Like any other industry sector, the electrical power industry is facing challenges involved with the increasing demand for interconnected system operations and control under the restructured electrical industry due to deregulation of the electrical market and the trend of the Smart Grid . This moves automation networks from outdated, proprietary, closed networks to the more current arena of Information Technology (IT). However, while gaining all of the cost and performance benefits of IT, existing IT security challenges are acquired as well. The power grid automation network has inherent security risks due to the fact that the systems and applications in the network were not originally designed for the general IT environment. In this paper, we propose a conceptual layered framework for protecting power grid automation systems against cyber attacks. The following factors are taken into account: 1) integration with existing, legacy systems in a non-intrusive fashion; 2) desirable performance in terms of modularity, scalability, extendibility, and manageability; 3) alignment to the “Roadmap to Secure Control Systems in the Energy Sector” [12] and the future intelligent power delivery systems [2,3,11]. The on-site test result of the system prototype is briefly presented as well.