Well of course a rogue box can forge the id but that is the security aspect, the safety aspect is that the priority is hardware determined. Two different things.
And of course you can over-provision the network, except when you are already pushing the limits. If you are near the limit, how do you prove which goes on the bus? This isn't theoretical, we had this very problem (on ethernet, not CAN). So where CAN does what you need, I stand by my comment it is not a slam-dunk to replace it. Just putting in ethernet doesn't prove you will meet your real-time milestone when you HAVE to.