In the olden days...
I used to work in industrial automation some 20 years ago. Back then, PCs were considered totally unreliable, justifiably so. The typical PC running Windows 3.x behaved pretty much like typical malware infected PC of today: Slow and chrasheable. That's why PCs were used mostly for display and data logging, while critical processing was done by microcontrollers and PLCs. When critical commands had to be entered via display, keyboard & mouse, dedicated computers were used.
In any case, PLCs & microcontrollers were programmed not to trust the SCADA entirely, to reject commands, which could cause direct damage. As a matter of fact, all computers were considered a bit unreliable, including PLCs. Consequently, electomechanical failsafes were placed wherever possible. It was nearly impossible to cause serious damage to the well designed system via SCADA alone.
I sure hope the same philosophy still holds today. Especially in that Iranian nuclear power plant Stuxnet is allegedly targeting.
