Information and Communications Technology (ICT) supports the development of novel control and communication functions for monitoring, operation, and control of power systems. However, the high-level deployment of ICT also increases the risk of cyber intrusions for Supervisory Control And Data Acquisition (SCADA) systems. Attackers can gain access to the protected infrastructures of the grid and launch attacks to manipulate measurements at the substations. The fabricated measurements can mislead the operators in the control center to take undesirable actions. The Intrusion Detection System (IDS) proposed in this paper is deployed in IEC 61850 based substations. The proposed IDS identifies falsified measurements in Manufacturing Messaging Specification (MMS) messages. By cross-checking the consistency of electric circuit relationships at the substation level in a distributed manner, the falsified measurements can be detected and discarded before the malicious packets are sent out of the substations through DNP3 communication. A cyber-physical system testbed is used to validate the performance of the proposed IDS. Using the IEEE 39-bus test system, simulation results demonstrate high accuracy of the proposed substation-based intrusion detection system.