I guess to be more exact, Stuxnet didn't break anything, but the PLC payload it delivered was designed to damage centrifuges, and that would have been the module under test in that QA environment

Wasn't it actually about spoiling the whole stock of Iranian's Uranium by applying damaging amounts of centrifugal force to it? I'm probably wrong about that, just asking.

the payload had a few modes of operation, IIRC

one was to spin it far faster than it should, then stop abruptly in an attempt to damage the centrifuge

one was to run it at the wrong RPM to spoil the product of the centrifuge

in either mode, it would replay 'good' data to make the centrifuge look functional to an administrator

the way I understood, a 'bonus goal' was to keep the Iranians unable to diagnose what was going wrong, both with their production process (producing bad stock) and the failures (promoting distrust in their engineers) - i can't find an article right now, but I remember reading they were churning through site engineers at the time - presumably firing them for the on-site failures of centrifuges or their inability to stop them