I don't disagree with your broad comment but it's not hard to fix by slightly dispersing the control/responsibility.
1. Electricity moves for 5/10 min clearing intervals with defined caps at either end (currently in Western Australia it's simply 2 intervals, peak & off-peak).
2. Expose the pricing/market data via API
3. Develop existing home automation frameworks/tools/device IOTs/routers to access that.
4. End user grants permission/configures it on their smart phone when they set their dishwasher and washing machine on set up ("would you like to enable this smart-go button by connecting to Wi-Fi? It could save you $150 per year").
No control ceded to third parties to turn on equipment whenever they want, just allows the end user to cue jobs for when the PowerCo anticipates lowest prices.
PowerCo not any more of a honeypot for attack, at least not more than they are now with control over critical generation/tx/dx infra.
If the devices are accessing a 3rd party API over the Internet to get this info, that control is still ceded, and attackers can still exploit vulnerabilities in all of these devices to attack large swaths of the network at once.
1. Electricity moves for 5/10 min clearing intervals with defined caps at either end (currently in Western Australia it's simply 2 intervals, peak & off-peak). 2. Expose the pricing/market data via API 3. Develop existing home automation frameworks/tools/device IOTs/routers to access that. 4. End user grants permission/configures it on their smart phone when they set their dishwasher and washing machine on set up ("would you like to enable this smart-go button by connecting to Wi-Fi? It could save you $150 per year").
No control ceded to third parties to turn on equipment whenever they want, just allows the end user to cue jobs for when the PowerCo anticipates lowest prices.
PowerCo not any more of a honeypot for attack, at least not more than they are now with control over critical generation/tx/dx infra.