For many embedded systems, such as automotive electronic systems, security has become a pressing challenge. Limited resources and tight timing constraints often make it difficult to apply even lightweight authentication and intrusion detection schemes, especially when retrofitting existing designs. Moreover, traditional hard deadline assumption is insufficient to describe control tasks that have certain degrees of robustness and can tolerate some deadline misses while satisfying functional properties such as stability. In this work, we explore feasible weakly-hard constraints on control tasks, and then leverage the scheduling flexibility from those allowed misses to enhance system's capability for accommodating security monitoring tasks. We develop a co-design approach that 1) sets feasible weakly-hard constraints on control tasks based on quantitative analysis, ensuring the satisfaction of control stability and performance requirements; and 2) optimizes the allocation, priority, and period assignment of security monitoring tasks, improving system security while meeting timing constraints (including the weakly-hard constraints on control tasks). Experimental results on an industrial case study and a set of synthetic examples demonstrated the significant potential of leveraging weakly-hard constraints to improve security and the effectiveness of our approach in exploring the design space to fully realize such potential.