This report by the Office of Cyber and Infrastructure Analysis of the U.S. Department of Homeland Security (DHS) analyzes the potential cybersecurity risks related to the infrastructure technologies of “Smart Cities,” defined to be “urban centers that integrate cyber-physical technologies and infrastructure to create environmental and economic efficiency while improving the overall quality of life.” Whereas the cyber and physical realms were previously largely separate, with the security risks and associated consequences in each realm having been studied and (to a degree) understood, the integration of these two worlds in the concept of the Smart City results in uncertain threats, consequences, and defense/mitigation strategies. Three particular areas of Smart City infrastructure are analyzed in the document in depth: (1) the Transportation Systems Sector, (2) the Electricity Subsector, and (3) the Water and Wastewater Systems Sector. These areas are further divided into specific technologies, which include autonomous vehicles and intelligent transportations systems for area (1), smart power-generation plants for area (2), and smart water treatment for area (3). For each technology, example vectors of attack are described, and a discussion of technology vulnerabilities and consequences is also given. Despite the variation in the security challenges that will be faced by different cities as they integrate Smart City technologies (due to each city’s unique digital, infrastructural, and geographic properties), the authors of the report find some important high-level themes that characterize all Smart City transformation processes. These are (1) changing seams, or the shifting or disappearance of divisions between different types of control or business systems that may increase the number of vulnerable access points; (2) inconsistent adoption, or the fact that different cities will adopt technologies at different rates, creating “blind-spots” and making it difficult to develop a uniform set of security policies; and (3) increased automation, which has diverse consequences including human skill atrophy and the unintended loss of manual overrides.