This project is a lot like the millions of IoT projects and MOST of them are gigantic security leaks. You have an unprotected web port open to the universe with no real control over what happens to it. You might research IoT security. If the mothership can contact the web server, so can the kid living in his grandmother's basement.
I think I would spend more time worrying about security and less time worrying about the application. I don't know if SSH has been implemented on a low end uC and this alone might drive the project toward a Raspberry Pi and Linux. Since, presumably, there are a very limited number of authorized users who can contact the widget over the Ethernet, it might be worth developing a custom application for the users and using a very secure link.
An open Port 80 will be discovered in minutes. Use a firewall like SmoothWall and see how often your router gets hammered.
in the end, no matter what you do, somebody is going to break through your security. It may take minutes, it may take an hour but it won't take more than that. If what can be done over the Internet can result in a safety hazard, I would run away from this project as fast as my feet could take me. Somebody is going to get the blame when a user gets injured and liability insurance almost certainly woudn't cover the damages.