The block device to be preserved by dumping a system image is usually (significantly) larger than necessary. As there are costs involved with the secure longterm storing of data it makes sense to try to reduce the image size as much as possible. Quite a couple of available procedures like filesystem defragmentation, image shrinking and the final removing of deleted data are identity transformations of a given filesystem. To prove this, if the dumping system has access to the given filesystem, it would make sense to generate metadata on every contained file and compare this to the metadata generated from the final virtual machine or emulator system file. The metadata could contain typical file information like creation, last access time, file size and a checksum. This data should not change under the aforementioned transformations.