Abstract: In the power system, the deepening of the information level and the expansion of the network scale make the risk assessment work of the substation more difficult, and the problems exposed in the network transmission process are also increasing. How to quantitatively evaluate the safety problems in substations is a challenge. In this context, this paper combines the characteristics of software-defined network (Software Defined Network, SDN) data and control separation to construct a software-defined substation architecture under centralized control and flow control. Secondly, an improved attack graph risk assessment method is proposed, and the concept of sensitivity is introduced to realize quantitative evaluation. The experimental results show that the method can better realize the quantitative assessment of the safety risk of the software-defined substation.