack-steps from outer nodes with less protection. Then, threats propagate from one node to another until reaching the core assets or being detected. This paper develops a unified methodology which can model and analyze the cyber-physical attacks on ICSs quantitatively and automatically. We define the weighted colored Petri net and propose the basic cyber-physical attack models. Second, we propose the method to calculate the weights in attack models by modeling threat propagation between two nodes as mixed-strategy Bayesian attack-defense game with incomplete information and solving the refined Bayesian Nash Equilibrium. Results show that weights in the cyber-physical attack model (CPAM) are nearly stable even when parameters change. Moreover, we build threat propagation matrix and security state vector and further design the cyber-physical attack path analysis algorithm which can discover possible attack paths with specific attack losses. The case study verifies our methodology and evaluations show that our methodology has good time performance within limited node number. This work can help protect ICSs more efficiently.