Homogeneity? You would be hard-pressed to find a Microsoft OS on any controlling system in a power plant. Most high-availability (HA) sites like power plants utilize hardened Linux kernels with very specific instruction libraries for only the programs being used on those systems.
And as a note, Windows is not solely the issue with IT security. MS plugged a lot of holes (and ruffled a lot of feathers) with their new OS kernel by prohibiting direct access without user approval (UAC and DEP, for instance). The issues come into play when users errantly click on approve in this dialog box without knowing what the program is going to do.
It is not the prettiest way to do things, but for what it does, the Windows OS is highly functional if not bloated.
Gratutious ignorant Windows-bashing aside, Stuxnet is a worm - the vulnerability is in the the application, not the OS, so it doesn’t really matter what OS it’s running on.