SecureCore is a multicore-based intrusion detection architecture for real-time embedded systems. It uses timing-based behavior monitoring to detect intrusions on the monitored core by profiling the expected timing of applications and checking for deviations during runtime. The SecureCore architecture includes a timing trace module to collect execution traces, a secure monitor to build timing profiles and detect anomalies, and a scratchpad memory for isolation between cores. Evaluation shows this approach can effectively detect malicious modifications to real-time control applications with low performance overhead.