Abstract: In order to provide intuitive and quantitative cyber security risk value for substation system and improve cyber security risk control and operation and maintenance ability, this paper proposes a substation cyber security risk assessment method based on business association model. Based on the analysis of the characteristics of substation network, the index system, system framework and analysis method in the risk assessment model are given. Then the analytic hierarchy process based on business association model is used to give the theoretical calculation method and specific implementation method. Through the classification of network equipment in substation, the classification of various equipment services and the analysis of various service threats/vulnerabilities, the risk value of the whole network is obtained by layer by layer weighting method, and the problem of multi-source fusion in implementation is discussed. Through the collection of existing substation data, the visualization and traceability of cyber security risk can be realized. Finally, the feasibility of the theory and the practicability of the technology are verified by engineering application.