As evidenced by the recent cyberattacks against Ukrainian power grids, attack strategies have advanced and Stuxnet-like malware agents will continue to emerge. Currently, the measures to audit the critical cyber assets of power infrastructure do not provide a quantitative guidance that can be used to address security protection improvement in the audit process. Investing in security protection is often limited to compliance enforcement on the reliability standards. Technologies could provide more security logs to automate the assessment of the ongoing health of cyber systems.