That's where I run into the question of "mindset". Obviously the folks who wrote Stuxnet wanted it to work on the control systems for the centrifuges. But it also looks to me like they took efforts to avoid harming other systems, to the point where someone using the same hardware for a completely different purpose could be infected, but not have to worry about anything. Someone launching an attack for the lulz probably wouldn't be too concerned about causing collateral damage, but again, I think these guys (whoever they were) tried very hard to avoid collateral damage.
There's also a second question that I have, and not just for you, Uptown. A lot of folks here have pointed out that in order to do real, substantive damage, a hacker would have to know the system he's attacking intimately. If a hacker can get something into your system, could he get, say, the ladder logic out? Being that I'm new to this, I take great pains to ensure that my rungs are commented in a way that my boss can see what I'm doing, and that there's a record for the future, so that someone who's working on my work after my co-op ends doesn't have to struggle to understand what my code is doing. That kind of annotated logic is probably good for the folks I work for/with, but it's also the last thing I'd want to see in the hands of a malicious actor.
Depending on the platform, the comments are typically not stored in the PLC. So an upload of logic, especially if it is extremely complex is going to be a challenge to understand what the process the system is controlling. And again, you introduce the need for human intervention to analyze the logic you stole, and human intervention to engineer specific logic to cause damage to this particular system....
----
Granted Stuxnet was designed for a "target" and most likely designed to prevent collateral damage...
I really question how capable it was at "masking" it's payload. I can't imagine that Stuxnet would have the ability to mask any and all of target logic ...on a complex system such as this I really feel (all opinion) that they knew the process, they knew how to damage it, and they knew they could mask this damaging code to the end user. I just don't believe they had the ability to mask the entire "target" code and completely replace all if it with any logic they wanted. Footprint of that would have to be massive in comparison with the target.
I think a true virus/malware that could dynamically learn a process, dynamically choose a "payload", and dynamically deliver that to the end user and keep it masked for a period of time would be extremely difficult to develop and deploy. Windows XP as an OS is extremely ubiquitous and makes a great target. With all the PLC brands, types and models out there, I think it would be an astonishing accomplishment to build something that could "adapt" to all the variables in the automation world.