According to International Electrotechnical Commission (IEC) 61850-90-4, most smart grid substations are designed with redundancy in order to improve their availability in case of failures. Redundancy usually takes the form of having multiple subsystems with identical functionality based on the assumption that failures in one subsystem are isolated from other subsystems. However, this is not necessarily true in the case of failures caused by malicious attacks, because attackers can easily reuse their skills and tools across different subsystems under similar configurations. Taking this into consideration, this article introduces the factor of security (FoS) metrics to quantify the security effectiveness of redundant subsystems in smart grids. Specifically, we first apply the attack graph model to capture various threats in smart grids and substations; we then formally define the FoS metric and the probabilistic FoS metric, and finally we evaluate those metrics through simulations.