The invention discloses a power service message attack identification method and system based on service logic. The method comprises the following steps: determining a current state sequence of a power service; respectively determining a dangerous state sequence set and a safe state sequence set corresponding to the current state sequence according to the multi-point signal address sequence of thecurrent state sequence; determining the threat degree of the current state sequence according to the current state sequence, the dangerous state sequence set and the safe state sequence set; and whenthe threat degree of the current state sequence is greater than or equal to a preset security risk threshold, determining that the power grid is attacked by the power service message. According to the invention, a dangerous state sequence set and a safe state sequence set of power business logic are defined; according to the method, misuse detection and anomaly detection methods are combined, thethreat degree of the power service is evaluated, and whether the power grid is attacked by the power service message is determined according to the threat degree, so that the power service message attack is effectively identified, and the safe and reliable operation of a power industrial control system is guaranteed.