Internet of Things (IoT) is a growing field and its use in home automation is one of the dominating application areas. The heterogeneity and limited capacity of storage and processing power make the security of IoT systems challenging. Besides, the end users lack security awareness and the system designers lack the incentives for building secure IoT systems. To address this challenge, we propose the notion of security classes to assess and present the security of complex IoT systems both for the end users and for developers. Furthermore, regulatory bodies can use our security classification method as a reference to derive requirements for adequate security. This report presents a security classification methodology and extends it for the Smart Home Energy Management Systems (SHEMS). We demonstrate its applicability by performing a systematic security classification assessment of an industrial SHEMS. Results show that the use of security classes is a good indication of the level of security, as well as a guide to improve the security of IoT systems. This technical report is a long version of the conference paper .