CapinWinky,
If you have any sources about Stuxnet attacking S7 PLC vulnerabilities, I'd be really curious to read them.
Everything I've seen suggests that the virus was on the Engineer's computer, and modified the S7 download driver such that in certain cases it downloaded some extra code. It also hid that code when the engineer went online with the PLC. The PLC executed exactly the code that was downloaded to it, I don't even think a replay attack was involved.
I also haven't heard of any drive firmware issues associated with Stuxnet. The virus was created to physically destroy the centrifuges via the VFD, but I think that was related to harmonic frequencies, or some other physical phenomemon caused by the hidden changed setpoints, not the drive software.
There were numerous windows vulnerabilies exploited to get the virus onto the engineering station, as well as the hardcoded SCADA passwords. I'm not saying the S7 plc's have had zero security flaws, but I've never heard of any of the stuxnet virus actually used. To me, what the PLC's lacked was diagnostics capable of telling the engineering team that the code in the PLC didn't match what it used to, perhaps via signatures or some other means.
Jesper,
I also don't recognize the architecture in the slides. I saw numerous mentions of Motion control and Axis, so perhaps it is referring to Simotion?
Also, I think Siemens does have their own realtime operating system, RMOS, so I've always wondered why they used the Ardence/IntervalZero RTX for their softPLC.