Nowadays, mobile and embedded cyber-physical systems are ubiquitous and can be found in many industrial applications, ranging from industrial control systems, modern vehicles, to critical infrastructure. These smart mobile devices consistently generate, process and exchange a large amount of security-critical and privacy-sensitive data, which makes them as attractive targets of cyber attacks. The prevention of these cyber attacks against smart mobile devices in Industrial Internet of Things (IIoT) systems is very crucial, as they may cause physical damage or even threaten human lives. Moreover, group-oriented communications are playing an important role in IIoT and they have been widely used in various industrial areas for data gathering and area monitoring. However, due to the open nature of wireless channels and resource-constrained feature of sensor nodes, how to guarantee that the sensitive data collected by the sensors is only accessible by valid group members becomes a critical challenge in the IIoT environment. Recently, secure and efficient group communications for IIoT systems have attracted more and more attentions from both the academia and the industry. Membership authentication ensures that all users are legitimate group members, and group key agreement enables a group of users to negotiate a session key so that the group-oriented communications can be protected using cryptographic primitives thereafter. In this paper, we propose a novel solution for the above problem using a symmetric bivariate polynomial, in which membership authentication and group key establishment can be achieved simultaneously. Each member just needs to store a univariate polynomial, and they can generate pairwise keys without interaction. Then, each member mixes his/her input with the pairwise keys with other members and broadcasts the encrypted value. After collecting all these released values, each member can compute the group key. Our proposed scheme is more efficient in computations and communications, compared with the existing solutions in the literature. This design is suitable for efficient membership authenticated group key establishment in IIoT.