Single point of failure is a valid concern...
I'm seriously thinking about it for one of our lines here. It has about 8 or 10 CompactLogix PLCs, mostly lower end models. None of the machines can run if another is locked out anyway, so it would be a decent candidate for such an architecture, especially if we kept spares on hand in case of central PLC failure. With the undocumented spaghetti-pile of safety interlock wiring and random weird glitches that are probably caused by network overloading, I would dearly love to drop in a GuardLogix with several comm modules to isolate traffic and be done with it. Price & lead time, though...
What you are talking about is pretty much how most machines at Tesla Texas are designed; one PLC (Siemens 1500) with 6-18 'stations' (They use SICAR so they are called 'OpModes') and all remote IO/valve banks, etc. Like you said, they are all interlocked anyways into one line so its not like you can run anyways if any one of them goes out, so you are actually decreasing your chances of downtime by only having one PLC.
I always keep a recent backup and have a spare on hand. My backup even has the most recent program already loaded onto it so if it went down when I'm not available they could probably just swap it out. When is the last time you guys have had an actual PLC from the last decade go out on you? I haven't. Maybe as an integrator I might have one in a batch arrive DOA, but once they are up and running they last forever. Sure, I've seen IO modules on a rack go out, or the consequences of rack IO messing up the PLC, but I don't run PLC rack IO anymore... its all remote IO, valve manifold IO, etc.
Since PULS came out with those field DC PSU's and NTRON has those M12 (IP67 rated components) switches, I don't even do panel builds anymore. I hide the PLC in the HMI box too so I don't need a Grace Port or anything. If I do have to make a servo cabinet, its just a little box with an Eaton OLI sequestered disconnect... I've been doing that to all PDP cabinets since they came out with that line, but now with mostly Fanuc robots and EthernetIP devices, I barely build cabinets. Maintenance loves that everything is easy to see, out in the open, etc. No terminal strips to mess with for the most part, just M12 cables for almost everything.
I also prefer putting mGuards on all machines for remote access, and this can lead to some rather jenky networks if you have a dozen smaller PLC's to connect to. With one PLC, I have one mGuard to tunnel in with and just one port on one switch.
My 380ERMS2 cost around $12k and had a 9 month lead time. My understanding is that most 5069's are about that backed up now, and everything with CIP safety is 9-12 months out due to the CIP chip only being made by one place in Europe. My team wants to 'add a little station here, and another there' and not have to wait 6+ months for components. With the 'master PLC', I just grab some Turck blocks that I keep stock on (one safety block for E-Stop, door, etc. and the rest are typical EIP), M12 cables, an E-Stop button and whatnot, and away we go. Most of my devices other than servos are just 2-3 months out and most Fanucs are down to 2-3 months, so machines can get built quickly here now. It used to take a year from concept to build... now at least on the controls end I can slap something together in no time. Someone wanted a test station last month with a turntable and laser distance sensor: Once the little motor arrived a couple weeks later I had the controls on it and programmed within a week. If I had to build a whole traditional cabinet I'd still just be waiting on Saginaw.