1. The purpose of rooting is to give you an access level equal to the product's development team. Rooting is basically an unofficial way of doing exactly what the developers are doing on a daily basis. You can either consider that people are going to root and that the community adds value and bug fixes to your product by independent development (Android); or you can actively take measures to lock down root access and maintain a a gateway to development in the belief that this doctrine maintains a unified experience, protects security of intellectual material, and provides better overall security (Apple).
There's pros and cons to each side. With the Android thought, you are offloading a lot of your development burden onto the community and getting R&D, patches, and extending product life in return - for free. You take the risk of lowered security, but usually make it back because the community is a larger workforce with greater man hours and a vested interest in the product. They provide you with answers to problems you don't even know about as long as you listen.
With the Apple thought, you maintain a strong control on making the product do exactly what you want. This makes the product work exactly as expected, which can be easier for the user. However, your design has to be VERY good for the community to accept it. You also suffer in that you lock the community out from enhancing your product, so you HAVE to be the one coming up with all the ideas. Also, if the community finds a breach in your security, it can be devastating. Look at how much energy and money Apple pours into preventing jailbreaks.
I wouldn't be too worried about the 'break in security model' as you say, unless the Android platform becomes fraught with virii.
After all, consider that unix on your PC is essentially the same thing, and you request root access on it to install certain things.
2. I'll let someone else chime in with a better answer
3. with root access you don't need a custom ROM, you just need the ability to access root permission and a file browser that will get you to protected areas.
4. I'm not sure I'm thinking about the same stuff as you here. Rooting doesn't wipe anything from what I remember. Replacing the ROM does, but that's because the ROM 'installer' doesn't have anything to preserve user settings. I don't consider this weird since Windows didn't have a really decent migration package built into the installer until windows 8.
5. There's a counter that iterates. Research trianglemod for an example of this topic.
6. It's hard to say what the OEM has for tools without them releasing the tools to the public. They, of course, are going to have better tools than us. No, there is no read only partition that I'm aware of that contains a full ROM that you can dump back in place. I've gone so far as to fully wipe my Galaxy S3 to the point where it only had clockworkmod and a boot screen that never went away. If I went much further, I could probably brick the phone, requiring an external programming program. A full brick would remove interface to your PC, which I believe is a possibility.
7. A new OEM ROM update will do one of three things:
a. update the phone to the new ROM and most likely break all the apps
b. update the phone and wipe everything
c. partially update the phone to a state where it won't boot due to a corruption (I've been here, lol)
8. not sure what we are talking about here
9. Android is based on linux. Linux is designed with specific partitions to handle different tasks for storage, memory access, stuff like that. If you aren't happy with the design, you are free to do something else - you don't have to use Android on an Android phone, you can probably put FreeBSD or Slackware or something, or write your own kernel.