Cyber Physical Systems are systems controlled or monitored by computer-based programs, tightly integrated networks, sensors, and actuators. Trains, aircrafts, cars, and some medical equipments are examples of complex CPS. Software development of complex CPS has become so difficult that it represents most of the cost of CPS production. According to domain experts, this trend is going to reach a point where software development would represent the main source of cost of a CPS production. In addition, it is interesting to note that the integration, verification and validation of software in CPS require more efforts than the analysis, design, and implementation activities. The main reason is that these activities are conducted late in the development process and issues discovered at this stage of the process will require to rework artifacts produced in the previous activities (i.e. analysis, design and/or implementation). In this document, we present our work aiming to improve the reliability of software development in the domain of CPS. In this context, we define the reliability of the development process as its capacity to deliver intermediate artifacts for which the rework effort would be as small as possible. This problem is very difficult for general purpose software (i.e. used on desktop computers or servers), and even more difficult for software in CPS. The main reason is that software in CPS is often critical, real-time and embedded on domain specific execution platforms. As a consequence, non-functional properties (also called quality attributes) of software applications in CPS are often as important and difficult to satisfy as the logical correctness of these applications. In order to the improve the reliability of software development in the domain of CPS, we propose a Model Driven Engineering (MDE) method based on step-wise refinements of software architecture descriptions (also called architectural models). An architecture description being an abstraction of the software being developed, the implementation of this software (i.e. source or binary code) is an interpretation of the architecture model. In the framework we propose, such interpretations are automated using model refinements, i.e. model to model transformations lowering the abstraction level of the architecture description. However, models interpretation may introduce faults such as bugs or invalidation of nonfunctional requirements. It is hence necessary to control as much as possible the correctness, consistency, and optimality of artifacts produced along the model refinement steps. To reach this objective, we propose to 1. define model transformations so as to interleave refinement steps with analysis of the resulting artifacts. We thus improve the consistency between the analysis results and the software implementation by analyzing models as close as possible to the implementation. 2. define timing analysis and real-time scheduling techniques to ensure the correctness of software architectures from a timing perspective. 3. formalize model transformations in order to ensure their correctness using formal verification techniques. 4. compose model transformations in order to automate the search for optimal (or nearoptimal) architectures. The work presented in this document is thus at the frontier among different research domains: MDE, real-time systems scheduling, formal verification, and operational research. In this work, we chose to rely and extend the Architecture Analysis and Design Language (AADL) to model the cyber part of CPS. The reasons for this choice are simple: Firstly, AADL is a standard and a domain specific language for real-time embedded systems. Secondly, It allows to represent software architectures with different abstraction levels. Last but not least, AADL supports different types of models of computations communications, some of which being deterministic. As a guideline for our work, we developed the methodology we propose in a MDE framework called RAMSES (Refinement of AADL Models for the Synthesis of Embedded Systems). This document presents both the methodology and some illustrations of its implementation in RAMSES.