Abstract: Based on adaptation of architecture tradeoff analysis method (ADAM)，a safety-centered architecture design method was proposed for integrated modular avionics (IMA) software. Hazardous scenarios were used to evaluate the safety property of a designed IMA software architecture. Prevention, elimination or minimization actions to fateful hazards were derived. Contracts were used to document all the constraints which should be met in the next refined process of IMA software architecture. With the method, it will eliminate or reduce design bugs in the IMA software architecture, especially those that will contribute to hazards of the IMA system or fighters.

Key words: Software architecture, Software safety, Safety requirements, Integrated modular aviorucs(IMA)，Architecture tradeoff analysis method(ATAM)