Smart meters operate based on their firmware ruling the hardware. The firmware occasionally needs to be updated to fix bugs and improve the services. Since the smart meter firmware is proprietary, the update file should be communicated to the smart meters in a secure way. In addition, the firmware update may target a specific subgroup of the smart meters rather than all of them in which case access control is required. In this paper, we address the problem of updating the smart meter firmware securely in an IEEE 802.11s-based AMI network and develop a secure and reliable multicast-over-broadcast protocol by making use of ciphertext-policy attributebased signcryption (CP-ABSC) to provide not only confidentiality and access control but also message authentication. CP-ABSC is employed to signcrypt both the firmware update file and the firmware update request based on an access tree such that the signcrypted update file and request can be designcrypted by the smart meters possessing the attributes that can satisfy the access tree. The preliminary tests showed that increased size of the request due to signcryption reduces reliability of the protocol. Therefore, we employ random linear network coding along with CP-ABSC in order to increase the reliability and use the bandwidth and processing resources efficiently. We assessed the performance of the proposed protocol under ns-3 network simulator. The simulation results have shown that the protocol can accomplish the process of downloading a firmware update without needing any human intervention while consuming less bandwidth when compared to a baseline that employs unicasting.