> Why is encrypting train control signals a good idea?
Because someone might like to mess with train signals, and in the off chance that some weakness is found in the MAC/signature scheme you're using, forcing an attacker to guess at which messages they're manipulating and how will make their attack more difficult.
If you're working with a networked application, even if it's on a non-public network, you should be asking yourself "why not encrypt?" instead of "why encrypt?". This is doubly true of critical infrastructure that's expensive and slow to replace.
Because someone might like to mess with train signals, and in the off chance that some weakness is found in the MAC/signature scheme you're using, forcing an attacker to guess at which messages they're manipulating and how will make their attack more difficult.
If you're working with a networked application, even if it's on a non-public network, you should be asking yourself "why not encrypt?" instead of "why encrypt?". This is doubly true of critical infrastructure that's expensive and slow to replace.